Age | Commit message (Collapse) | Author |
|
Right now we have multiple restart helpers (e.g. dhcp server, ssh, ntp) that
all do the same (more or less):
* Check if service is configured on CLI
* Restart if configured
* Error out if unconfigured
This is not available via the op-mode API. Create a new restart.py op-mode
helper that takes the service name and possible VRF as argument so it's also
exposed via API.
(cherry picked from commit c74ae852152b0c3c3f00a1847d081d28f500e178)
|
|
We don't use ipsec.secrets anymore
Fix op-mode for "show vpn ike secrets".
Ability to get "RAW" format
|
|
|
|
Now 'show vpn ipsec remote-access' shows only IKEv2 Remote access
VPN IPSec connections.
Added option 'summary' that shows a summary table for
these connections.
Added option 'detail' that shows only RA SAs output of 'swanctl -l'
Added options 'username' and 'connection-id' that filters output.
Fixed output 'show vpn ipsec sa detail', the previous was
'show vpn ipsec sa verbose'.
|
|
Fixed 'reset vpn ipsec profile' command
using vici library and new op-mode style.
Added ability to use 'reset vpn ipsec profile' command
with 'remote-host' option.
|
|
1. Rewritten CLI of 'reset vpn' commands.
2. Created 'reset vpn ipsec remote-access' commands to reset
RA IKEv2 session.
3. Created 'reset vpn ipsec site-to-site all' command to reset all
configured IPSec site-to-site peers sessions.
4. Rewritten 'reset vpn l2t|pptp|sstp' commands to
new opmode style.
|
|
1. Changed reset IPSEC, IKE SAs to use vici library.
2. Created package vyos.ipsec to communicate with vici library.
|
|
|
|
Fixed 'reset vpn ipsec-peer {peer}' command.
The op-mode script uses value 'None' in the 'tunnel' parameter
to clear all CHILD SAs.
|
|
Add op-mode CLI "show vpn ipsec connections"
Add the ability to show all configured connections/tunnels and
their states.
Ability to get --raw data
|
|
|
|
Rewrite op-mode "show vpn ipsec sa" to new format
Use vyos.opmode format
Ability to get raw and formatted output
|
|
ipsec: T4568: Fix debug IPsec peer op-mode
|
|
Debug Connections for a peer wasn't checked because of typo
in var `conns`
Replace ':' to '-' for IPv6 peers
|
|
When we use IPv6 peer we need to make a replacement ":" => "-"
for correct resetting as it doesn't match get_peer_connections()
regex
Use new format "vyos.opmode"
|
|
|
|
|
|
|
|
Remove python3-crypto dependency.
|
|
|
|
|