| Age | Commit message (Collapse) | Author |
|---|
|
for cases when commands need both fixed and variable arguments
|
|
Certbot renewal command in op-mode "renew certbot" only works if any of the
certificates is up for renewal. There is no CLI option to forcefully renew a
certificate. This is about adding a force option to the CLI and with this
addition move the entire certbot renew handling to new-style op-mode commands.
vyos@vyos:~$ renew certbot force
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /config/auth/letsencrypt/renewal/vyos.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Renewing an existing certificate for vyos.io
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations, all renewals succeeded:
/config/auth/letsencrypt/live/vyos/fullchain.pem (success)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Hook 'post-hook' ran with output:
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
|
|
op-mode: T7541: convert duplicate nodes and tag nodes to standalone tag nodes
|
|
op-mode: T7543: move "clear interfaces <type> [name] counters" to "clear interfaces counters [type] [name]"
|
|
journald
|
|
T7432: RPKI VRF Support
|
|
where it is possible without changing the command syntax
|
|
interfaces counters [type] [name]"
|
|
op-mode: T7540: move "clear interface connection" to "reset connection"
|
|
|
|
dmbaturin/T7527-eliminate-embedded-op-mode-shell-snippets
op-mode: T7527: move assorted embedded shel snippets to script files
|
|
|
|
|
|
op-mode: T7509: add "detail" and "wide" modifier for BGP advertised-routes|received-routes
|
|
op-mode: T7459: eliminate direct use of sudo in op mode commands
|
|
|
|
show ip bgp neighbors <ip> received-routes [detail [wide]|wide]
show bgp neighbors <ip> received-routes [detail [wide]|wide]
show bgp ipv4 neighbors <ip> received-routes [detail [wide]|wide]
show bgp ipv6 neighbors <ip> received-routes [detail [wide]|wide]
show bgp vrf <name> neighbors <ip> received-routes [detail [wide]|wide]
show bgp vrf <name> ipv4 neighbors <ip> received-routes [detail [wide]|wide]
show bgp vrf <name> ipv6 neighbors <ip> received-routes [detail [wide]|wide]
|
|
show ip bgp neighbors <ip> advertised-routes [detail [wide]|wide]
show bgp neighbors <ip> advertised-routes [detail [wide]|wide]
show bgp ipv4 neighbors <ip> advertised-routes [detail [wide]|wide]
show bgp ipv6 neighbors <ip> advertised-routes [detail [wide]|wide]
show bgp vrf <name> neighbors <ip> advertised-routes [detail [wide]|wide]
show bgp vrf <name> ipv4 neighbors <ip> advertised-routes [detail [wide]|wide]
show bgp vrf <name> ipv6 neighbors <ip> advertised-routes [detail [wide]|wide]
|
|
|
|
Bridge: T7430: Add BPDU Guard and Root Guard support
|
|
Removed unused opennhrp files and configurations
|
|
|
|
interfaces: T7268: Add op-mode command for show all interfaces on system
|
|
T7122: pki: unable to switch from custom cert to ACME when HAProxy service is running with 'redirect-http-to-https' option
|
|
This will add support for BPDU Guard and Root Guard to the bridge interface.
Verification will come from:
show log spanning-tree
|
|
|
|
T7396: Return the old script to generate tech-support archive
|
|
Return the old script to 'generate tech-support archive' command.
The machine-readable format is good, but useless for analysis.
There are no logs and other necessary information.
Add op-mode command for machine-readable format:
```
generate tech-support machine-readable-archive
```
|
|
Rename config node from clear-session to reset-session
|
|
|
|
Fixed XML formatting.
|
|
Created op-mode script per request
Commands added:
show interfaces kernel
show interfaces kernel detail
show interfaces kernel json
show interfaces kernel <interface>
show interfaces kernel <interface> detail
show interfaces kernel <interface> json
|
|
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* Fix capitalization
---------
Co-authored-by: l0crian1 <ryan.claridge13@gmail.com>
Co-authored-by: Daniil Baturin <daniil@baturin.org>
|
|
firewall: T7369: Match global state policies in show firewall
|
|
grub: T7327: honor "system option kernel" settings during image upgrade
|
|
Global state policies were not matched when typing "show firewall"
|
|
Global state policies were not matched when typing "show firewall"
|
|
|
|
ids: T7241: remove Fastnetmon from the base system
|
|
It will eventually be moved to an addon
|
|
This creates a command to show all interfaces on the system in both human readable and JSON format.
This includes non-VyOS interfaces like those created by containers.
Syntax:
show interfaces kernel
show interfaces kernel json
show interfaces kernel <interface>
show interfaces kernel <interface> json
|
|
Added stp.py to create output for spanning-tree info
Modified op-mode-definitions\show-bridge.xml.in to add these commands:
show bridge spanning-tree
show bridge spanning-tree detail
show bridge <interface> spanning-tree
show bridge <interface> spanning-tree detail
|
|
T861: rename Secure Boot MOK (Machine Owner Key) file
|
|
|
|
|
|
|
|
|
|
T4930: Allow WireGuard peers via DNS hostname
|
|
T6641: Add vyos-network-event-logger Service
|
|
The service parses and logs network events for improved monitoring and diagnostics.
Supported event types include:
- `RTM_NEWROUTE`, `RTM_DELROUTE`
- `RTM_NEWLINK`, `RTM_DELLINK`
- `RTM_NEWADDR`, `RTM_DELADDR`
- `RTM_NEWNEIGH`, `RTM_DELNEIGH`, `RTM_GETNEIGH`
- `RTM_NEWRULE`, `RTM_DELRULE`
Added operational mode commands for filtered log retrieval:
- `show log network-event <event-type> <interface>`: Retrieve logs filtered by event type and interface.
- `show interfaces <type> <name> event-log <event-type>`: Display interface-specific logs filtered by event type.
|
