Age | Commit message (Collapse) | Author |
|
In addition to the rewrite to make use of get_config_dict() the CLI is
slightly adjusted as specified in T4703.
* Rename vlan-id and vlan-range to simply vlan
* Rename network-mode to simply mode
* Re-use existing common Jinja2 template for Accel-PPP which are shared
with PPPoE and SSTP server.
* Retrieve default values via defaultValue XML node
|
|
The initial Accel-PPP PPPoE implementation used:
set service pppoe-server interface <name> vlan-id <id>
set service pppoe-server interface <name> vlan-range <start-stop>
This is actually a duplicated CLI node.
|
|
|
|
|
|
|
|
This reverts commit fa91f567b7b5f009aaaed569b3f5e5db4b638d39.
|
|
This reverts commit c2fc87c02dd556dd1569ff2fd81c9e2485a80459.
|
|
HTTP and sstp cannot work together and in the test config
1.4-rolling-202106290839 we didnot have configurable port for
such services
So we shoud delete sstp from this smoketest config test
In fact it is never working at all 'smoketest/configs/pki-misc'
It commits without errors before but in the real life we get 3
services (https openconnect sstp) that bound the same port
|
|
Change openconnect port as both ocserv and sstp bind
by default the same port 443
|
|
After discussion with @zsdc this was decided the better long term fix
* Removes hourly logrotate cron in favour of systemd timer override
|
|
|
|
|
|
* Also determines and maps to correct CA for migrated CRL
|
|
|
|
The migration script bgp/0-to-1 did not address
'protocols bgp ASN' -> 'protocols bgp local-as ASN'
under a vrf. Move to configs.no-load for review on extending/adding a
migration script.
|
|
The config vrf-basic reveals a missing block in the migration script
vrf/0-to-1, moving 'next-hop-vrf' to 'vrf'. As this only exists in
Sagitta, modify script 0-to-1. Also, fix the 'system nt' typo seen in
vrf-ospf.
|
|
The pki-ipsec sagitta-era config contains
'vpn ipsec ipsec-interfaces interface eth0'
with ipsec component version ipsec@6, however, this construction is
successfully moved by migration script ipsec/5-to-6. Consequently, this
must have been an error in translation of the config file. Note that
this is unrelated to the corrected error regarding an empty
'ipsec-interfaces' node. Move config to configs.no-load for review.
|
|
bgp_small_as contains set commands such as:
'protocols static route 10.0.0.0/8 MY-NAS distance 254'
which would appear to have no meaning, in any VyOS version.
Move to config.no-load for analysis.
|
|
The component version in bgp-dmvpn-spoke is nat@5, however, 4-to-5
removes the boolean argument. It is confirmed that the migration script
works correctly, hence, it must be a typo in translation; remove
argument 'enable'.
|
|
The config file isis-small has system@20, but 'user level' which was
migrated in system/16-to-17; remove the line in the config, as there is
no problem with the migration script in question.
|
|
This is a typo in vrf-ospf: 'system nt' on the line before 'system ntp'.
|
|
This takes a very long time, but keep the config for manual runs
|
|
|
|
|
|
|
|
* set protocols static arp interface eth0 address 192.0.2.1 mac 01:23:45:67:89:01
|
|
|
|
|
|
|
|
|
|
|
|
After hardning the regex validator to be preceeded with ^ and ending with $
it was no longer possible to have a comma separated list as SSH ciphers. The
migrations cript is altered to migrate the previous comma separated list
to individual multi node entries - cipher and key-exchange always had been
multinodes - so this just re-arranges some values and does not break CLI
compatibility
|
|
* Add support for ECN and CWR flags
|
|
* Migrates all policy route references from `ipv6-route` to `route6`
* Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6`
|
|
The implementation of the "auto" option to specify the sflow/netflow
agent-address is very error prone. The current implementation will determine
the IP address used for the "auto" value as follow:
Get BGP router-id
1) If not found use OSPF router-id
2) If not found use OSPFv3 router-id
3) If not found use "the first IP address found on the system
Well, what is the "first IP address found"? Also this changes if DHCP is in use.
Also another disadvantage is when the BGP/OSPF/OSPFv3 router-id is changed,
the agent-address is not updated upon the next reboot of the system.
This task is about removing the "auto" keyword from the CLI at all and make it
either entirely configurable by the user and hardcode the value in CLI, or not
use this at all.
If "auto" is specified we will query the system in the above order and set the
proper router-id in the CLI. If none can be found the CLI node is removed.
|
|
|
|
|
|
(cherry picked from commit c1015d8ce0013719eb898b60b14ffec192b8141c)
|
|
|
|
|
|
T3804 changed how DHCP servers from DHCP interfaces are read in and passed to
the system. The config migrator is tested with this addition.
|
|
|
|
|
|
Update/refresh of DNS records is now handled internally by Strongswan.
|
|
|
|
|
|
|
|
update to use PKI.
|
|
|
|
|