Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-04-11 | vpn: l2tp: sstp: T2264: create config dir on demand | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: migrate IPv6 prefix node to common CLI style | Christian Poessinger | |
Combining multiple options into a single CLI node is considered bad practice. IPv6 prefixes consited of the prefix itself and a mask send to the client in one node only. The following CLI parts have been migrated from client-ipv6-pool { delegate-prefix fc00:0:1::/48,64 prefix 2001:db8::/64,64 } to client-ipv6-pool { delegate fc00:0:1::/48 { delegation-prefix 48 } prefix 2001:db8::/48 { mask 64 } } Thus regular validation steps from the VyOS CLI can be used when a prefix is configured. | |||
2020-04-11 | vpn: l2tp: T2264: simplify IPv6 config dictionary elements | Christian Poessinger | |
2020-04-11 | vpn: sstp: T2008: migrate from SysVinit -> systemd | Christian Poessinger | |
2020-04-11 | vpn: sstp: T2008: bugfix KeyError 'client_gateway' | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: migrate from SysVinit -> systemd | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: remove debug pprint | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: proper set PPP default values to ease Jinja2 template | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: migrate to new dictionary keys for radius auth | Christian Poessinger | |
2020-04-11 | vpn: sstp: T2008: set accell default values in config dict | Christian Poessinger | |
This will remove the required if/else parts int he Jinja2 template. | |||
2020-04-11 | vpn: l2tp: T2264: use "with open()" when writing config | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: migrate to new dictionary keys for local auth | Christian Poessinger | |
2020-04-11 | vpn: sstp: T2008: improve error message for non existent local-users | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: cleanup thread_cnt generation | Christian Poessinger | |
2020-04-11 | vpn: sstp: T2008: cleanup thread_cnt generation | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: combine WINS CLI syntax | Christian Poessinger | |
There is no reason to distinguish between WINS servers in terms of priority. This is solely a task which can be done in the underlaying Python scripts. | |||
2020-04-11 | vpn: l2tp: T2264: combine IPv4/IPv6 name-server CLI syntax | Christian Poessinger | |
There is no reason to distinguish between an IPv4 and IPv6 name-server node on the CLI - this can be done in the underlaying Python scripts. | |||
2020-04-11 | vpn: sstp: T2008: adjust DNS error message | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: comment cleanup on chk_con() | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: use default_config_data dict | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: introduce common config base | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: import cleanup | Christian Poessinger | |
2020-04-11 | vpn: l2tp: T2264: rename files to match CLI levels | Christian Poessinger | |
2020-04-10 | openvpn: T2266: fix verify for client-server bridged mode | jjakob | |
2020-04-10 | pppoe: T2248: connect-on-demand and vrf are mutually exclusive | Christian Poessinger | |
As PPP can be used to establish a connection on-demand it manages the Kernel default route. This can not be used when using VRFs which are managed by the ip-up.d and ip-down.d scripts - thus those options are now mutially exclusive. The best fix would be adding support for VRFs into PPP. | |||
2020-04-09 | vxlan: T2172: add source-address option | Christian Poessinger | |
This is a base requirement for l2vpn evpn. When source-address is configured, the option "local <source-addr> nolearning" is appended when creating the interface as mentioned here: https://vincent.bernat.ch/en/blog/2017-vxlan-bgp-evpn | |||
2020-04-09 | Revert "vxlan: T2172: remove group or remote check in verify()" | Christian Poessinger | |
This reverts commit 195e1da6a518ee3a2cbc0e1d454317e3c05e3e6e. | |||
2020-04-09 | Merge branch 'vxlan' of github.com:c-po/vyos-1x into current | Christian Poessinger | |
* 'vxlan' of github.com:c-po/vyos-1x: vxlan: pseudo-ethernet: T2260: convert link nodes to source-interface wireguard: T2206: fix comment in migration script pppoe: enable Jinja2 trim_blocks | |||
2020-04-09 | vxlan: pseudo-ethernet: T2260: convert link nodes to source-interface | Christian Poessinger | |
2020-04-09 | pppoe: enable Jinja2 trim_blocks | Christian Poessinger | |
2020-04-09 | util: T2226: os.system was wrongly converted to run | Thomas Mangin | |
os.system does print the ouput of the command, run() does not. A new function called call() does the printing and return the error code. | |||
2020-04-09 | Revert "tunnel: T2028: prevent single 'remote' keyword" | Christian Poessinger | |
This reverts commit 37973a13bbc168c09e5f4d1e606f91fd7ffbb41a. | |||
2020-04-09 | Merge pull request #317 from thomas-mangin/T2028-remote | Christian Poessinger | |
tunnel: T2028: fix remote and registration | |||
2020-04-08 | tunnel: T2028: prevent single 'remote' keyword | Thomas Mangin | |
When the remote keywrod is ommited, the default value of '' is still set, therefore the ip command will include it. Remote is now removed if unset. | |||
2020-04-08 | vyos.util: introduce chmod_750() for files/directories | Christian Poessinger | |
2020-04-08 | wireguard: T2244: re-use interface removal code from WireGuardIf class | Christian Poessinger | |
2020-04-08 | wireguard: T2244: fix writing PSK | Christian Poessinger | |
2020-04-08 | vyos-util: rename chown_file() > chown() | Christian Poessinger | |
... to make it clear also directories can be chown(-ed) | |||
2020-04-08 | wireguard: T2247: add VRF support | Christian Poessinger | |
2020-04-08 | wireguard: T2244: rewrite to match code structure of other interfaces | Christian Poessinger | |
Accessing a list of dictionaries and parsind/manipulating the content can and should be done in a way other interface implementations do it. Just to name a few: - Ethernet - L2TPv3 - WWAN (WirelessModem) | |||
2020-04-08 | Merge pull request #315 from jjakob/openvpn-template | Christian Poessinger | |
openvpn: T2234: clean up and rework openvpn template | |||
2020-04-08 | openvpn: T2234: clean up and rework openvpn template | jjakob | |
- rearranged options to put them in logical groups separated by blank lines - removed unnecessary blank lines (whitespace) - fixed encryption if-else comparison logic that caused 3des to be ignored - set tls if tls-version-min is set | |||
2020-04-08 | vrf: add additional documentation link | Christian Poessinger | |
2020-04-08 | Merge pull request #313 from DmitriyEshenko/dmvpn-fix1 | Christian Poessinger | |
tunnel: T2236: Add additional check for type change | |||
2020-04-08 | Merge pull request #311 from thomas-mangin/T2028-explain | Christian Poessinger | |
tunnel: T2028: document the classes created | |||
2020-04-08 | tunnel: T2236: Add additional check for type change | DmitriyEshenko | |
2020-04-08 | tunnel: T2028: document the classes created | Thomas Mangin | |
2020-04-08 | bridge: T2232: bugfix wifi and wwan verify() section | Christian Poessinger | |
Commit fcce471 ("bridge: T2232: prevent deletion of enslaved interfaces") added a regression by referencing a wrong variable name. | |||
2020-04-07 | http api: T2160: Fix error message when api proxy restricted. | John Estabrook | |
2020-04-07 | http api: T2160: move 'api virtual-host' to 'api-restrict virtual-host' | John Estabrook | |
Restriction of api proxy should be owned by https.py, not http-api.py. |