summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2020-05-29Merge pull request #439 from thomas-mangin/T2088-explicit-airbagChristian Poessinger
airbag :T2088: make airbag explicit
2020-05-29airbag: T2088: explicit enabling of the featureThomas Mangin
airbag must now be explicitly installed. the patch also allow to fully disables the installation of the logging code at setup (and not just installing and doing nothing)
2020-05-28ethernet: T2514: add warning when changing mac for bond memberL6NqLW
2020-05-27ethernet: T2476: do not override MAC of lower interface if bond memberL6NqLW
2020-05-26dhcpv6-pd: T2506: use common dictionary definition for config parametersChristian Poessinger
2020-05-26dhcpv6-pd: T2506: add option to request specific prefix lengthChristian Poessinger
Some ISPs (e.g. Comcast) only delegate a /64 by default. You have to explicitly "ask" for a bigger (e.g. /60) prefix. This commit adds a CLI node to request a specific prefix length in the range 32 - 64. dhcpv6-options { prefix-delegation { length 60 } }
2020-05-26dhcpv6-pd: pppoe: T2506: restructure CLIChristian Poessinger
Rename the CLI nodes for prefix delegation from "dhcpv6-options delegate <interface>" to "dhcpv6-options prefix-delegation interface <interface>". The change is required to add the possibility to request for specific prefix sized via the CLI. That option was not possible with the old configuration tree.
2020-05-26dhcpv6-pd: ethernet: T421: fix TypeErrorChristian Poessinger
Copy/paste error resulting in: Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/interfaces-ethernet.py", line 303, in <module> apply(c) File "/usr/libexec/vyos/conf_mode/interfaces-ethernet.py", line 205, in apply e.dhcp.v6.options['dhcpv6_pd'] = e['dhcpv6_pd'] TypeError: 'EthernetIf' object is not subscriptable
2020-05-22login: T2492: must use try/except when adding user for the first timeChristian Poessinger
2020-05-22login: T2492: re-use code from vyos.utilChristian Poessinger
2020-05-22login: T2492: force setting of encrypted password on first bootChristian Poessinger
2020-05-22login: T2492: fix flake8 warningsChristian Poessinger
2020-05-22login: T2492: do not set encrypted user password when it is not changedChristian Poessinger
2020-05-22pppoe: T2488: bugfix, missing not in if condition prevented startupChristian Poessinger
Commit 39c53aadbf9e ("pppoe: T2488: remove logfile generation") accidently missed a not in an if statement.
2020-05-22macsec: T2491: add replay window protectionChristian Poessinger
2020-05-22macsec: T2023: flake8/autopep8 correctionsChristian Poessinger
2020-05-22macsec: T2023: fix wrong use or f-format stringChristian Poessinger
2020-05-22macsec: T2023: remove unused importChristian Poessinger
2020-05-21pppoe: T2380: fix NameError: name 'intf' is not definedChristian Poessinger
2020-05-21pppoe: T2380: dis-/connect should use proper systemd callsChristian Poessinger
2020-05-21pppoe: T2488: remove logfile generationChristian Poessinger
2020-05-21wireless: T1627: remove get_conf_file()Christian Poessinger
2020-05-21macsec: T2023: delete wpa_supplicant config when interface is removedChristian Poessinger
2020-05-21macsec: T2023: stop wpa_supplicant on interface deletionChristian Poessinger
2020-05-21macsec: T2023: cleanup wpa_supplicant config file nameChristian Poessinger
2020-05-21macsec: T2023: improve verify() when encryption is enabledChristian Poessinger
With enabled encryption keys must be configured.
2020-05-21macsec: T2023: support MACsec Key Agreement protocol actor priorityChristian Poessinger
2020-05-21macsec: T2023: rename "security key" node to "security mka"Christian Poessinger
MACsec always talks about MKA (MACsec Key Agreement protocol) thus the node should reflect that.
2020-05-21macsec: T2023: use wpa_supplicant for key managementChristian Poessinger
2020-05-21macsec: T2023: cli: move "cipher" and "encryption" under new "secutiry" nodeChristian Poessinger
This is best suited as a key is required, too.
2020-05-21macsec: T2023: cipher suite is mandatoryChristian Poessinger
2020-05-21macsec: T2023: use list when working with Config()Christian Poessinger
2020-05-21macsec: T2023: add optional encryption commandChristian Poessinger
By default MACsec only authenticates traffic but has support for optional encryption. Encryption can now be enabled using: set interfaces macsec <interface> encrypt
2020-05-21macsec: T2023: add initial XML and Python interfacesChristian Poessinger
2020-05-19Merge pull request #414 from thomas-mangin/T2467Christian Poessinger
util: T2467: automatically add sudo to known commands
2020-05-19wireguard: T2481: support IPv6 based underlayChristian Poessinger
2020-05-19util: T2467: add systemctl to autosudoThomas Mangin
2020-05-19nat: do not report unassigned IP address for DNATChristian Poessinger
That warning made no sense as the destination address where we forward a port to is by design not locally connected.
2020-05-19dhcpv6-pd: T421: support ethernet based interfacesChristian Poessinger
Add support for prefix delegation when receiving the prefix via ethernet, bridge, bond, wireless.
2020-05-19configdict: T2372: interfaces must reuse interface_default_dataChristian Poessinger
This is to remove the amount of duplicated entries in dictionaries. It's one more part to move to a unified interface management.
2020-05-19dhcpv6-server: T815: support delegating IPv6 prefixesChristian Poessinger
2020-05-18flake8: T2475: fix a number of issue reported by flake8Thomas Mangin
2020-05-17pppoe: dhcpv6-pd: T421: stop service when config is removedChristian Poessinger
2020-05-17pppoe: dhcpv6-pd: T421: start/stop delegation with interface statusChristian Poessinger
2020-05-17pppoe: dhcpv6-pd: T421: initial supportChristian Poessinger
The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0. pppoe pppoe0 { authentication { password vyos user vyos } description sadfas dhcpv6-options { delegate eth0 { interface-id 65535 sla-id 0 sla-len 8 } } ipv6 { address { autoconf } enable } source-interface eth1 } vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- eth0 2001:db8:8003:400::ffff/64 u/u
2020-05-17frr: combine all templates in frr directoryChristian Poessinger
2020-05-17powerdns: T2470: adjust config file permissions for recursor 4.3Christian Poessinger
PowerDNS recursor 4.3 now uns as user pdns and group pdns, thus the generated configuration file and directory need to have the appropriate permissions set.
2020-05-16nat: nptv6: T2198: add XML/Python skeletonChristian Poessinger
- define XML CLI interface - read CLI into Python dict
2020-05-16nat: T2198: add support for SNAT based on source addressesChristian Poessinger
CLI commands used for ruleset generation: set nat source rule 100 outbound-interface 'eth0.202' set nat source rule 100 protocol 'all' set nat source rule 100 source address '192.0.2.0/26' set nat source rule 100 translation address 'masquerade' set nat source rule 110 outbound-interface 'eth0.202' set nat source rule 110 protocol 'tcp' set nat source rule 110 source address '192.0.2.0/26' set nat source rule 110 source port '5556' set nat source rule 110 translation address 'masquerade'
2020-05-16nat: T2198: set default protocol to all to be backwards compatibleChristian Poessinger
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-17 07:21:37 +0000