summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2020-07-04snmp: vrf: T2682: support restart on failure indefinitely.Christian Poessinger
Linux tries to bind sshd to the VRF but it is yet not ready - for any arbitrary reason. After restarting SSH to often (rate-limiting) it is blocked by systemd. Using Restart/RestartSec is not enough - systemd services use start rate limiting (enabled by default). If service is started more than StartLimitBurst times in StartLimitIntervalSec seconds is it not permitted to start any more. Parameters are inherited from DefaultStartLimitIntervalSec (default 10s) and DefaultStartLimitBurst (default 5).
2020-07-04cleanup: no need to call sudo for configuration mode scriptsChristian Poessinger
2020-07-04ids: T2659: Add get_first_key to get_config_dictDmitriyEshenko
2020-07-04Merge pull request #487 from DmitriyEshenko/1x-impl-fnmDaniil Baturin
ids: T2659: Implement fastnetmon support
2020-07-03ids: T2659: Implement fastnetmon supportDmitriyEshenko
2020-07-03ntp: T2676: mive to get_config_dict()Christian Poessinger
2020-07-01config: T2667: add missing flagJohn Estabrook
2020-07-01Merge pull request #486 from jestabro/sub_dictChristian Poessinger
2020-07-01config: T2667: adapt for refinements to get_config_dictJohn Estabrook
2020-07-01ifconfig: T2653: use better names for vyos.configverify functionsChristian Poessinger
2020-07-01ifconfig: T2653: move pppoe interface to get_config_dict()Christian Poessinger
2020-06-29tunnel: T2649: ConfigurationState, do not inherit from ConfigThomas Mangin
2020-06-28wwan: T2660: remove workaround - use XML backed default dictChristian Poessinger
2020-06-27ifconfig: T2653: move wirelessmodem (WWAN) interface to get_config_dict()Christian Poessinger
2020-06-27xml: T2656: do not flatten dict by defaultChristian Poessinger
2020-06-27ifconfig: T2653: macsec switch to default dictionaryChristian Poessinger
2020-06-27Merge pull request #480 from c-po/t2653Christian Poessinger
ifconfig: T2653: move macsec interface to get_config_dict()
2020-06-27ifconfig: T2653: dummy: loopback: use same get_config() structure as MACsecChristian Poessinger
2020-06-27ifconfig: T2653: move macsec interface to get_config_dict()Christian Poessinger
2020-06-26T2654: Remove overzealous error checkingkroy
2020-06-26ifconfig: T2653: add common vyos.configverify helpersChristian Poessinger
While moving towards a general interface abstraction based on get_config_dict() and the use of vyos.ifconfig.Interfaces().update() it also makes sense, to split out common verification code to a common util file - instead of duplicating the code, which is infact one of the main forces drivind this transition. vyos.configverify will hold common functions called via verify() from our src/conf_mode scripts so we do not need to copy/paste general verifications methods.
2020-06-26ifconfig: T2653: move loopback interface to get_config_dict()Christian Poessinger
2020-06-26ifconfig: T2653: move dummy interface to get_config_dict()Christian Poessinger
This changes the dummy interface implementation to make use of get_config_dict() and also implement a new vyos.ifconfig.Interface().update() function to gather all the scattered calls to update common interface configuration options. Derived classes of Interface() should extend update() to their needs for their special interface type - e.g. bond or bridge.
2020-06-24dictconfig: T2637: identify sub-interfaces (vif) to deleteThomas Mangin
2020-06-23ssh: T2635: migrate to get_config_dict()Christian Poessinger
Jinja template contains some workarounds like {% if port is string %}, this depends of the resolution of https://phabricator.vyos.net/T2636
2020-06-23Merge pull request #472 from thomas-mangin/T2633Christian Poessinger
tunnel: T2633: add support for ip (arp) commands
2020-06-23wireguard: T2632: support PSK on multiple peersChristian Poessinger
It was not possible to configure two WG peers with both utilized a pre-shared key. This has been corrected. WG psk can only be read from a file when starting the interface. The code for creating this temporary file has been moved into the ifconfig.WireGuardIf() class. Tested with: ============ set interfaces wireguard wg0 address '192.0.2.0/31' set interfaces wireguard wg0 peer one allowed-ips '0.0.0.0/0' set interfaces wireguard wg0 peer one preshared-key 'e+SIIUcrnrSDHhbTtpjwKhSlSdUALA5ZvoCjfQXcvmA=' set interfaces wireguard wg0 peer one pubkey '/qQGAQ2HfLSZBSCpdgps04r9wRlK7bSFraCH9+MScmw=' set interfaces wireguard wg0 peer two allowed-ips '0.0.0.0/0' set interfaces wireguard wg0 peer two pubkey '/qQGAQ2HfLSZBSCpdgfooor9wRlK7bSFraCH9+MScmw='
2020-06-23tunnel: T2633: add support for ip (arp) commandsThomas Mangin
2020-06-22vpn: sstp: T2008: fix improper use of fail-time dictionary keyChristian Poessinger
2020-06-22vpn: pptp: T2351: fix improper use of fail-time dictionary keyChristian Poessinger
2020-06-22vpn: l2tp: T2264: fix improper use of fail-time dictionary keyChristian Poessinger
2020-06-22pppoe-server: T2314: fix improper use of fail-time dictionary keyChristian Poessinger
2020-06-22Merge branch 'default-dict' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 'default-dict' of github.com:c-po/vyos-1x: console-server: T2588: migrate to defaults from XML interface definitions xml: T2588: add gitignore for generated defaults xml: T2588: code to extract defaults values from xml Debian: remove duplicate build dependency xml: ssh: fix typo in service description
2020-06-22console-server: T2588: migrate to defaults from XML interface definitionsChristian Poessinger
2020-06-22rip: T2547: rewriten implementation in Python and XMLViacheslav Hletenko
2020-06-22Merge pull request #452 from jjakob/T2486-dns-hostsd-fixesDaniil Baturin
T2486: DNS, vyos-hostsd fixes
2020-06-19pseudo-ethernet: T2589: fix for deleting interface(s)Christian Poessinger
When deleting a peth interface the interface name was not added to the configuration dict, which lead to referencing non existent keys.
2020-06-19console-server: T2490: add SSH support for direct device accessChristian Poessinger
2020-06-18console-server: T2490: rename CLI to console-serverChristian Poessinger
2020-06-18console-server: T2490: add SSH supportChristian Poessinger
A user can define a port under the SSH node per device. WHen connecting to that port and authenticating using regular credentials we will immediately drop to the serial console. This is the same as executing "connect serial-proxy <name>".
2020-06-18console-server: T2490: log to journaldChristian Poessinger
2020-06-18console-server: T2490: move CLI parsing to get_config_dict()Christian Poessinger
For more examples on the new get_config_dict() approach migrate this implementation as it is not yet in production use. Also this serves as proof of concept code for further migrations.
2020-06-18console-server: T2490: add default CLI valuesChristian Poessinger
2020-06-18console-server: T2490: rename CLI to "serial-proxy"Christian Poessinger
2020-06-18console-server: T2490: use new USB ports "by-bus"Christian Poessinger
2020-06-18console-server: T2490: initial supportChristian Poessinger
2020-06-17router-advert: T2609: remove debug pprint statementChristian Poessinger
2020-06-17router-advert: T2185: migrate from SysVinit to systemdChristian Poessinger
2020-06-17router-advert: T2609: add missing verify() for prefix lifetimeChristian Poessinger
radvd[31898]: AdvValidLifeTime must be greater than AdvPreferredLifetime in radvd.conf, line 19 This happens with the following configuration: vyos@vyos# show service router-advert interface eth0.20 { name-server 2001:4860:4860::8888 prefix ::/64 { valid-lifetime 7200 } } A validator is added to solve this issue and radvd will run again.
2020-06-18T2610: fix default-lifetime typoShohei YOKOKAWA
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-12 17:10:32 +0000