summaryrefslogtreecommitdiff
path: root/src/helpers
AgeCommit message (Collapse)Author
2022-11-03nat: T1877: T970: Add firewall groups to NATsarthurdev
2022-11-03firewall: T970: Refactor domain resolver, add firewall source/destination ↵sarthurdev
`fqdn` node
2022-10-28T4291: consolidate component version string read/write functionsJohn Estabrook
2022-06-14firewall: T970: Use set prefix to domain groupssarthurdev
2022-06-11firewall: T4299: Add support for GeoIP filteringsarthurdev
2022-06-05firewall: T970: Maintain a domain state to fallback if resolution failssarthurdev
2022-05-28firewall: T970: Add firewall group domain-groupViacheslav Hletenko
Domain group allows to filter addresses by domain main Resolved addresses as elements are stored to named "nft set" that used in the nftables rules Also added a dynamic "resolver" systemd daemon vyos-domain-group-resolve.service which starts python script for the domain-group addresses resolving by timeout 300 sec set firewall group domain-group DOMAINS address 'example.com' set firewall group domain-group DOMAINS address 'example.org' set firewall name FOO rule 10 action 'drop' set firewall name FOO rule 10 source group domain-group 'DOMAINS' set interfaces ethernet eth0 firewall local name 'FOO' nft list table ip filter table ip filter { set DOMAINS { type ipv4_addr flags interval elements = { 192.0.2.1, 192.0.2.85, 203.0.113.55, 203.0.113.58 } } chain NAME_FOO { ip saddr @DOMAINS counter packets 0 bytes 0 drop comment "FOO-10" counter packets 0 bytes 0 return comment "FOO default-action accept" } }
2022-03-10Revert "component_version: T4291: consolidate read/write functions"John Estabrook
This reverts commit 534f677d36285863decb2cdff179687b4fd690cb. Revert while investigating failure in vyos-configtest.
2022-03-10Revert "save-config: T4292: rewrite vyatta-save-config.pl to Python"John Estabrook
This reverts commit c4d389488970c8510200cac96a67182e9333b891. Revert while investigating failure in vyos-configtest.
2022-03-10Revert "load-config: T4295: use config_tree instead of legacy loadFile"John Estabrook
This reverts commit 2a4b45ba7fa4dabf7e592f499cfb06a7ae38cdea. Revert while investigating failure in vyos-configtest.
2022-03-09load-config: T4295: use config_tree instead of legacy loadFileJohn Estabrook
2022-03-08save-config: T4292: rewrite vyatta-save-config.pl to PythonJohn Estabrook
2022-03-08component_version: T4291: consolidate read/write functionsJohn Estabrook
2022-03-05conntrackd: T4259: fix daemon configuration pathChristian Poessinger
2022-02-16xml: T3474: get component version dictionary from xml cache, not legacyJohn Estabrook
2022-01-20interface-names: T3871: use tempfile during virtual migrationJohn Estabrook
Use tempfile to avoid race conditions during virtual migration.
2022-01-13strip-private: T4177: Fix for hiding private data token/url/bucketViacheslav
Add URL, token and bucket hidind data when is used function "strip-private"
2021-12-08vyos.util: T4061: add function to check for completion of boot configJohn Estabrook
2021-12-04wwan: T3795: move implementation to VbashOpRun()Christian Poessinger
After commit ae16a51506c ("configquery: T3402: use vyatta-op-cmd-wrapper to provide environment") we can now call VyOS op-mode commands from arbitrary Python scripts.
2021-11-18wwan: T3795: periodically check if WWAN connection needs a reconnectChristian Poessinger
(cherry picked from commit eb6247e4b464c36fa7441627b221d0db39429251)
2021-11-18interface-names: T3871: 'migrate' component string syntax as neededJohn Estabrook
With the rewrite of vyatta_net_name to Python using ConfigTree, one runs into the change in the syntax of the component version string when updating 1.2 --> 1.3/1.4, since the udev rule is run before the migration of the config file; add an explicit 'virtual' migration on configtree error.
2021-11-12interface-names: T3871: shift index to accommodate KVM behaviourJohn Estabrook
(on behalf of Dmitriy Eshenko)
2021-11-09interface-names: T3871: Add temporary interface names to properly renamingDmitriyEshenko
2021-10-21strip-private: T3926: strip cisco-authentication keyChristian Poessinger
2021-09-27interface-names: T3869: add vyos_net_nameJohn Estabrook
2021-09-27interface-names: T3869: add vyos_interface_rescanJohn Estabrook
2021-09-17T3823: Stop strip-private regexp from swallowing quoteserkin
2021-08-10pki: wireguard: T3642: strip private keyChristian Poessinger
Extend regex used by the "| strip-private" modifier to remove the WireGuard private key portion from stdout.
2021-07-18bridge: remove obsolete helper scriptChristian Poessinger
2021-05-15conntrack: T3535: add keepalived notifications for node transitionsChristian Poessinger
2021-04-17T3472: Move over commit-confirm-notify.py from vyatta-config-mgmterkin
2021-03-30T3354: Handle user break and prematurely closed stdinerkin
2021-03-22util: T3419: Handle IP addresses with netmasks and subnet prefixes in ↵erkin
strip-private
2021-03-15Add shebang line to strip-privateerkin
2021-03-15T3354: Add strip-private script in Pythonerkin
2020-10-21load-config: T2138: support loading gzipped (local) config filesJohn Estabrook
2020-07-22load-config: subclass ConfigSourceSession instead of ConfigJohn Estabrook
2020-05-07T2431: use native versions of validate-value and numeric validator.Daniil Baturin
2020-04-10util: T2253: fix translation to cmdJohn Estabrook
2020-04-10Revert "Revert "util: T2226: rewrite merge config to use cmd""John Estabrook
This reverts commit 6086b7fa718f502563a17569abc81d4ccb94818c.
2020-04-09util: T2226: os.system was wrongly converted to runThomas Mangin
os.system does print the ouput of the command, run() does not. A new function called call() does the printing and return the error code.
2020-04-08Revert "util: T2226: rewrite merge config to use cmd"John Estabrook
This reverts commit 9664e7d685307f5f9736929731e759ff7bad7353.
2020-04-06util: T2226: rewrite merge config to use cmdThomas Mangin
2020-04-06util: T2226: rewrite load config to use cmdThomas Mangin
2020-04-06util: T2226: rewrite bridge to use cmd (see comment in code)Thomas Mangin
2020-04-06util: T2226: rewrite boot config loader to use cmdThomas Mangin
2020-04-06util: T2226: rewrite config migration to use cmdThomas Mangin
2020-04-06util: T2226: covert most calls from os.system to utilThomas Mangin
As little change a possible but the function call The behaviour should be totally unchanged.
2020-03-30config load: T2053: update for version string syntax changeJohn Estabrook
2020-03-30config merge: T2052: update for version string syntax changeJohn Estabrook