summaryrefslogtreecommitdiff
path: root/src/helpers
AgeCommit message (Collapse)Author
2023-01-04T1237: Fix failover route install route with diff metricsViacheslav Hletenko
If there is no route in the routing table (requires install route) it checks routing table and returns best route None But if we have 2 routes to the same dest ip but with different metrics it doesn't get None (not first route install) It cause that bast metric route cannot be installed (wrong logic) Add func "is_route_exists" and check route/gateway/metric for the required route
2022-12-17Merge pull request #1358 from sever-sever/T1237Christian Poessinger
routing: T1237: Add new feature failover route
2022-12-14routing: T1237: Add new feature failover routeViacheslav Hletenko
Failover route allows to install static routes to the kernel routing table only if required target or gateway is alive When target or gateway doesn't respond for ICMP/ARP checks this route deleted from the routing table Routes are marked as protocol 'failover' (rt_protos) cat /etc/iproute2/rt_protos.d/failover.conf 111 failover ip route add 203.0.113.1 metric 2 via 192.0.2.1 dev eth0 proto failover $ sudo ip route show proto failover 203.0.113.1 via 192.0.2.1 dev eth0 metric 1 So we can safely flush such routes
2022-11-11policy: T2199: T4605: Migrate policy route interface to `policy route|route6 ↵sarthurdev
<name> interface <ifname>` * Include refactor to policy route to allow for deletion of mangle table instead of complex cleanup * T4605: Rename mangle table to vyos_mangle
2022-11-03nat: T1877: T970: Add firewall groups to NATsarthurdev
2022-11-03firewall: T970: Refactor domain resolver, add firewall source/destination ↵sarthurdev
`fqdn` node
2022-10-28T4291: consolidate component version string read/write functionsJohn Estabrook
2022-06-14firewall: T970: Use set prefix to domain groupssarthurdev
2022-06-11firewall: T4299: Add support for GeoIP filteringsarthurdev
2022-06-05firewall: T970: Maintain a domain state to fallback if resolution failssarthurdev
2022-05-28firewall: T970: Add firewall group domain-groupViacheslav Hletenko
Domain group allows to filter addresses by domain main Resolved addresses as elements are stored to named "nft set" that used in the nftables rules Also added a dynamic "resolver" systemd daemon vyos-domain-group-resolve.service which starts python script for the domain-group addresses resolving by timeout 300 sec set firewall group domain-group DOMAINS address 'example.com' set firewall group domain-group DOMAINS address 'example.org' set firewall name FOO rule 10 action 'drop' set firewall name FOO rule 10 source group domain-group 'DOMAINS' set interfaces ethernet eth0 firewall local name 'FOO' nft list table ip filter table ip filter { set DOMAINS { type ipv4_addr flags interval elements = { 192.0.2.1, 192.0.2.85, 203.0.113.55, 203.0.113.58 } } chain NAME_FOO { ip saddr @DOMAINS counter packets 0 bytes 0 drop comment "FOO-10" counter packets 0 bytes 0 return comment "FOO default-action accept" } }
2022-03-10Revert "component_version: T4291: consolidate read/write functions"John Estabrook
This reverts commit 534f677d36285863decb2cdff179687b4fd690cb. Revert while investigating failure in vyos-configtest.
2022-03-10Revert "save-config: T4292: rewrite vyatta-save-config.pl to Python"John Estabrook
This reverts commit c4d389488970c8510200cac96a67182e9333b891. Revert while investigating failure in vyos-configtest.
2022-03-10Revert "load-config: T4295: use config_tree instead of legacy loadFile"John Estabrook
This reverts commit 2a4b45ba7fa4dabf7e592f499cfb06a7ae38cdea. Revert while investigating failure in vyos-configtest.
2022-03-09load-config: T4295: use config_tree instead of legacy loadFileJohn Estabrook
2022-03-08save-config: T4292: rewrite vyatta-save-config.pl to PythonJohn Estabrook
2022-03-08component_version: T4291: consolidate read/write functionsJohn Estabrook
2022-03-05conntrackd: T4259: fix daemon configuration pathChristian Poessinger
2022-02-16xml: T3474: get component version dictionary from xml cache, not legacyJohn Estabrook
2022-01-20interface-names: T3871: use tempfile during virtual migrationJohn Estabrook
Use tempfile to avoid race conditions during virtual migration.
2022-01-13strip-private: T4177: Fix for hiding private data token/url/bucketViacheslav
Add URL, token and bucket hidind data when is used function "strip-private"
2021-12-08vyos.util: T4061: add function to check for completion of boot configJohn Estabrook
2021-12-04wwan: T3795: move implementation to VbashOpRun()Christian Poessinger
After commit ae16a51506c ("configquery: T3402: use vyatta-op-cmd-wrapper to provide environment") we can now call VyOS op-mode commands from arbitrary Python scripts.
2021-11-18wwan: T3795: periodically check if WWAN connection needs a reconnectChristian Poessinger
(cherry picked from commit eb6247e4b464c36fa7441627b221d0db39429251)
2021-11-18interface-names: T3871: 'migrate' component string syntax as neededJohn Estabrook
With the rewrite of vyatta_net_name to Python using ConfigTree, one runs into the change in the syntax of the component version string when updating 1.2 --> 1.3/1.4, since the udev rule is run before the migration of the config file; add an explicit 'virtual' migration on configtree error.
2021-11-12interface-names: T3871: shift index to accommodate KVM behaviourJohn Estabrook
(on behalf of Dmitriy Eshenko)
2021-11-09interface-names: T3871: Add temporary interface names to properly renamingDmitriyEshenko
2021-10-21strip-private: T3926: strip cisco-authentication keyChristian Poessinger
2021-09-27interface-names: T3869: add vyos_net_nameJohn Estabrook
2021-09-27interface-names: T3869: add vyos_interface_rescanJohn Estabrook
2021-09-17T3823: Stop strip-private regexp from swallowing quoteserkin
2021-08-10pki: wireguard: T3642: strip private keyChristian Poessinger
Extend regex used by the "| strip-private" modifier to remove the WireGuard private key portion from stdout.
2021-07-18bridge: remove obsolete helper scriptChristian Poessinger
2021-05-15conntrack: T3535: add keepalived notifications for node transitionsChristian Poessinger
2021-04-17T3472: Move over commit-confirm-notify.py from vyatta-config-mgmterkin
2021-03-30T3354: Handle user break and prematurely closed stdinerkin
2021-03-22util: T3419: Handle IP addresses with netmasks and subnet prefixes in ↵erkin
strip-private
2021-03-15Add shebang line to strip-privateerkin
2021-03-15T3354: Add strip-private script in Pythonerkin
2020-10-21load-config: T2138: support loading gzipped (local) config filesJohn Estabrook
2020-07-22load-config: subclass ConfigSourceSession instead of ConfigJohn Estabrook
2020-05-07T2431: use native versions of validate-value and numeric validator.Daniil Baturin
2020-04-10util: T2253: fix translation to cmdJohn Estabrook
2020-04-10Revert "Revert "util: T2226: rewrite merge config to use cmd""John Estabrook
This reverts commit 6086b7fa718f502563a17569abc81d4ccb94818c.
2020-04-09util: T2226: os.system was wrongly converted to runThomas Mangin
os.system does print the ouput of the command, run() does not. A new function called call() does the printing and return the error code.
2020-04-08Revert "util: T2226: rewrite merge config to use cmd"John Estabrook
This reverts commit 9664e7d685307f5f9736929731e759ff7bad7353.
2020-04-06util: T2226: rewrite merge config to use cmdThomas Mangin
2020-04-06util: T2226: rewrite load config to use cmdThomas Mangin
2020-04-06util: T2226: rewrite bridge to use cmd (see comment in code)Thomas Mangin
2020-04-06util: T2226: rewrite boot config loader to use cmdThomas Mangin
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 05:40:49 +0000