summaryrefslogtreecommitdiff
path: root/src/migration-scripts
AgeCommit message (Collapse)Author
2024-06-11firewall: T3900: fix migration and smoketestsChristian Breunig
Commit 770edf016838523 ("T3900: T6394: extend functionalities in firewall") changed the position in the CLI for conntrack timeout. This lead to failing smoketests because of a regression in the migrator.
2024-06-06Merge pull request #3578 from nicolas-fort/raw-hookDaniil Baturin
T3900: Add support for raw tables in firewall
2024-06-04T3900: T6394: extend functionalities in firewall; move netfilter sysctl ↵Nicolas Fort
timeout parameters defined in conntrack to firewall global-opton section.
2024-05-30reverse-proxy: T6409: unindent migration script code pathChristian Breunig
2024-05-27reverse-proxy: T6409: Remove unused backend parametersAlex W
2024-05-22nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel ↵Christian Breunig
>=5.0 random - In kernel 5.0 and newer this is the same as fully-random. In earlier kernels the port mapping will be randomized using a seeded MD5 hash mix using source and destination address and destination port. https://git.netfilter.org/nftables/commit/?id=fbe27464dee4588d906492749251454
2024-05-01pppoe-server: T6234: fix permissions on migration scriptJohn Estabrook
2024-05-01Merge pull request #3364 from natali-rs1985/T6234-currentDaniil Baturin
pppoe-server: T6234: PPPoE-server pado-delay refactoring
2024-04-29openconnect: T4982: Support defining minimum TLS version in openconnect VPNAlex W
2024-04-25pppoe-server: T6234: PPPoE-server pado-delay refactoringNataliia Solomko
2024-04-15T5535: firewall: migrate command <set system ip disable-directed-broadcast> ↵Nicolas Fort
to firewall global-optinos
2024-04-12Merge pull request #3291 from aapostoliuk/T6100-circinusChristian Breunig
T6100: Added NAT migration from IP/Netmask to Network/Netmask
2024-04-12T6100: Added NAT migration from IP/Netmask to Network/Netmaskaapostoliuk
Added NAT migration from IP/Netmask to Network/Netmask. In 1.3 allowed using IP/Netmask in Nat rules. In 1.4 and 1.5 it is prohibited. Allowed Network/Netmask.
2024-04-11T6216: firewall: add patch while migrating from 1.3 to 1.4 in order to avoid ↵Nicolas Fort
errors when using character <+> in 1.3 in firewall groups and custom firewall chains.
2024-04-07ipoe: T6205: fix conditional branch error in config migratorChristian Breunig
Commit a5ccc06c0 ("ipoe: T6205: error in migration script logic while renaming mac-address to mac node") added a conditional path into the config which could result in the migrated config not beeing written if precondition was not met.
2024-04-06container: T6208: rename "cap-add" CLI node to "capability"Christian Breunig
Containers have the ability to add Linux system capabilities to them, this is done using the "set container name <name> cap-add" command. The CLI node sounds off and rather should be "set container name <name> capability" instead as we use and pass a capability to a container and not add/invent new ones.
2024-04-06ipoe: T6205: error in migration script logic while renaming mac-address to ↵Christian Breunig
mac node The problem was introduced in [1] but the config migrator part unfortunately was added to the wrong version [2]. As IPoE config version 0 was only active during the 1.3 development cycle and VyOS 1.3.0 was already released with config version 1 we can safely drop the migrator 0-to-1 and move the code to 1-to-2 to properly support upgrades from VyOS 1.3 -> 1.4 or newer. 1: https://github.com/vyos/vyos-1x/commit/05df2a5f021f0c7aab7c06db645d210858b6e98d#diff-08291bf77870abe3af8bbe3e8ce4bbf344fd0498b2c5c75a75aa7235d381c88eL168 2: https://github.com/vyos/vyos-1x/commit/05df2a5f021f0c7aab7c06db645d210858b6e98d#diff-b8bb58b75607d3653e74d82eff02442f9f3ab82698f160ba37858f7cdf6c79ccR44-R46
2024-04-06T6199: remove unused Python imports from migration scriptsChristian Breunig
2024-04-04ospf: T6089: fix invalid "ospf passive-interface default"Christian Breunig
The option "passive-interface default" was set even if it was not present in the previous version we are migrating from. Fix migration script to handle this with a conditional path.
2024-03-25T6171: migrate <set service dhcp-server failover> to <set service ↵Nicolas Fort
dhcp-server high-availability>.
2024-03-19policy: T6130: Revert commit 960caceaapostoliuk
This reverts commit 960cace189d7ace2bea0968646b1348b415e0363. All community rules syntax was changed. T5357 is invalid bug report. VyOS cannot use new configuration syntax in the previous versions.
2024-03-15T6090: fix policy route migration script. Ensure that tcp flags migration ↵Nicolas Fort
occurs also if only <policy route> is defined.
2024-03-10T6114: fix broken migration dhcpv6-server 4-to-5Lucas Christian
2024-03-10firewall: T6071: truncate rule description field to 255 charactersChristian Breunig
2024-03-01smoketest: T6079: probe for duplicate IP address static-mappingChristian Breunig
2024-02-29dhcp-server: T6079: Disable duplicate static-mappings on migrationsarthurdev
2024-02-28dhcp-server: T6079: Increment Kea migrator versionssarthurdev
2024-02-15Merge pull request #3012 from sarthurdev/T5993Christian Breunig
dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQ
2024-02-15Merge pull request #3004 from aapostoliuk/T6029-circinusDaniil Baturin
T6029: Rewritten Accel-PPP services to an identical feature set
2024-02-15T6029: Rewritten Accel-PPP services to an identical feature setaapostoliuk
Removed dhcp-interface option (l2tp) Added wins-server (sstp) Added description (ipoe, pppoe, sstp, pptp) Added exteded-script (l2tp, sstp, pptp) Added shaper (ipoe, pptp, sstp, l2tp) Added limits (ipoe, pptp, sstp, l2tp) Added snmp ( ipoe, pptp,sstp, l2tp) Refactoring and reformated code.
2024-02-14dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQsarthurdev
Updates smoketest config to test migrator change
2024-02-13Merge pull request #2988 from c-po/pki-rpki-t6034Christian Breunig
rpki: T6034: move file based SSH keys for authentication to PKI subsystem
2024-02-13Merge pull request #2997 from sarthurdev/T5993Christian Breunig
dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally connected interfaces
2024-02-13dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally ↵sarthurdev
connected interfaces Prior dhcpd behaviour implicitly handled requests for locally connected subnets. Kea requires an explicit link between subnets and an interface.
2024-02-12rpki: T6024: add migration scripts from file based keys to PKI subsystemChristian Breunig
2024-02-12ipsec: T5981: Strip '@' from migrated peer namesarthurdev
2024-02-09Merge pull request #2975 from c-po/migrator-t5902Christian Breunig
https: T5902: fix migration of virtual-host port
2024-02-09https: T5902: fix migration of virtual-host portChristian Breunig
CLI source node is port and not listen-port.
2024-02-08Merge pull request #2950 from aapostoliuk/T5960-circinusDaniil Baturin
T5960: Rewritten authentication node in PPTP to a single view
2024-02-07T5960: Rewritten authentication node in PPTP to a single viewaapostoliuk
Rewritten authentication node in accel-ppp services to a single view. In particular - PPTP authentication.
2024-02-03rpki: T6011: known-hosts-file is no longer supported by FRRChristian Breunig
2024-02-02Merge pull request #2891 from aapostoliuk/T5971-circinusViacheslav Hletenko
T5971: Rewritten ppp options in accel-ppp services
2024-02-01Merge pull request #2860 from indrajitr/ddclient-update-20240119Christian Breunig
ddclient: T5966: Adjust dynamic dns config address subpath
2024-02-01Merge pull request #2890 from sever-sever/T5941Christian Breunig
T5941: Migration policy delete orphaned interface policy
2024-02-01Merge pull request #2892 from sever-sever/T5941-tpChristian Breunig
T5941: Migration QoS delete orphaned interface traffic-policy
2024-02-01bgp: T5930: Denied using rt vpn 'export/import' with 'both' togetheraapostoliuk
Denied using command 'route-target vpn export/import' with 'both' together in bgp configuration.
2024-01-29https: T6000: fix error in migration of path https certbotJohn Estabrook
2024-01-29T5971: Rewritten ppp options in accel-ppp servicesaapostoliuk
Rewritten 'ppp-options' to the same view in all accel-ppp services. Adding IPv6 support to PPTP.
2024-01-24T5941: Migration QoS delete orphaned interface traffic-policyViacheslav Hletenko
We can get an orphaned interface traffic-policy when the traffic-policy name is removed from the interface, but the node `trffic-policy` is still attached to the interface For exmaple we have orphaned node traffic-policy on an interface: ``` set interfaces bonding bond0 vif 995 traffic-policy ``` This causes of incorrect migration and we do not see VLANs on the bonding interface after update. Delete traffic-policy from all interfaces if traffic-policy does not exist
2024-01-24T5941: Migration policy delete orphaned interface policyViacheslav Hletenko
We can get orphaned interface policy when the policy name was removed from the interface but the node `policy` still attached to the interface For exmaple we have orphaned node policy on interface: ``` set interfaces bonding bond0 vif 995 policy ``` This causes of incorrect migration and we do not see VLANs on the bonding interface after update. Delete policy from all interfaces if policy does not exist