| Age | Commit message (Collapse) | Author |
|---|
|
T5513: firewall: update op-mode command show firewall.
|
|
Try to have as few calls to sudo in the op-mode scripts as possible. The XML
definitions can deal with it.
|
|
T5661: Add show show ssh dynamic-protection attacker and show log ssh…
|
|
default actions and extend references for firewall groups
|
|
|
|
dynamic-protection
|
|
|
|
|
|
|
|
'generate tech-support archive' moved to vyos-1x.
Output of 'show tech-support report' command is added to archive.
The default location of the archive is moved to '/tmp'.
The script is rewritten to Python.
|
|
vyos@vyos:~$ show system login users
Username Type Locked Tty From Last login
---------- ------ -------- ----- ------------- ------------------------
vyos vyos False pts/0 172.16.33.139 Mon Oct 2 20:42:24 2023
|
|
Updated spacing.
|
|
|
|
firewall: T5160: Remove zone policy op-mode
|
|
|
|
Add op-mode command `generate firewall rule-resequence`
Generates output with new sequences for firewall rules
set firewall ipv4 input filter rule 1 action 'accept'
set firewall ipv4 input filter rule 1 description 'Allow loopback'
$ generate firewall rule-resequence start 10 step 10
set firewall ipv4 input filter rule 10 action 'accept'
set firewall ipv4 input filter rule 10 description 'Allow loopback'
|
|
smoketest: T5607: support getting SCSI device by drive-id
|
|
|
|
|
|
|
|
|
|
The `rule` key could be not exists in the entry of the dictionary
for examppe `{'default_action': 'drop'}`
Fix it
|
|
|
|
login: T4754: show configured 2FA OTP key
|
|
We don't use ipsec.secrets anymore
Fix op-mode for "show vpn ike secrets".
Ability to get "RAW" format
|
|
T5496: multiple fixes for op-mode command <show firewall>
|
|
easy to read, and we get uniform output for both families, and will look the same when working with inet family in the future. Fix output of geo-ip matchers. Fix output for default-action rules: display N/A for counters in base chains, since they are not available.Change from N/A to N/D for empty groups, and for groups which found no reference in config
|
|
T5536: Fix show dhcp client leases
|
|
|
|
Fix helpers was moved to vyos.utils package
Fix empty new address from the lease file causes
OSError: illegal IP address string passed to inet_pton
|
|
|
|
specified (correct ::/0 for ipv6). Also, add columns for inbound and outbound interfaces
|
|
correct reference in source/destination column
|
|
|
|
Helper functions can and will be re-use din different code places.
|
|
|
|
show_firewall_group.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Multiple scripts use the same hardcoded path for DHCP client leases in
different direcotries - this can't be worse.
|
|
|
|
|
|
|
|
ISC dhcp client contains least_update timestamp in human readable format this
makes less sense for an API and also the expiry timestamp is provided in UNIX
time. Convert string (e.g. Sun Jul 30 18:13:44 CEST 2023) to UNIX time (1690733624)
vyos@vyos:~$ ${vyos_op_scripts_dir}/dhcp.py show_client_leases --family inet --interface eth0.10
Interface eth0.10
IP address 172.16.33.123 [Active]
Subnet Mask 255.255.255.0
Domain Name vyos.net
Router 172.16.33.254
Name Server 172.16.254.30
DHCP Server 172.16.33.254
DHCP Server 86400
Last Update Sun Jul 30 18:13:44 CEST 2023
Expiry Mon Jul 31 18:13:43 CEST 2023
vyos@vyos:~$ ${vyos_op_scripts_dir}/dhcp.py show_client_leases --family inet --interface eth0.10 --raw
[
{
"last_update": 1690733624,
"reason": "RENEW",
"interface": "eth0.10",
"new_expiry": "1690820023",
"new_dhcp_lease_time": "86400",
"medium": "",
"alias_ip_address": "",
"new_ip_address": "172.16.33.123",
"new_broadcast_address": "172.16.33.255",
"new_subnet_mask": "255.255.255.0",
"new_domain_name": "vyos.net",
"new_network_number": "172.16.33.0",
"new_domain_name_servers": "172.16.254.30",
"new_routers": "172.16.33.254",
"new_static_routes": "",
"new_dhcp_server_identifier": "172.16.33.254",
"new_dhcp_message_type": "5",
"old_ip_address": "172.16.33.123",
"old_subnet_mask": "255.255.255.0",
"old_domain_name": "vyos.net",
"old_domain_name_servers": "172.16.254.30",
"old_routers": "172.16.33.254",
"old_static_routes": ""
}
]
|
|
vyos@vyos# ${vyos_op_scripts_dir}/dhcp.py show_client_leases --family inet --interface eth0.10
Interface eth0.10
IP address 172.16.33.123 [Active]
Subnet Mask 255.255.255.0
Domain Name vyos.net
Router 172.16.33.254
Name Server 172.16.254.30
DHCP Server 172.16.33.254
DHCP Server 86400
Last Update Sat Jul 29 21:13:32 CEST 2023
Expiry Sun Jul 30 21:13:31 CEST 2023
vyos@vyos# ${vyos_op_scripts_dir}/dhcp.py show_client_leases --family inet --interface eth0.10 --raw
[
{
"last_update": "Sat Jul 29 21:13:32 CEST 2023",
"reason": "BOUND",
"interface": "eth0.10",
"new_expiry": "1690744411",
"new_dhcp_lease_time": "86400",
"medium": "",
"alias_ip_address": "",
"new_ip_address": "172.16.33.123",
"new_broadcast_address": "172.16.33.255",
"new_subnet_mask": "255.255.255.0",
"new_domain_name": "vyos.net",
"new_network_number": "172.16.33.0",
"new_domain_name_servers": "172.16.254.30",
"new_routers": "172.16.33.254",
"new_static_routes": "",
"new_dhcp_server_identifier": "172.16.33.254",
"new_dhcp_message_type": "5",
"old_ip_address": "",
"old_subnet_mask": "",
"old_domain_name": "",
"old_domain_name_servers": "",
"old_routers": "",
"old_static_routes": ""
}
]
|
|
|
