Age | Commit message (Collapse) | Author |
|
* Add `clear dhcpv6-server lease`
* Standardize using vyos.opmode
|
|
T6075: firewall and NAT: check if interface-group exists when using them in firewall|nat rules.
|
|
T6096: Config commits are not synced properly because 00vyos-sync is deleted by vyos-router
|
|
http-api: T6069: fix allocation outside of thread lock
|
|
Lower available CPU C states to a minimum if this option set. This will set
Kernel commandline options "intel_idle.max_cstate=0 processor.max_cstate=1".
|
|
|
|
firewall|nat rules.
|
|
by vyos-router
|
|
T6084: Add NHRP dependency for IPsec and fix NHRP empty config bug
|
|
If we have any `vpn ipsec` and `protocol nhrp` configuration we
get the empty configuration file `/run/opennhrp/opennhrp.conf`
after rebooting the system.
Use config dependency instead of the old `resync_nhrp` function
fixes this issue
|
|
|
|
|
|
Example:
vyos@vyos# set protocols ospfv3 redistribute bgp
Possible completions:
metric OSPF default metric
metric-type OSPF metric type for default routes (default: 2)
route-map Specify route-map name to use
|
|
dhcp-server: T6079: Disable duplicate static-mappings on migration
|
|
|
|
configdep: T5839: remove trivially redundant config dependency calls
|
|
T5504: Keepalived VRRP ability to set more than one peer-address
|
|
banner: T6077: implement ASCII contest winner default logo
|
|
|
|
|
|
|
|
Implement VyOS ASCII art contest winners logo as the default for our MOTD
|
|
vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is required
|
|
|
|
required
|
|
The current VyOS container image manipulation "delete container image" command
allows force removal of container images - even if they still have a container
running.
Drop the --force option from the op-mode script.
vyos@vyos:~$ delete container image 2636705a815a
Error: image used by 6adb0175d47f.. image is in use by a container: consider
listing external containers and force-removing image
|
|
container: T6060: support removing all container images at once via op-mode
|
|
cpo@LR1.wue3:~$ show container image
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/busybox latest 3f57d9401f8d 5 weeks ago 4.5 MB
docker.io/jacobalberty/unifi v7.5 f6df690d6c67 4 months ago 827 MB
docker.io/jacobalberty/unifi v7.4 7838b75ef7b9 7 months ago 786 MB
cpo@LR1.wue3:~$ delete container image
Possible completions:
3f57d9401f8d Delete container image
7838b75ef7b9
all
f6df690d6c67
cpo@LR1.wue3:~$ delete container image all
cpo@LR1.wue3:~$ show container image
REPOSITORY TAG IMAGE ID CREATED SIZE
|
|
It does not make sense to perform the "podman login" command when setting up
containers, as images are not automatically pulled in from the registry - due
to issues with the default route during startup.
The same issue manifests in "podman login" where we can not login to a registry
unless there is a default route present.
This commit changes the behavior that the container registry is part of the
configuration, but it is only referenced during "add container image" and thus
never during system boot.
|
|
|
|
In order to keep the proper priority list during system startup and on initial
setup/commit for this feature the dependent VXLAN code should not be called,
if the interface in question does not exist (yet).
|
|
login: T5972: add possibility to disable individual local user accounts
|
|
Fixed L-Time in 'show vpn ike sa' command
|
|
* set system login user <name> disable
|
|
T6001: add option to disable next-hop-tracking resolve-via-default
|
|
* set system ip nht no-resolve-via-default
* set system ipv6 nht no-resolve-via-default
|
|
dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQ
|
|
T6029: Rewritten Accel-PPP services to an identical feature set
|
|
Removed dhcp-interface option (l2tp)
Added wins-server (sstp)
Added description (ipoe, pppoe, sstp, pptp)
Added exteded-script (l2tp, sstp, pptp)
Added shaper (ipoe, pptp, sstp, l2tp)
Added limits (ipoe, pptp, sstp, l2tp)
Added snmp ( ipoe, pptp,sstp, l2tp)
Refactoring and reformated code.
|
|
|
|
Updates smoketest config to test migrator change
|
|
dhcpv6-server: T5992: Fix op-mode DHCP lease output + updates
|
|
rpki: T6034: move file based SSH keys for authentication to PKI subsystem
|
|
dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally connected interfaces
|
|
|
|
|
|
Due to Kea's lease file cleanup, the CSV file content is inconsistent. This commit makes changes to use the Kea control socket to fetch current lease information.
|
|
connected interfaces
Prior dhcpd behaviour implicitly handled requests for locally connected subnets. Kea requires an explicit link between subnets and an interface.
|
|
ipsec: T5981: Strip '@' from migrated peer PKI name
|
|
defined
Fix commit 9b8e11e07 ("init: T2044: only start rpki if cache is configured")
which showed a disturbing error on tty0 after boot that a "binary operator
expected" when checking for RPKI caches when multiple results got returned.
|