summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2023-02-28T5037: Firewall: Add queue action and options to firewallNicolas Fort
2023-02-27openconnect: T4955: Renamed function and changed error messagesaapostoliuk
Renamed local function to be identical to 1.3 ver Changed error messages after commit to be identical to 1.3 ver
2023-02-27Merge pull request #1644 from aapostoliuk/T4790-sagittaViacheslav Hletenko
T4790: Added check of the sum of radius timeouts
2023-02-26graphql: T4979: add user info to token requestJohn Estabrook
2023-02-26T4997: add dhcp client user hooksbri
This commit adds a script to run user-defined hook scripts upon renewing a DHCP lease. This can be used to, for example, dynamically define a firewall address-group based on the dynamic IP address of an interface. For an example of its use (as well as the use case I had in mind while coding this), see https://vyos.dev/T2196#142394 Co-authored-by: br <git@ibeep.com>
2023-02-25tunnel: T5034: migrate "multicast enable" CLI node to enable-multicastChristian Breunig
Tunnel interface multicast settings can be "enabled or disabled". As we prefer valueless nodes, and the linux kernel default is "disabled" we should add a set interfaces tunnel tunXX enable-multicast command
2023-02-25python: T5026: Replace deprecated Python modules crypt, spwdsarthurdev
DeprecationWarning: 'crypt' is deprecated and slated for removal in Python 3.13 DeprecationWarning: 'spwd' is deprecated and slated for removal in Python 3.13
2023-02-24login: T1948: drop absolut path to /usr/libexec/vyos, re-use vyos.defaultsChristian Breunig
2023-02-24http-api: T5030: fix missing check on delete keys id tag or key valueJohn Estabrook
2023-02-24Merge pull request #1847 from aapostoliuk/T4985-2-sagittaChristian Breunig
ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library
2023-02-24ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici libraryaapostoliuk
1. Changed reset IPSEC, IKE SAs to use vici library. 2. Created package vyos.ipsec to communicate with vici library.
2023-02-23Merge pull request #1829 from sever-sever/T5013Daniil Baturin
T5013: Extend accelppp op-mode script to get statistic
2023-02-22T5025: Fix timezones and validator use timedatectlViacheslav Hletenko
Fix timezones completion help and validotor Use 'timedatectl' insted of find zoneinfo
2023-02-22openconnect: T5023: Conf script missing optional config parametersarthurdev
2023-02-22Merge pull request #1839 from sarthurdev/ipsecChristian Breunig
ipsec: T4593: Remove references to deleted variables
2023-02-22ipsec: T4593: Remove references to deleted variablessarthurdev
2023-02-21Merge pull request #1835 from sever-sever/T5020Christian Breunig
T5020: Extend openvpn op-mode to get list of configured clients
2023-02-21T4978: Default values of port rewrite default container valuesViacheslav Hletenko
As we have the same variable name 'default_values' for container name, port and volume, it rewrites default container parameters with default port parameters Fix it
2023-02-20T5020: Extend openvpn op-mode to get list of configured clientsViacheslav Hletenko
Extend openvpn.py op-mode script to get list of configured clients for the '--raw' output
2023-02-18T5013: Extend accelppp op-mode script to get statisticViacheslav Hletenko
Extend accelppp.py op-mode script to get subnet/start/stop/gateway/client_ip_pool/ etc info from the configuration
2023-02-15Merge pull request #1817 from sarthurdev/bookwormChristian Breunig
debian: T5003: Upgrade base system to Debian 12 "Bookworm"
2023-02-15Merge pull request #1821 from sarthurdev/ipsecChristian Breunig
ipsec: T4593: Migrate and remove legacy `include-ipsec` nodes
2023-02-15ipsec: T4593: Migrate and remove legacy `include-ipsec` nodessarthurdev
Not supported with swanctl
2023-02-14http-api: T5006: add explicit async to retrieve/configure methodsJohn Estabrook
2023-02-14strongSwan: T4593: move to charon-systemdChristian Breunig
2023-02-14ipsec: T4985: Fixed 'reset vpn ipsec-peer {peer}' commandaapostoliuk
Fixed 'reset vpn ipsec-peer {peer}' command. The op-mode script uses value 'None' in the 'tunnel' parameter to clear all CHILD SAs.
2023-02-13debian: T5003: Fixes dynamic DNS for Bookwormsarthurdev
2023-02-13debian: T5003: Update XDP for latest libbpfsarthurdev
2023-02-13debian: T5003: Fixes for Debian Bookwormsarthurdev
* DH params of 256 length no longer supported
2023-02-12T5001: Replace links to the phabricator siteChristian Breunig
Replace links to the phabricator site from https://phabricator.vyos.net to https://vyos.dev
2023-02-11qos: T4284: migration script must ensure bandwidth is converted to lower caseChristian Breunig
tc acccepts the bandwidth value/unit pairs as lowercase - so does the VyOS CLI validator work, too.
2023-02-10Merge pull request #1805 from nicolas-fort/T4857-frr-fixChristian Breunig
T4857: snmp: Fix error when not defining client|network under community
2023-02-10snmp: T4857: explicitly define default community networks 0.0.0.0/0 and ::/0Christian Breunig
After the RESTRICTED view was introduced snmpd requires a network to be specified. Before adding the RESTRICTED view snmpd always assumed the default network 0.0.0.0/0. This commit re-adds the build in default networks for IPv4 and IPv6 and exposes it as a proper default to the CLI so the user is informed about it: vyos@vyos# set service snmp community foooo Possible completions: authorization Authorization type (default: ro) + client IP address of SNMP client allowed to contact system + network Subnet of SNMP client(s) allowed to contact system (default: 0.0.0.0/0, ::/0)
2023-02-10interfaces: T4995: rename user -> username CLI node for pppoe, wwan and ↵Christian Breunig
sstp-client
2023-02-09Merge pull request #1793 from aapostoliuk/T4905-sagittaDaniil Baturin
nhrp: T4905: Rewritten nhrp op-mode in new style
2023-02-09Revert "container: T4959: Add container registry authentication config for ↵Christian Breunig
containers" This reverts commit b17251334c57c2f6875c19ad4e6c6127aa9e1811.
2023-02-09Merge pull request #1790 from Zen3515/current-add-container-loginChristian Breunig
container: T4959: Add container registry authentication config for containers
2023-02-06graphql: T4979: add query show_user_infoJohn Estabrook
2023-02-04dhcp-relay: T2408: use Warning() on deprecated interface CLI nodeChristian Breunig
2023-02-04Merge pull request #1603 from nicolas-fort/T2408Christian Breunig
T2408: dhcp-relay: Add listen-interface and upstream-interface feature
2023-02-04qos: T4284: add safeguard for non existing interfacesChristian Breunig
When shaper is bound to a dialup (e.g. PPPoE) interface it is possible, that it is yet not availbale when to QoS code runs. Skip the configuration and inform the user.
2023-02-04Merge pull request #1797 from ServerForge/currentChristian Breunig
bgp: T4817: add support for RFC9234
2023-02-04Revert "login: T4975: Fixed broken CLI commands"Christian Breunig
This reverts commit 3a6e77d479da4321b851163490a9b79ef2cef7b8. A general solution is implemented in Commit 29a44a73 ("T4975: always sync() filesystem after commit").
2023-02-04T4975: always sync() filesystem after commitChristian Breunig
2023-02-04T4817 added support for RFC 9234Kyle McClammy
2023-02-02login: T4975: Fixed broken CLI commandszsdc
User profile files are not saved to disk after configuration is fully applied. Because of this, after a fast system reset, profile files can be empty, and CLI is broken. This fix adds a `sync()` call after the user's configuration, which should protect from data loss and fix the problem with profiles.
2023-02-01nhrp: T4905: Rewritten nhrp op-mode in new styleaapostoliuk
1. Formatted output of 'show nhrp' commands to table view 2. Rewritten nhrp op-mode in new style
2023-01-30container: T4959: Add container registry authentication config for containersZen3515
2023-01-30Merge pull request #1761 from sever-sever/T4916-currViacheslav Hletenko
T4916: Rewrite IPsec peer authentication and psk migration
2023-01-28vrrp: T1297: improve gratuitous ARP default value handling and help stringsChristian Breunig