| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
An attempt to upgrade to 1.2.x is caught, but error is of failed
checksum verification; add check and message.
|
|
Note that this was updated for the fix in T5739.
|
|
This commit allows management of system images with either new or legacy
tools: 'add/delete/rename system image' and 'set default' are translated
appropriately on booting between images with the old and new tools.
Consequently, the warning of the initial commit of T4516 is dropped.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This commit adds the whole set of system image tools written from the scratch in
Python that allows performing all the operations on images:
* check information
* perform installation and deletion
* versions management
Also, it contains a new service that will update the GRUB menu and keep tracking
its version in the future.
WARNING: The commit contains non-reversible changes. Because of boot menu
changes, it will not be possible to manage images from older VyOS versions after
an update.
|
|
pim(6): T5733: add missing FRR related features
|
|
|
|
|
|
|
|
|
|
|
|
IGMP and PIM are two different but related things.
FRR has both combined in pimd. As we use get_config_dict() and FRR reload it
is better to have both centrally stored under the same CLI node (as FRR does,
too) to just "fire and forget" the commit to the daemon.
"set protocols igmp interface eth1" -> "set protocols pim interface eth1 igmp"
|
|
Migrate CLI configuration retrival to common get_config_dict(). In addition
add new functionality to VyOS that is PIM related and already available in FRR.
|
|
|
|
mtr: T5658: Add VRF support for mtr (+ op_mode wrapper)
|
|
|
|
Example: we should focus on JSON output and not expose XML and CSV.
|
|
Reduce amount of duplicated (3 times) code in op-mode scripts for ping,
traceroute and mtr.
|
|
T5729: firewall: switch to valueless in
|
|
User hooks are executed using run_hookdir (defined in the /sbin/dhclient-script script) instead of run-parts. That allows user hooks to modify variables set by the dhcp client (e.g., the new_routers variable to avoid the installation of the default routes).
|
|
<enable|disable> commands; log and state moved to new syntax.
|
|
Add additional smoketests for web-options validation.
Also, format error messages to optionally include protocol name.
|
|
|
|
mdns: T5723: Always reload systemd daemon before applying changes
|
|
Additionally, templatize system service override and move it to the
runtime path.
|
|
T5559: Add static neighbor-proxy feature
|
|
T5706: Add custom systemd udev rules to exclude dynamic interfaces
|
|
T5713: Strip string after "secret" in IPSEC configs
|
|
If we add a new interface for PPPoe-server we MUST restart the
`accel-ppp@pppoe.service` as `reload` is not implemented for
accel-ppp daemon
Otherwise we have listen interface in the /run/accel-pppd/pppoe.conf
which does not work
|
|
Fix execution bit for migration script
|
|
Commit 30eb308149 ("T5713: Strip string after "secret" in IPSEC config") had
good intention but this will happen:
use-secret foo CLI node will become " secret xxxxxx" so the output of
strip-private invalidates the configuration.
This has been changed to an exact match of "secret" only
|
|
vxlan: T3700: add bridge dependency call when altering member interfaces
|
|
Commit 7f6624f5a6f8bd ("vxlan: T3700: support VLAN tunnel mapping of VLAN aware
bridges") added support for Single VXLAN Device (SVD) containers supported by
the Linux Kernel.
When working with bridge VIFs it turned out that when deleting a VIF all the
VXLAN tunnel mappings got deleted, too. In order to avoid this, if the bridge
has a VXLAN member interface which vlan-to-vni mapping enabled, we add a
dependency that we call VXLAN conf-mode script after messing arround with the
bridge VIFs and re-create tunnel mappings.
|
|
- Migrate to ddclient 3.11.1 and enforce debian/control dependency
- Add dual stack support for additional protocols
- Restrict usage of `porkbun` protocol, VyOS configuration structure
isn't compatible with porkbun yet
- Improve and cleanup error messages
|
|
`web-options` is only applicable when using HTTP(S) web request to
obtain the IP address. Apply guard for that.
|
|
Time interval in seconds to wait between DNS updates would be a bit
more intuitive as `interval` than `timeout`.
|
|
Make "strip-private" strip the string after "secret"
|
|
Add custom systemd udev rules to exclude some regular and dynamic
interfaces from "systemd-sysctl" calls.
It fixes high CPU utilization (100%) as we have a lot of calls per
interface for dynamic interfaces like ppp|ipoe|sstp etc.
/lib/systemd/systemd-udevd should not be called for those interfaces
|
|
wireguard: T5707: remove previously deconfigured peer
|
|
Changing the public key of a peer (updating the key material) left the old
WireGuard peer in place, as the key removal command used the new key.
WireGuard only supports peer removal based on the configured public-key, by
deleting the entire interface this is the shortcut instead of parsing out all
peers and removing them one by one.
Peer reconfiguration will always come with a short downtime while the WireGuard
interface is recreated.
|
