Age | Commit message (Collapse) | Author |
|
When enabling identity-based-config, users can add arbitrary config keys
that are processed by ocserv. The user "must know" what he is been doing, as
invalid config option will make the ocserv daemon go ... whoop!
Thus add a warning and inform the user about this setting.
|
|
ocserv: T3896: add CLI options to configure ocserv config-per-user/group
|
|
T5219: ddclient: Allow not set login for Cloudflare API token
|
|
|
|
vrrp: T5215: fix the commit error when health check is not configured
|
|
|
|
that was replaced with Humps in all sciprts
|
|
T5158: Refactoring the commad sh interfaces counters
|
|
For more detailed information it's necessary to add information about drops and error counters.
|
|
T5215: add a built-in ping check for VRRP groups
|
|
|
|
Add RADIUS accounting-interim-interval option for PPTP-server
Specifies interval in seconds to send accounting information
(may be overridden by radius Acct-Interim-Interval attribute)
set vpn pptp remote-access authentication radius accounting-interim-interval '52'
|
|
Add RADIUS accounting-interim-interval option for L2TP-server
Specifies interval in seconds to send accounting information
(may be overridden by radius Acct-Interim-Interval attribute)
set vpn l2tp remote-access authentication radius accounting-interim-interval '120'
|
|
cloud-init: T5190: Added Cloud-init pre-configurator
|
|
T5060: Add disable option for high-availability
|
|
syslog: T2778: T2769: refactoring and VRF support
|
|
|
|
Allow syslog messages to be sent through a VRF (e.g. management).
|
|
|
|
Add 'maintenance mode' (option disable) for high-availability
set high-availability disable
|
|
dns: T5144: Improve dynamic DNS validations and completions
|
|
Use 'vyos-wan-load-balance.service' for load-balancing instead of
old start and stop 'vyatta-wanloadbalance.init' script
|
|
Add 'vyos-wan-load-balance.service' systemd unit for
'loadbalancing wan' instead of old vyatta-wanloadbalance.init script
|
|
|
|
|
|
|
|
Added a new service that starts before Cloud-init, waits for all network
interfaces initialization, and if requested by config, checks which interfaces
can get configuration via DHCP server and creates a corresponding Cloud-init
network configuration.
This protects from two situations:
* when Cloud-init tries to get meta-data via eth0 (default and fallback variant
for any data source which depends on network), but the real network is connected
to another interface
* when Cloud-init starts simultaneously with udev and initializes the first
interface to get meta-data before it is renamed to eth0 by udev
|
|
T5171: Use XML for loadbalancing wan instead of old templates
|
|
|
|
Use XML and python3 for 'load-balancing wan'
Use Jinja2 templates instead of old vyatta-wanloadbalance.pl to
generate configuration '/run/load-balance/wlb.conf' wich used by
/opt/vyatta/sbin/wan_lb
|
|
|
|
Without the change users might get confused as the setting is specified
on the VyOS CLI but never makes it to FRR due to an internal FRR check.
|
|
When we delete vrf vni there is a dictionary
{'only_vrf': 'red', 'new_frr_config': '!\n'}
|
|
conntrack-sync: T4888: rewrite the op mode script in the new format
|
|
Add verify() section to check if l3vni was removed in addition to the BGP
process under any given VRF.
|
|
|
|
|
|
|
|
FastAPI v0.92.0 (starlette v0.24.0) sets default attribute
Request._form; check for value == None instead of existence when
overriding Request class.
|
|
|
|
T1237: Failover route add policy for targets checking
|
|
dns: T5144: Make dns dynamic status output legacy format compatible
|
|
We must only search and replace for "vrf red" or "vrf green" - the regex
used infact matched on all VRFs which is wrong. This would remove all VRF VNI
configurations when only changing a single VRf.
|
|
ipsec: T5042: Rewritten 'show vpn ipsec remote-access' command
|
|
|
|
Add policy (any-available|all-available) for target checking for failover route
set protocols failover route 192.0.2.55/32 next-hop 192.168.122.1 check policy 'any-available'
set protocols failover route 192.0.2.55/32 next-hop 192.168.122.1 check target '192.168.122.1'
set protocols failover route 192.0.2.55/32 next-hop 192.168.122.1 check target '192.168.122.11'
It depends if we need that all targets must be alive on just one target.
|
|
Apply validations and completions to dynamic DNS protocols supported.
This also opens up additional protocols supported by ddclient 3.10.
Additional details:
- Validation and constraint have been added for interface names as well.
- While at it, the help texts got some copyedit and rewording.
|
|
Changes the node name from config-per-x to identity-based-config, as a result the j2 templates and vpn_openeconnect.py has been refactored to update the node name when accessing it's child nodes.
|
|
pki: T3642: Fix show command if no CA certs are present
|
|
op-mode: T5159: dhcpv6 incorrect warning message
|