summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2022-11-01Merge pull request #1632 from dmbaturin/vrrp-commit-in-progressViacheslav Hletenko
T4526: use informative error messages for keepalived-fifo with commit in progress
2022-10-31ipsec: T4787: add support for road-warrior/remote-access RADIUS timeoutChristian Poessinger
This enabled users to also use 2FA/MFA authentication with a radius backend as there is enough time to enter the second factor.
2022-10-31T4526: use informative error messages for keepalived-fifo with commit in ↵Daniil Baturin
progress
2022-10-29Merge pull request #1621 from sarthurdev/T4774Christian Poessinger
wireguard: T4774: Prevent duplicate peer public keys
2022-10-29Merge pull request #1628 from sarthurdev/T3903Christian Poessinger
containers: T3903: Use systemd to handle containers
2022-10-29containers: T3903: Use systemd units for containerssarthurdev
* ExecStop action with defined timeout allows for quicker reboot/shutdown with containers
2022-10-28Merge pull request #1624 from dmbaturin/op-mode-bytesViacheslav Hletenko
T4779: output raw memory and storage values in bytes
2022-10-28T4779: switch raw output of "show system storage" to bytesDaniil Baturin
2022-10-28T4291: consolidate component version string read/write functionsJohn Estabrook
2022-10-28T4779: use bytes in the raw output of "show system memory"Daniil Baturin
2022-10-28wireguard: T4774: Prevent duplicate peer public keyssarthurdev
2022-10-27ipsec: T4778: raise UnconfiguredSubsystem if IPsec not initializedJohn Estabrook
2022-10-27Merge pull request #1606 from sever-sever/T4762Daniil Baturin
T4762: Add check for show nat if nat config does not exist
2022-10-26Merge pull request #1618 from sarthurdev/T4764Christian Poessinger
nat: T4764: Remove NAT tables on node deletion
2022-10-25nat: T4706: Verify translation address or port existssarthurdev
2022-10-25nat: T4764: Remove tables on NAT deletionsarthurdev
2022-10-25vyos.util: T4773: add camel_to_snake_case conversionJohn Estabrook
2022-10-25graphql: T4574: set byte length of shared secret from CLIJohn Estabrook
2022-10-25graphql: T4574: set token expiration time in claimsJohn Estabrook
2022-10-25graphql: T4574: add context to read token in queries/mutationsJohn Estabrook
2022-10-25graphql: T4574: read config and generate schema with/without key authJohn Estabrook
2022-10-25graphql: T4574: add mutation for requesting JWT tokenJohn Estabrook
2022-10-25graphql: T4574: reorganize directory structure for clarityJohn Estabrook
2022-10-25graphql: T4574: call all schema definition generation on initJohn Estabrook
2022-10-24route: T4772: return list of dicts in 'raw' outputJohn Estabrook
2022-10-23T4762: Add check for show nat if nat config does not existViacheslav Hletenko
Add check for 'show nat xxx' if nat configuration does not exist
2022-10-21Merge pull request #1611 from dmbaturin/field-normalization-2John Estabrook
T4765: support list and primitives in op mode output normalization
2022-10-21T4765: support list and primitives in op mode output normalizationcreate with ansible
2022-10-21graphql: T4768: change name of api child node from 'gql' to 'graphql'John Estabrook
2022-10-20T4765: normalize dict fields in op mode ouputsDaniil Baturin
2022-10-17Merge pull request #1600 from jestabro/gql-compositeJohn Estabrook
graphql: T4753: generalize system_status to composite_{query,mutation}
2022-10-16graphql: T4753: generalize system_status to composite_{query,mutation}John Estabrook
2022-10-16xdp: T4284: migrate to Debian libbpfChristian Poessinger
In order to properly retrieve JSON information in the Smoketests for the new QoS implementation we need a recent (>6.0) version of iproute2. This requires the libbpf-dev package and this small source-code change.
2022-10-14Merge pull request #1597 from jestabro/http-api-config-dictJohn Estabrook
http-api: T4749: transition to config_dict for conf_mode http-api.py
2022-10-14Merge pull request #1598 from sever-sever/T4533Christian Poessinger
T4533: Allow basic permissions to unprivileged RADIUS users
2022-10-14login: 2fa: T874: remove unused code path for global 1fa settingsChristian Poessinger
2022-10-14login: 2fa: T874: fix Google authenticator issuesChristian Poessinger
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos'
2022-10-14T4533: Allow basic permissions to unprivileged RADIUS usersViacheslav Hletenko
Unprivileged RADIUS users cannot do simple diagnostics like ping or traceroute. Allow them such tools. Ability to execute op-mode commands for them. It is not new 'operator mode' feature but it allows RADIUS users execute op-mode commands
2022-10-14http-api: T4749: transition to config_dictJohn Estabrook
2022-10-14T4725: Fix Regex for correctly reset IPsec peersViacheslav Hletenko
As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken)
2022-10-13monitoring: T4746: Add exception if we do not have firewall rulesViacheslav Hletenko
Telegraf checks the firewall table 'vyos_filter' but it we don't have any firewall in the system we don't have this table by default It cause commit error for "service monitoring" Add exception if the table "vyos_filter" is not found
2022-10-12bgp: T4744: Directly connected neighbors and ebgp-multihop checkViacheslav Hletenko
BGP directly connected neighbors (interface neighbors) do not compatible with ebgp-multihop option
2022-10-12Merge pull request #1555 from goodNETnick/ssh_otpChristian Poessinger
system login: T874: add 2FA support for local and ssh authentication
2022-10-11system login: T874: add 2FA support for local and ssh authenticationgoodNETnick
2022-10-11Merge pull request #1574 from Cheeze-It/currentChristian Poessinger
isis: T4739: ISIS segment routing being refactored
2022-10-11isis: T4739: ISIS segment routing being refactoredCheeze_It
This is to refactor ISIS segment routing to match up with OSPF segment routing.
2022-10-11conntrack: T4740: Set correct error msg if enrties not foundViacheslav Hletenko
Set correct error message if conntrack entries not found If we get XML raw data with len 0 it means there are no entries in the conntrack table
2022-10-10Merge pull request #1563 from sever-sever/T4716Christian Poessinger
ssh: T4716: Ability to configure RekeyLimit data and time
2022-10-10ssh: T4716: Ablity to configure RekeyLimit data and timeViacheslav Hletenko
Ability to configure SSH RekeyLimit data (in Megabytes) and time (in Minutes) set service ssh rekey data 1024 set service ssh rekey time 60
2022-10-07graphql: T4738: remove templated requests pending rewriteJohn Estabrook