Age | Commit message (Collapse) | Author |
|
The GraphQL API was implemented as an addition to the existing REST API.
As there is no necessary dependency, separate the initialization of the
respective endpoints. Factor out the REST Pydantic models and FastAPI
routes for symmetry and clarity.
|
|
|
|
to avoid ipaddrcheck syntax errors when values include whitespace
|
|
|
|
|
|
configd: T6608: report uncaught config script exceptions as commit error
|
|
|
|
bridge: T6675: VXLAN Interface configuration lost due to improper bridge detachment
|
|
In the case of config mode script exceptions other than ConfigError,
vyos-configd would previously trigger the shim to re-run the script in
the CLI context. The use of config dependencies require this case to
return a commit error. A traceback is returned as output, consistent
with running without vyos-configd support.
|
|
|
|
|
|
op-mode: T4833: Include wireguard peer name in interface summary report
|
|
Configuration error output is not returned in full to the http-api when
running under vyos-configd, due to an early implementation 'workaround'
of vyos-configd writing directly to the session tty. This is corrected
to return all ambient stdout (notably vyos.base.Warning) and error
messages directly to the originating caller, which may be from a session
tty or a ConfigSession instance. As the http-api runs in the latter
case, the full output is returned.
|
|
|
|
detachment
|
|
syslog: T5367: add format option to include timezone in message
|
|
Remove the lines of code that checked if the kernel had offloading
enabled and was then forcing the config to set it to "on." The
behavior now mirrors the config and offloading will only be enabled
if the config is explicitly set to enabled.
Note: the code is still present to disable the offloading, in the
config, if the kernel doesn't support it.
Note(2): Allow the previous behavior where the offload settings get set,
based on the Kernel, if the boot is a live boot.
|
|
T861: op-mode: initial parts for UEFI secure boot CLI
|
|
Support getting current system secure boot state.
In addition add optional suppor tto list all enrolled MOK (Machine Owner Keys)
in the UEFI variable store.
|
|
vyos@vyos:~$ show ver
...
Architecture: x86_64
Boot via: installed image
System type: KVM guest
Secure Boot: enabled
...
|
|
bond: T6709: add EAPoL support
|
|
op-mode: T6682: Fix for show vpn ike sa peer that always shows all SAs
|
|
|
|
Instead of having EAPoL (Extensible Authentication Protocol over Local Area
Network) support only available for ethernet interfaces, move this to common
ground at vyos.ifconfig.interface making it available for all sorts of
interfaces by simply including the XML portion
#include <include/interface/eapol.xml.i>
|
|
Add CLI option to include the systems timezone in the syslog message sent to
a collector. This can be enabled using:
set system syslog host <hostname> format include-timezone
|
|
policy: T6676: Invalid route-map caused bgpd to crash
|
|
T6703: Adds option to configure AMD pstate driver
|
|
openfabric: T6652: Add support for OpenFabric protocol
|
|
|
|
Missing comma in the list between services
'ssh', 'suricata' 'vrrp', 'webproxy'
Fix it
|
|
op-mode: T6694: Move some op-mode commands to the "execute" family
|
|
T6701: Added ability to disable the container DNS plugin
|
|
|
|
|
|
|
|
|
|
T6679: add group option for nat66
|
|
Add ability to set the container network with a disable-dns setting to disable
the DNS plugin that is on be default.
set container network <network> no-name-server
|
|
op_mode: T6181: A feature for checking ports
|
|
'force netns' — move to 'execute shell netns'.
'force vrf'— move to 'execute shell vrf'.
'force owping' — move to 'execute owping'.
'force twping' — move to 'execute twping'.
'monitor bandwidth-test' — move to 'execute bandwidth-test`.
'telnet' — move to 'execute telnet'
|
|
|
|
During podman upgrade and a build from the original source the UNIX socket
definition for systemd got lost in translation.
This commit re-adds the UNIX socket which is started on boot to interact with
Podman.
Example:
curl --unix-socket /run/podman/podman.sock -H 'content-type: application/json' \
-sf http://localhost/containers/json
|
|
OpenFabric is a routing protocol providing link-state routing with efficient flooding for topologies like spine-leaf networks.
FRR implements OpenFabric in a daemon called fabricd
|
|
|
|
|
|
To increase the chance for dhclient to configure routes in FRR, added a
workaround. Now 10 attempts are performed with 1 second delay and only after
this dhclient gives up.
|
|
|
|
Fix for system option ssh-client source-interface
For the `verify_source_interface` the key `ifname` if required
|
|
T6183: interfaces openvpn: suppport specifying IP protocol version
|
|
T5743: HTTPS API ability to import PKI certificates
|