summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2019-04-21[firewall] T314: add firewall options for MSS clampingChristian Poessinger
* clamp MSS IPv4 set firewall options interface pppoe0 adjust-mss '1452' * clamp MSS IPv6 set firewall options interface pppoe0 adjust-mss6 '1452' * disable entire rule set firewall options interface pppoe0 disable Output ------ $ sudo iptables-save -t mangle # Generated by iptables-save v1.4.21 on Sun Apr 21 12:56:25 2019 *mangle :PREROUTING ACCEPT [1217:439885] :INPUT ACCEPT [290:52459] :FORWARD ACCEPT [920:375774] :OUTPUT ACCEPT [301:100053] :POSTROUTING ACCEPT [1221:475827] :VYOS_FW_OPTIONS - [0:0] -A FORWARD -j VYOS_FW_OPTIONS -A VYOS_FW_OPTIONS -o pppoe0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 COMMIT Completed on Sun Apr 21 12:56:25 2019 (cherry picked from commit 476aa4c3a561ea0ef0bf9b4c26ec8b78d18a5d02)
2019-04-20[dhcp-server] T1335: bugfix when migrating authoritative sectionChristian Poessinger
2019-04-20[hostname] T1336: sanitize FQDN before passing to hostnamectlChristian Poessinger
Remove possible trialing (.) when invoking hostnamectl. A hostname with a trailing (.) is not supported in hostnamectl.
2019-04-20Revert "[hostname] T1336: trailing dots in system domain-name are invalid"Christian Poessinger
This reverts commit 05c539ea5595790b297904569cbe13089ce79e18.
2019-04-20[hostname] T1336: trailing dots in system domain-name are invalidChristian Poessinger
Debian/Systemd provides hostnamectl which disabllows setting a FQDN when there is a trailing (.) in the provided hostname. Extend regex when setting "system domain-name" that there can't be a trailing (.). Provide migration script for current installations to remove the dot.
2019-04-19[migration] T1344: unclutter 'system login radius-server' configuration nodesChristian Poessinger
2019-04-19Merge pull request #67 from tmarlok88/currentDaniil Baturin
T1343: do not remove zeros DHCP static route
2019-04-18[pppoe-server] T1341 - Adding rate-limiter for pppoe server usershagbard
- RADIUS shaper settings
2019-04-18[pppoe-server] T1341 - Adding rate-limiter for pppoe server usershagbard
- implementation for locally definied users
2019-04-18T1343: do not remove zeros DHCP static routetmarlok88
2019-04-17[accel-ppp] pppoe shaper op-mode command extendedhagbard
2019-04-10[dhcp] T1330: bugfix for non working wpad urlChristian Poessinger
WPAD url could be configured by CLI but the generated config was not understood by ISC dhcp - caused by infalid if {} statement resulting in a missing "option wpad-url code 252 = text;" block.
2019-04-06[dhcpv6-relay] T1322: bugfix on multiple listen interfacesChristian Poessinger
Same cause as with commit c6988bb4110541478dad74d0b892fd4643ed530a
2019-04-05T1264 - host_name.py improvementshagbard
- checks if a variable exists to avoid setting None on defined defaults
2019-04-04T1323 - migrate operator accounts to admin accountshagbard
2019-04-03[dhcpv6-relay] T1322: support multiple upstream serversChristian Poessinger
Add support for relaying a DHCPv6 packet to multiple servers on one upstream interface.
2019-04-03[dhcpv6-relay] T1322: bugfix on multiple upstream interfacesChristian Poessinger
When generation the configuration for multiple upstream interfaces a whitespace was missing in the generated configuration: OPTIONS="-6 -l 2001:db8::ffff%eth1 -u 2001:db8:1:ffff%eth2-u 2001:db8:2:ffff%eth3" ^--- This caused an error when starting up the DHCPv6 relay service
2019-03-20[arp] bugfix for 'del prot static arp <ip> hwaddr'hagbard
2019-03-11[rsyslog] Fixes: T1294 - Trying to delete 'system syslog' throws an exceptionhagbard
2019-03-11[arp] - T1288: python implemtation of 'set protocols static arp'hagbard
2019-03-08[ntp] T1280 - reverting added options from that taskhagbard
2019-03-08T103: [dhcp-server] add support to configure host declarative namesChristian Poessinger
2019-03-08T103: [dhcp-server] beautify generated configuration fileChristian Poessinger
2019-03-08T1277: [dhcp-server] bugfix 'show dhcp server leases'Christian Poessinger
The script did not check if the service was actually configured or not. This caused a FileNotFoundError for unconfigured services. vyos@vyos:~$ show dhcp server leases Traceback (most recent call last): File "/usr/libexec/vyos/op_mode/show_dhcp.py", line 123, in <module> leases = get_leases(lease_file, state='active') File "/usr/libexec/vyos/op_mode/show_dhcp.py", line 60, in get_leases leases = IscDhcpLeases(lease_file).get() File "/usr/lib/python3/dist-packages/isc_dhcp_leases/iscdhcpleases.py", line 110, in get with open(self.filename) as lease_file: FileNotFoundError: [Errno 2] No such file or directory: '/config/dhcpd.leases'
2019-03-08T1277: [dhcpv6-server] bugfix 'show dhcpv6 server leases'Christian Poessinger
The script did not check if the service was actually configured or not. This caused a FileNotFoundError for unconfigured services. vyos@vyos:~$ show dhcpv6 server leases Traceback (most recent call last): File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 77, in <module> leases = get_leases(lease_file, state='active') File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 46, in get_leases leases = IscDhcpLeases(lease_file).get() File "/usr/lib/python3/dist-packages/isc_dhcp_leases/iscdhcpleases.py", line 110, in get with open(self.filename) as lease_file: FileNotFoundError: [Errno 2] No such file or directory: '/config/dhcpdv6.leases'
2019-03-07[rsyslog] T1282 - Configure VyOS to send syslog messages to remote syslog ↵hagbard
using fully-qualified domain name
2019-03-07[ntp] T1280 - restrict option for servers, so they can query upstreamhagbard
2019-03-07Revert "[ntp] T1280 - allow-clients on NTP configuration"hagbard
This reverts commit 853a68aae4bf8ec02d9c3fa78be084d7ba38d351. Need to fix the unit test first
2019-03-07Revert "[ntp] adding extra option to test"hagbard
This reverts commit 4b2c57f4ba08409b4b6ba459fa8a3d23c5f6990c.
2019-03-07[ntp] adding extra option to testhagbard
2019-03-07[ntp] T1280 - allow-clients on NTP configurationhagbard
2019-03-06[pptp] implementing MPPE 128-bit stateless compression optionhagbard
2019-03-06[pptp] radius module load without config caused a crashes during starthagbard
2019-03-05T833: accel-ppp: pptp implementationhagbard
2019-03-04adjusted ntp test to accept the 2 new restrict parametershagbard
2019-03-04T1280 - allow-clients on NTP configurationhagbard
2019-02-28T1272: send VRRP messages from the base interface in RFC-compliant mode only ↵Daniil Baturin
in unicast mode (patch by Johan Fredin).
2019-02-24[tftp] T1261: always adjust directory permissions of tftprootChristian Poessinger
2019-02-24[tftp] T1261: bugfix allow-upload handlingChristian Poessinger
2019-02-24[tftp] T1261: reorder DAEMON_ARGSChristian Poessinger
2019-02-24[tftp] T1261: bugfix listening on multiple IP addessesChristian Poessinger
tftp-hpa which is the TFTP daemon used by VyOS does not support listening on multiple IP adresses. With this limitation we will start one TFTP daemon instance per configured listen-address via systemd.
2019-02-22feature: static-host-mapping - made IP address (param inet) mandatoryhagbard
2019-02-22removed a debugger print I forgut during mergehagbard
2019-02-22Fixes: T1262 - dhcp requested WAN ip address doesn't get search parameter in ↵hagbard
/etc/resolv.conf
2019-02-22pdns_recursor check improved, spits out a message for /var/run if it's not ↵hagbard
running.
2019-02-22bugfix: static-mapping-host alias not mandatory, verification adjustedhagbard
2019-02-21Fixes: T1257: implement 'set system static-host-mapping' in host_name.py and ↵hagbard
remove old function calls
2019-02-21[IPsec] T1260: VICI-based implementation of "show vpn ipsec sa"Daniil Baturin
2019-02-21[dhcp] T1211: avoid blank DHCP hostnames taking down DNSChristian Poessinger
2019-02-21T1256: Execute "show ipsec vpn ipsec sa" returns incorrect resultsDaniel Pro
Not sure it's a normal case scenario, the one highlighted in T1256. To managed it I changed the "if" logic.