summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2024-03-06Merge pull request #3088 from nicolas-fort/T6075Daniil Baturin
T6075: firewall and NAT: check if interface-group exists when using them in firewall|nat rules.
2024-03-06Merge pull request #3085 from Apachez-/T6096Christian Breunig
T6096: Config commits are not synced properly because 00vyos-sync is deleted by vyos-router
2024-03-05Merge pull request #3089 from jestabro/allocate-under-lockJohn Estabrook
http-api: T6069: fix allocation outside of thread lock
2024-03-05T2447: add configurable kernel boot option 'disable-power-saving'Christian Breunig
Lower available CPU C states to a minimum if this option set. This will set Kernel commandline options "intel_idle.max_cstate=0 processor.max_cstate=1".
2024-03-05http-api: T6069: fix allocation outside of thread lockJohn Estabrook
2024-03-05T6075: firewall and NAT: check if interface-group exists when using them in ↵Nicolas Fort
firewall|nat rules.
2024-03-04T6096: Config commits are not synced properly because 00vyos-sync is deleted ↵Apachez
by vyos-router
2024-03-04Merge pull request #3079 from sever-sever/T6084Daniil Baturin
T6084: Add NHRP dependency for IPsec and fix NHRP empty config bug
2024-03-04T6084: Add NHRP dependency for IPsec and fix NHRP empty config bugViacheslav Hletenko
If we have any `vpn ipsec` and `protocol nhrp` configuration we get the empty configuration file `/run/opennhrp/opennhrp.conf` after rebooting the system. Use config dependency instead of the old `resync_nhrp` function fixes this issue
2024-03-03ospfv3: T6087: add support to redistribute IS-IS routesChristian Breunig
2024-03-02ospf: T5717: sync code with ospfv3 implementationChristian Breunig
2024-03-02ospfv3: T5717: allow metric and metric-type on redistributed routesChristian Breunig
Example: vyos@vyos# set protocols ospfv3 redistribute bgp Possible completions: metric OSPF default metric metric-type OSPF metric type for default routes (default: 2) route-map Specify route-map name to use
2024-03-01Merge pull request #3061 from sarthurdev/T6079_currentChristian Breunig
dhcp-server: T6079: Disable duplicate static-mappings on migration
2024-03-01smoketest: T6079: probe for duplicate IP address static-mappingChristian Breunig
2024-02-29Merge pull request #2659 from jestabro/remove-trivial-redundanciesJohn Estabrook
configdep: T5839: remove trivially redundant config dependency calls
2024-02-29Merge pull request #3056 from natali-rs1985/T5504-currentChristian Breunig
T5504: Keepalived VRRP ability to set more than one peer-address
2024-02-29Merge pull request #3060 from c-po/bannerDaniil Baturin
banner: T6077: implement ASCII contest winner default logo
2024-02-29dhcp-server: T6079: Disable duplicate static-mappings on migrationsarthurdev
2024-02-28dhcp-server: T6079: Increment Kea migrator versionssarthurdev
2024-02-28configdep: T5660: remove global redundancies under vyos-configdJohn Estabrook
2024-02-28banner: T6077: implement ASCII contest winner default logoChristian Breunig
Implement VyOS ASCII art contest winners logo as the default for our MOTD
2024-02-28Merge pull request #3055 from sarthurdev/T6073Christian Breunig
vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is required
2024-02-28T5504 Keepalived VRRP ability to set more than one peer-addressNataliia Solomko
2024-02-27vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is ↵sarthurdev
required
2024-02-27container: T6074: do not allow deleting images which have a container runningChristian Breunig
The current VyOS container image manipulation "delete container image" command allows force removal of container images - even if they still have a container running. Drop the --force option from the op-mode script. vyos@vyos:~$ delete container image 2636705a815a Error: image used by 6adb0175d47f.. image is in use by a container: consider listing external containers and force-removing image
2024-02-24Merge pull request #3046 from c-po/container-T6060Christian Breunig
container: T6060: support removing all container images at once via op-mode
2024-02-24container: T6060: support removing all container images at once via op-modeChristian Breunig
cpo@LR1.wue3:~$ show container image REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/library/busybox latest 3f57d9401f8d 5 weeks ago 4.5 MB docker.io/jacobalberty/unifi v7.5 f6df690d6c67 4 months ago 827 MB docker.io/jacobalberty/unifi v7.4 7838b75ef7b9 7 months ago 786 MB cpo@LR1.wue3:~$ delete container image Possible completions: 3f57d9401f8d Delete container image 7838b75ef7b9 all f6df690d6c67 cpo@LR1.wue3:~$ delete container image all cpo@LR1.wue3:~$ show container image REPOSITORY TAG IMAGE ID CREATED SIZE
2024-02-24container: T5909: move registry login to op-modeChristian Breunig
It does not make sense to perform the "podman login" command when setting up containers, as images are not automatically pulled in from the registry - due to issues with the default route during startup. The same issue manifests in "podman login" where we can not login to a registry unless there is a default route present. This commit changes the behavior that the container registry is part of the configuration, but it is only referenced during "add container image" and thus never during system boot.
2024-02-19event-handler: T6048: handling exception when _PID is not foundgavol
2024-02-17bridge: T6043: do not call vxlan dependency if interface does not exist (yet)Christian Breunig
In order to keep the proper priority list during system startup and on initial setup/commit for this feature the dependent VXLAN code should not be called, if the interface in question does not exist (yet).
2024-02-17Merge pull request #3019 from c-po/login-T5972Christian Breunig
login: T5972: add possibility to disable individual local user accounts
2024-02-16T3722: Fixed L-Time in 'show vpn ike sa' commandaapostoliuk
Fixed L-Time in 'show vpn ike sa' command
2024-02-16login: T5972: add possibility to disable individual local user accountsChristian Breunig
* set system login user <name> disable
2024-02-16Merge pull request #3016 from c-po/nhtChristian Breunig
T6001: add option to disable next-hop-tracking resolve-via-default
2024-02-16T6001: add option to disable next-hop-tracking resolve-via-defaultChristian Breunig
* set system ip nht no-resolve-via-default * set system ipv6 nht no-resolve-via-default
2024-02-15Merge pull request #3012 from sarthurdev/T5993Christian Breunig
dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQ
2024-02-15Merge pull request #3004 from aapostoliuk/T6029-circinusDaniil Baturin
T6029: Rewritten Accel-PPP services to an identical feature set
2024-02-15T6029: Rewritten Accel-PPP services to an identical feature setaapostoliuk
Removed dhcp-interface option (l2tp) Added wins-server (sstp) Added description (ipoe, pppoe, sstp, pptp) Added exteded-script (l2tp, sstp, pptp) Added shaper (ipoe, pptp, sstp, l2tp) Added limits (ipoe, pptp, sstp, l2tp) Added snmp ( ipoe, pptp,sstp, l2tp) Refactoring and reformated code.
2024-02-14eigrp: T2472: improve code for later testsChristian Breunig
2024-02-14dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQsarthurdev
Updates smoketest config to test migrator change
2024-02-13Merge pull request #2998 from sarthurdev/T5992Christian Breunig
dhcpv6-server: T5992: Fix op-mode DHCP lease output + updates
2024-02-13Merge pull request #2988 from c-po/pki-rpki-t6034Christian Breunig
rpki: T6034: move file based SSH keys for authentication to PKI subsystem
2024-02-13Merge pull request #2997 from sarthurdev/T5993Christian Breunig
dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally connected interfaces
2024-02-13dhcp: dhcpv6: T3316: Add op-mode for showing DHCP(v6) static-mappingssarthurdev
2024-02-13dhcpv6-server: T3316: Display delegated prefix length in lease outputsarthurdev
2024-02-13dhcpv6-server: T5992: Fix op-mode Kea DHCP lease outputsarthurdev
Due to Kea's lease file cleanup, the CSV file content is inconsistent. This commit makes changes to use the Kea control socket to fetch current lease information.
2024-02-13dhcpv6-server: T5993: Add subnet `interface` node, link subnet to locally ↵sarthurdev
connected interfaces Prior dhcpd behaviour implicitly handled requests for locally connected subnets. Kea requires an explicit link between subnets and an interface.
2024-02-12Merge pull request #2993 from sarthurdev/T5981Christian Breunig
ipsec: T5981: Strip '@' from migrated peer PKI name
2024-02-12init: T2044: fix "binary operator expected" when two or more RPKI caches are ↵Christian Breunig
defined Fix commit 9b8e11e07 ("init: T2044: only start rpki if cache is configured") which showed a disturbing error on tty0 after boot that a "binary operator expected" when checking for RPKI caches when multiple results got returned.
2024-02-12rpki: T6024: add migration scripts from file based keys to PKI subsystemChristian Breunig