summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2019-09-20ethernet: T1637: initial rewrite in XML/Python styleChristian Poessinger
2019-09-20Python/ifconfig: T1557: rename EthernetIf -> VLANIfChristian Poessinger
An Ethernet Interface will provide additional functionality (link speed/duplex) which is not available for a Bond Interface, but both share the same VLAN capabilities.
2019-09-20Merge pull request #133 from vindenesen/openvpn-minimum-tls-versionDaniil Baturin
[OpenVPN] T1675: Added setting for minimum tls version
2019-09-20OpenVPN - changed tls-minimum-version to tls-version-minvindenesen
2019-09-19T1638: generated hosts file fix for proper FQDN resolutionkroy
2019-09-19Merge pull request #131 from vindenesen/T1670hagbard-01
[OpenVPN] T1670: Added setting for tls-auth. Added check for if tls_cert and tls_key w…
2019-09-19bonding: T1614: allow adding disabled interfaces to bondChristian Poessinger
An interface can only be added in disabled state to a bond (ensured via ifconfig.py). Also interfaces can be disabled during runtime in a bond which is supported by the Linux Kernel - so why should be add a restriction here? makes no sense.
2019-09-19[wireguard] - T1672: Wireguard keys not automatically movedhagbard
- due to the named keys feature keys reside in named directories - adding a check if the variable VYOS_TAGNODE_VALUE has content
2019-09-19OpenVPN - Added setting for minimum tls versionvindenesen
2019-09-19Added setting for tls-auth. Added check for if tls_cert and tls_key was defined.vindenesen
2019-09-19[boot-config-loader] T1622: (bugfix) set gid and write permissionsJohn Estabrook
Set gid and permissions so that vyatta-cfg group has access to the active config; fix typo in arg len check; reorganize; add log output.
2019-09-16[IPoE] - T1664: Ipoe with bond per vlan don't workhagbard
2019-09-15Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: bonding: T1614: do not overwrite interface description with interface name [openvpn] T1661 Adding additional check for tls_dh if it not need for ovpn client [openvpn] T1662 Defined default remote port if it not set in cli [openvpn] T1661 Fixing returned value on check function bonding: T1614: use proper (previously missing) miimon property Python/ifconfig: T1557: bonding: add miimon property Python/ifconfig: T1557: bonding: fix class name in comments bonding: T1660: bugfix for triggered OS permission denied exception Revert "[bonding] T1660 Adding additional check. Some bonding mode don't support arp_interval" [bonding] T1660 Adding additional check. Some bonding mode don't support arp_interval [l2tp] T834 Implementation advanced ppp-options/lcp. openvpn: T1548: fix missing sys import [l2tp] T834 fix cli reset commands for l2tp and pptp. Adding l2tp%d tunnel naming.
2019-09-15bonding: T1614: do not overwrite interface description with interface nameChristian Poessinger
2019-09-14[openvpn] T1661 Adding additional check for tls_dh if it not need for ovpn ↵DmitriyEshenko
client
2019-09-14[openvpn] T1662 Defined default remote port if it not set in cliDmitriyEshenko
2019-09-14[openvpn] T1661 Fixing returned value on check functionDmitriyEshenko
2019-09-13bonding: T1614: use proper (previously missing) miimon propertyChristian Poessinger
2019-09-13bonding: T1660: bugfix for triggered OS permission denied exceptionChristian Poessinger
Some bond modes do not support arp monitor interval and thus internally eset it to 0 which means disabled. If you then write to the sysfs file in question an OS exception (permission denied) is triggered. arp_mon_intvl is initialized as 0 which means disabled so we only write it when it is really requested by the user. There is a validator ensuring that it can only be set in the bond modes which support it.
2019-09-13Revert "[bonding] T1660 Adding additional check. Some bonding mode don't ↵hagbard
support arp_interval" This reverts commit fb1689e20ab9967a4c1e24279f5d4d736b256e83.
2019-09-13[bonding] T1660 Adding additional check. Some bonding mode don't support ↵Eshenko Dmitriy
arp_interval
2019-09-12Merge pull request #127 from DmitriyEshenko/l2tp-op_modehagbard-01
[l2tp] T834 Implementation advanced ppp-options/lcp.
2019-09-12[l2tp] T834 Implementation advanced ppp-options/lcp.DmitriyEshenko
2019-09-12openvpn: T1548: fix missing sys importChristian Poessinger
2019-09-12[l2tp] T834 fix cli reset commands for l2tp and pptp. Adding l2tp%d tunnel ↵DmitriyEshenko
naming.
2019-09-11Merge branch 'current' into equuleusDaniil Baturin
2019-09-11T1598: annotate the vyos-hostsd unit file.Daniil Baturin
2019-09-10[syslog] - T1597: 'del system system' stops now rsysloghagbard
2019-09-10[wireguard]: T1650 - cli option to delete default wg keyhagbard
2019-09-10[wireguard]: T1572 - Wireguard keyPair per interfacehagbard
- param key location added in op-mode script - param delkey and listkey implemented in op-mode script - param delkey implemented in op-mode script - generate and store named keys - interface implementation tu use cli option 'private-key'
2019-09-09[wireguard] - T1639: wireguard pubkey change errorhagbard
- removed sudo as is already runs as root - set privte key as variable in preparation to support multiple pk's
2019-09-07bonding: T1614: bugfix in validate - enslave failedChristian Poessinger
Forgot to exclude our current bond interface in the search for duplicate interface enslavement.
2019-09-07bridge: bonding: minor comment cleanupChristian Poessinger
2019-09-06[wireguard] - T1639: wireguard pubkey change errorhagbard
- sudo added to wg call - debug print removed when pubkey changes
2019-09-06openvpn: T1548: always restart OpenVPNChristian Poessinger
Previous implementations sent a SIGUSR1 to OpenVPN to initialte a restart after the configuration changed - as this was the same as the client keepalive mechanism did. Unfortunately on SIGUSR1 OpenVPN does not re-read the configuration file. Thus changed options were never taken into account.
2019-09-06openvpn: T1548: cleanup import statementsChristian Poessinger
2019-09-06openvpn: T1630: support adding routes as unpriviledged userChristian Poessinger
2019-09-06vxlan: T1636: initial rewrite with XML and PythonChristian Poessinger
Tested using: Site 1 (VyOS 1.2.2) ------------------- set interfaces vxlan vxlan100 address '10.10.10.2/24' set interfaces vxlan vxlan100 remote '172.18.201.10' set interfaces vxlan vxlan100 vni '100' Site 2 (rewrite) ---------------- set interfaces vxlan vxlan100 address '10.10.10.1/24' set interfaces vxlan vxlan100 description 'VyOS VXLAN' set interfaces vxlan vxlan100 remote '172.18.202.10' set interfaces vxlan vxlan100 vni '100'
2019-09-06dummy: loopback: T1580: T1601: synchronize commentsChristian Poessinger
2019-09-06bonding: T1614: members are not allowed to be underlaying vxlan devicesChristian Poessinger
2019-09-06bonding: T1614: reword verify() error messagesChristian Poessinger
2019-09-06bonding: T1614: enslaved interfaces can be added to only one bond at a timeChristian Poessinger
2019-09-06Python/ifconfig: T1557: {add,del}_addr() now supports dhcp/dhcpv6Christian Poessinger
Instead of manually starting DHCP/DHCPv6 for every interface and have an identical if/elif/else statement checking for dhcp/dhcpv6 rather move this repeating stement into add_addr()/del_addr(). Single source is always preferred.
2019-09-04[wireguard] - T1628: renaming member functions, removing wg_ prefixhagbard
2019-09-04Python/configdict: add function vlan_to_dictChristian Poessinger
A generic function which can parse the VLAN (vif, vif-s, cif-c) nodes in a config session. A dictionary describing the VLAN is returned. A good example will be the interface-bonding.py script used to generate bond interfaces in the system. It is used as follows: if conf.exists('vif'): for vif in conf.list_nodes('vif'): # set config level to vif interface conf.set_level(cfg_base + ' vif ' + vif) bond['vif'].append(vlan_to_dict(conf))
2019-09-04Python/configdict: add list_diff function to compare two listsChristian Poessinger
A list containing only unique elements not part of the other list is returned. This is usefull to check e.g. which IP addresses need to be removed from the OS.
2019-09-04[wireguard] - T1628: Adopt WireGuard configuration script to new ↵hagbard
vyos.ifconfig class
2019-09-04openvpn: T1617: T1632: support quotes in openvpn-optionChristian Poessinger
The following CLI command can be used to add a raw option to OpenVPN which requires quotes: > set interfaces openvpn vtun10 openvpn-option 'push "keepalive 1 10"' The resulting config file will then have the following set: > push "keepalive 1 10"
2019-09-04[service https] T1443: rename "server-names" option to "server-name".Daniil Baturin
2019-09-04[service https] T1443: correct the listen-address option in the script.Daniil Baturin
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-21 16:19:52 +0000