Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-10-14 | Merge pull request #1597 from jestabro/http-api-config-dict | John Estabrook | |
http-api: T4749: transition to config_dict for conf_mode http-api.py | |||
2022-10-14 | Merge pull request #1598 from sever-sever/T4533 | Christian Poessinger | |
T4533: Allow basic permissions to unprivileged RADIUS users | |||
2022-10-14 | login: 2fa: T874: remove unused code path for global 1fa settings | Christian Poessinger | |
2022-10-14 | login: 2fa: T874: fix Google authenticator issues | Christian Poessinger | |
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos' | |||
2022-10-14 | T4533: Allow basic permissions to unprivileged RADIUS users | Viacheslav Hletenko | |
Unprivileged RADIUS users cannot do simple diagnostics like ping or traceroute. Allow them such tools. Ability to execute op-mode commands for them. It is not new 'operator mode' feature but it allows RADIUS users execute op-mode commands | |||
2022-10-14 | http-api: T4749: transition to config_dict | John Estabrook | |
2022-10-14 | Merge pull request #1595 from Cheeze-It/current | Christian Poessinger | |
isis, ospf: T4739: ISIS and OSPF segment routing being refactored | |||
2022-10-14 | Merge pull request #1596 from sever-sever/T4725 | Christian Poessinger | |
T4725: Fix Regex for correctly reset IPsec peers | |||
2022-10-14 | T4725: Fix Regex for correctly reset IPsec peers | Viacheslav Hletenko | |
As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken) | |||
2022-10-13 | T4739: OSPF segment routing being refactored | Cheeze_It | |
2022-10-13 | T4739: ISIS segment routing being refactored | Cheeze_It | |
2022-10-13 | Merge pull request #1592 from sever-sever/T4746 | Christian Poessinger | |
monitoring: T4746: Add exception if we do not have firewall rules | |||
2022-10-13 | monitoring: T4746: Add exception if we do not have firewall rules | Viacheslav Hletenko | |
Telegraf checks the firewall table 'vyos_filter' but it we don't have any firewall in the system we don't have this table by default It cause commit error for "service monitoring" Add exception if the table "vyos_filter" is not found | |||
2022-10-13 | Merge pull request #1591 from sever-sever/T4312 | Christian Poessinger | |
monitoring: T4312: Ability to set IP address in the URL | |||
2022-10-13 | monitoring: T4312: Ability to set IP address in the URL | Viacheslav Hletenko | |
Use common "url.xml" which allow URL as domain name or IP entrie | |||
2022-10-12 | Merge pull request #1585 from goodNETnick/ssh_login_bugfix | John Estabrook | |
system login: T874: add 2FA support for local and ssh authentication.… | |||
2022-10-12 | Merge pull request #1586 from sever-sever/T4744 | Christian Poessinger | |
bgp: T4744: Directly connected neighbors and ebgp-multihop check | |||
2022-10-12 | bgp: T4744: Directly connected neighbors and ebgp-multihop check | Viacheslav Hletenko | |
BGP directly connected neighbors (interface neighbors) do not compatible with ebgp-multihop option | |||
2022-10-12 | system login: T874: add 2FA support for local and ssh authentication. Bugfix | goodNETnick | |
2022-10-12 | ospf: T4707: fix segment-routing Jinja2 template for explicit-null and ↵ | Christian Poessinger | |
no-php-flag The nested if statement was not properly evaluated during smoketests making them fail. There is no need to nest the if's - as a simple string can be appended by {{ 'foo' if bar is vyos_defined }} | |||
2022-10-12 | Merge pull request #1555 from goodNETnick/ssh_otp | Christian Poessinger | |
system login: T874: add 2FA support for local and ssh authentication | |||
2022-10-11 | system login: T874: add 2FA support for local and ssh authentication | goodNETnick | |
2022-10-11 | Merge pull request #1584 from sever-sever/T4747 | Christian Poessinger | |
monitoring: T4747: Fix template check influxdb config | |||
2022-10-11 | monitoring: T4747: Fix template check influxdb config | Viacheslav Hletenko | |
Due to monitoring telegraf was rewritten - fix template for inputs.exec plugin We do not use 'influxdb_configured' in the dictionary anymore and use just 'influxdb' | |||
2022-10-11 | xml: ospf: isis: T4739: merge include files for MPLS segment-routing | Christian Poessinger | |
2022-10-11 | Merge pull request #1574 from Cheeze-It/current | Christian Poessinger | |
isis: T4739: ISIS segment routing being refactored | |||
2022-10-11 | Merge pull request #1547 from initramfs/current-limiter-actions | Christian Poessinger | |
qos: T4688: add xml template for limiter actions | |||
2022-10-11 | Merge pull request #1580 from aapostoliuk/T4492-sagitta | Christian Poessinger | |
bgp: T4492: Fixed output list in "show bgp vrf VRF neighbors" | |||
2022-10-11 | Merge pull request #1581 from sever-sever/T4740 | Christian Poessinger | |
conntrack: T4740: Set correct error msg if enrties not found | |||
2022-10-11 | isis: T4739: ISIS segment routing being refactored | Cheeze_It | |
This is to refactor ISIS segment routing to match up with OSPF segment routing. | |||
2022-10-11 | conntrack: T4740: Set correct error msg if enrties not found | Viacheslav Hletenko | |
Set correct error message if conntrack entries not found If we get XML raw data with len 0 it means there are no entries in the conntrack table | |||
2022-10-11 | smoketest: ospf: skip segment-routing test as of FRR issue | Christian Poessinger | |
See https://github.com/FRRouting/frr/issues/12007 | |||
2022-10-11 | Merge pull request #1578 from sarthurdev/build_test | Christian Poessinger | |
build: T3664: Add missing divert for /usr/share/pam-configs/radius | |||
2022-10-10 | build: T3664: Add missing divert for /usr/share/pam-configs/radius | sarthurdev | |
2022-10-10 | Merge pull request #1577 from sarthurdev/T4741 | Christian Poessinger | |
firewall: policy: T4741: T4742: Verify zone `from` is defined, autocomplete policy route tables | |||
2022-10-10 | Merge pull request #1563 from sever-sever/T4716 | Christian Poessinger | |
ssh: T4716: Ability to configure RekeyLimit data and time | |||
2022-10-10 | Merge pull request #1576 from sever-sever/T4730 | Christian Poessinger | |
conntrack-sync: T4730: Fix listen-address jinja2 template | |||
2022-10-10 | policy: T4742: Add policy route table auto-complete | sarthurdev | |
2022-10-10 | firewall: T4741: Verify zone `from` is defined before use | sarthurdev | |
2022-10-10 | conntrack-sync: T4730: Fix listen-address jinja2 template | Viacheslav Hletenko | |
Listen address has option 'multi' As resulte we have incorrect template value for listen address - conntrack-sync listen-address '192.0.2.11' in template It looks like "IPv4_address ['192.0.2.11']" in the conntrackd.conf but the correct string expected without brackets Fix it | |||
2022-10-10 | ssh: T4716: Ablity to configure RekeyLimit data and time | Viacheslav Hletenko | |
Ability to configure SSH RekeyLimit data (in Megabytes) and time (in Minutes) set service ssh rekey data 1024 set service ssh rekey time 60 | |||
2022-10-10 | bgp: T4492: Fixed output list in "show bgp vrf VRF neighbors" | aapostoliuk | |
Fixed output list of neighbors in help for "show bgp vrf VRF neighbors" | |||
2022-10-10 | Merge pull request #1575 from sarthurdev/firewall_state_log | Christian Poessinger | |
firewall: T3907: Fix firewall state-policy logging | |||
2022-10-09 | firewall: T3907: Fix firewall state-policy logging | sarthurdev | |
When log-level was introduced node `state-policy x log` was removed without migrator. This commit adds it back and improves log handling. | |||
2022-10-09 | Merge pull request #1573 from jestabro/gql-simplify | John Estabrook | |
T4738: generate schema definitions for configsession functions and use single directive/resolver | |||
2022-10-07 | graphql: T4738: remove templated requests pending rewrite | John Estabrook | |
2022-10-07 | graphql: T4738: generate schema defs for configsession methods | John Estabrook | |
2022-10-07 | graphql: T4736: fix import error to correct JSON output | John Estabrook | |
2022-10-07 | smoketest: ospf: remove old debug code no longer used/required | Christian Poessinger | |
2022-10-07 | ospf: T4707: enable segment-routing on last in FRR configuration | Christian Poessinger | |