Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-09-08 | T5518: Add basic MLD support | Yuxiang Zhu | |
Currently VyOS has `protocol igmp` option to enable IGMP querier and reports through FRR's pimd. I would like to add support for IPv6 as well since FRR's IPv6 multicast functionality has significantly improved. Enabling both MLD and IGMP on a VyOS router will allow us to turn on multicast snooping on layer-3 switches in dual-stack networks. Example commands: ``` // Enable on interface eth0 set protocols pim6 interface eth0 // Explicitly join multicast group ff18::1234 on interface eth1 set protocols pim6 interface eth1 mld join ff18::1234 // Explicitly join source-specific multicast group ff38::5678 with source address 2001:db8::1 on interface eth1 set protocols pim6 interface eth1 mld join ff38::5678 source 2001:db8::1 ``` | |||
2023-08-31 | Merge pull request #2189 from sever-sever/T5531 | Christian Breunig | |
T5531: Containers add label option | |||
2023-08-31 | Merge pull request #2190 from sarthurdev/T4782 | Christian Breunig | |
eapol: T4782: Support multiple CA chains | |||
2023-08-31 | T5531: Containers add label option | Viacheslav Hletenko | |
Ability to set labels for container set container name c1 allow-host-networks set container name c1 image 'busybox' set container name c1 label mypods value 'My label for containers' | |||
2023-08-31 | eapol: T4782: Support multiple CA chains | sarthurdev | |
2023-08-30 | Merge pull request #2186 from nicolas-fort/T5496 | Christian Breunig | |
T5496: firewall: fix op-mode command show firewall | |||
2023-08-29 | T5496: firewall op-mode: add fix for source and destination when not ↵ | Nicolas Fort | |
specified (correct ::/0 for ipv6). Also, add columns for inbound and outbound interfaces | |||
2023-08-29 | T5496: firewall op-mode: add fix for firewall statics. Include groups ↵ | Nicolas Fort | |
correct reference in source/destination column | |||
2023-08-29 | Debian: T5521: remove unused tacacs UNIX group | Christian Breunig | |
2023-08-29 | T5496: firewall op-mode: fix show command for group member and references | Nicolas Fort | |
2023-08-29 | Debian: T5521: use bash over dash for postinstall script | Christian Breunig | |
2023-08-28 | Debian: T5521: use --no-create-home for TACACS users | Christian Breunig | |
2023-08-28 | Debian: T5521: place AAA users in users group (besides aaa group) | Christian Breunig | |
2023-08-28 | Debian: T5521: both RADIUS and TACACS users belong to aaa group, add group first | Christian Breunig | |
2023-08-28 | Merge pull request #2180 from vfreex/fix-call-hangs | Christian Breunig | |
T5519: Fix `vyos.utils.process.call` hangs | |||
2023-08-28 | T5519: Fix `vyos.utils.process.call` hangs | Yuxiang Zhu | |
See https://vyos.dev/T5519 for more information. | |||
2023-08-27 | Merge pull request #2176 from sarthurdev/T5080 | Christian Breunig | |
firewall: T5080: Disable conntrack unless required by rules | |||
2023-08-27 | Merge pull request #2178 from sarthurdev/labels | Christian Breunig | |
github: Labeler needs to run on `pull_request_target` | |||
2023-08-27 | github: Labeler needs to run on `pull_request_target` | sarthurdev | |
Ref: https://github.com/actions/labeler#permissions | |||
2023-08-27 | Merge pull request #2175 from sarthurdev/labels | Christian Breunig | |
github: Set permissions for label workflow | |||
2023-08-27 | github: Set permissions for label workflow | sarthurdev | |
2023-08-27 | Merge pull request #2174 from sarthurdev/T5018_fix | Christian Breunig | |
qos: T5018: Fix dependents only being set for QoS interfaces | |||
2023-08-27 | qos: T5018: Fix dependents only being set for QoS interfaces | sarthurdev | |
2023-08-26 | firewall: T5080: Disable conntrack unless required by rules | sarthurdev | |
2023-08-26 | Merge pull request #2163 from sarthurdev/firewall_rpfilter | Christian Breunig | |
firewall: T3509: Add support for IPv6 reverse path filtering | |||
2023-08-25 | Merge pull request #2172 from nicolas-fort/T5502 | Christian Breunig | |
T5502: firewall: add validator for interface matcher | |||
2023-08-25 | T5502: firewall: add validator for interface matcher, and allow only ↵ | Nicolas Fort | |
interface-name or interface-group | |||
2023-08-25 | Merge pull request #2169 from sarthurdev/current | Christian Breunig | |
github: Add PR labels to easily identify base branches | |||
2023-08-25 | Merge pull request #2171 from sarthurdev/T5463_fix | Christian Breunig | |
container: T5463: Fixes indentation to publish all port nodes | |||
2023-08-25 | firewall: T5160: Remove unused zone template | sarthurdev | |
2023-08-25 | interface: T3509: Add per-interface IPv6 source validation | sarthurdev | |
2023-08-25 | firewall: T3509: Add support for IPv6 return path filtering | sarthurdev | |
2023-08-25 | container: T5463: Fix iteration to publish all port nodes | sarthurdev | |
2023-08-25 | github: Add PR labels to easily identify base branches | sarthurdev | |
2023-08-24 | Merge pull request #2164 from jestabro/save-config | John Estabrook | |
save-config: T4292: rewrite vyatta-save-config.pl to Python | |||
2023-08-24 | Merge pull request #2165 from sever-sever/T5506 | Christian Breunig | |
T5506: Add link-local IPv6 address for container interfaces | |||
2023-08-24 | T5506: Add link-local IPv6 address for container interfaces | Viacheslav Hletenko | |
Fix for add IPv6 link-local address for container interfaces set container network NET01 prefix '10.0.0.0/24' set container network NET01 prefix '2001:db8:2222::/64' % ip -6 addr show scope link dev pod-NET01 17: pod-NET01: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 inet6 fe80::d89c:dfff:fe1a:8689/64 scope link | |||
2023-08-24 | smoketest: T5447: wpa_supplicant is only run if required | Christian Breunig | |
2023-08-24 | system: T5505: fix zebra route-map is not removed from FRR | Christian Breunig | |
Configuring "set system ip protocol ospf|bgp route-map foo" and commit it installs the route-map into FRR. Removing the CLI configuration "delete system ip protocol" does not remove the route-map from FRR - it stays active. This commit adds the fix and appropriate smoketests extenstion. | |||
2023-08-23 | save-config: T4292: rewrite vyatta-save-config.pl to Python | John Estabrook | |
2023-08-23 | Merge pull request #2139 from dmbaturin/T5449-mss-probing | Christian Breunig | |
system-ip: T5449: add TCP MSS probing options | |||
2023-08-23 | Merge pull request #2159 from c-po/t5491-wifi | Christian Breunig | |
wifi: T5491: allow white-/blacklisting station MAC addresses for security | |||
2023-08-23 | Merge pull request #2160 from sever-sever/T5448 | Christian Breunig | |
T5448: Add configuration host-name for zabbix-agent | |||
2023-08-23 | Merge pull request #2162 from nicolas-fort/T5472 | Christian Breunig | |
T5472: nat redirect: allow redirection without defining redirected port | |||
2023-08-23 | Merge pull request #2161 from sever-sever/T5463 | Christian Breunig | |
T5463: Container allow publish listen-addresses | |||
2023-08-23 | bgp: T3759: add l3vpn "import vrf default" completion helper | Christian Breunig | |
2023-08-23 | vrf: T5428: stop DHCP processes on VRf removal | Christian Breunig | |
This is a workaround for the priority inversion from T5492 ("CLI node priority is not inversed on node deletion"). As this is a corner case bug that's only triggered if an interface is removed from a VRF and also the VRF is removed in one commit, priorities are not honored. Thus we implement this workaround which stop the DHCP(v6) client processes on the VRF associated interfaces to get out the DHCP RELEASE message before interfaces are shut down. | |||
2023-08-23 | vrf: T5428: move helpers to common vyos.utils.network module | Christian Breunig | |
Helper functions can and will be re-use din different code places. | |||
2023-08-23 | Merge pull request #2142 from nicolas-fort/T5450 | Christian Breunig | |
T5450: allow inverted matcher for interface and interface-group | |||
2023-08-23 | T5472: nat redirect: allow redirection without defining redirected port | Nicolas Fort | |