Age | Commit message (Collapse) | Author |
|
T6121: Extend service config-sync to new sections
|
|
T6090: policy: fix migration script
|
|
occurs also if only <policy route> is defined.
|
|
Extend `service config-sync` with new sections:
- LeafNodes: pki, policy, vpn, vrf (syncs the whole sections)
- Nodes: interfaces, protocols, service (syncs subsections)
In this cae the Node allows to uses the next level section
i.e subsection
For example any of the subsection of the node `interfaces`:
- set service config-sync section interfaces pseudo-ethernet
- set service config-sync section interfaces virtual-ethernet
Example of the config:
```
set service config-sync mode 'load'
set service config-sync secondary address '192.0.2.1'
set service config-sync secondary key 'xxx'
set service config-sync section firewall
set service config-sync section interfaces pseudo-ethernet
set service config-sync section interfaces virtual-ethernet
set service config-sync section nat
set service config-sync section nat66
set service config-sync section protocols static
set service config-sync section pki
set service config-sync section vrf
```
|
|
xml: T2518: T160: improve NAT66/NPTv6 and NAT64 help string s
|
|
|
|
|
|
xml: T3642: improve PKI CLI help string
|
|
|
|
radvd: T6118: add nat64prefix support RFC8781
|
|
grub: T4548: Fixed GRUB configuration files order
|
|
To iterate files on ext* file systems GRUB reads their inodes one by one,
ignoring names. This breaks our configuration logic that relies on proper
loading order.
This commit adds a helper `sort_inodes()` that needs to be used whenever GRUB
configuration files are created. It recreates files, changing their inodes in a
way where inodes order matches alphabetical order.
|
|
Add support for pref64 option, as defined in RFC8781. The prefix valid lifetime
must not be smaller than the "interface interval max" definition which defaults
to 600.
set service router-advert interface eth1 nat64prefix 64:ff9b::/96
|
|
conntrack: T5080: Fix rule order for applied conntrack modules
|
|
T6114: fix broken migration dhcpv6-server 4-to-5
|
|
|
|
|
|
xml: T6098: relax description constraint to allow non-ascii characters
|
|
A restriction to ascii in the constraint disallowed earlier support for
unicode bytes.
|
|
dhcp-client: T6093: extend regex for client class-id's with DOT
|
|
The regex used is not working if the string contains dots.
Originally authored by: Lucas <pinheirolucas@pm.me>
|
|
xml: T5738: revert invalid change from lower character limit - 0 length must be allowed
|
|
be allowed
This reverts a change from commit a72ededa0 ("xml: T5738: lower maximum
description to 255 characters") which incresaed the lower limit from 0 to 1.
We actually require 0 length value for description nodes as introduced in
commit 6eea12512e ("xml: T1579: allow zero length for description").
|
|
firewall: T6071: truncate rule description field to 255 characters
|
|
|
|
e.g. Linux Kernel only supports 255 and not 256 characters for the ifalias field.
|
|
dhcp: T6102: Fix clear DHCP lease op-mode
|
|
|
|
http-api: T6107: add an option to increase the request body size limit
|
|
|
|
vrrp: T6020: vrrp health-check script not applied correctly
|
|
snmp: T2998: SNMP v3 oid "exclude" option fix
|
|
config: T4919: Add support for encrypted config with TPM
|
|
Re-implements https://github.com/vyos/vyatta-cfg-system/pull/194
|
|
Re-implements https://github.com/vyos/vyatta-cfg/pull/54
|
|
|
|
|
|
* Add `clear dhcpv6-server lease`
* Standardize using vyos.opmode
|
|
remote: T6104: fix logic of failure case in MissingHostKeyPolicy
|
|
|
|
conntrack-sync: T6057: Add ability to disable syslog for conntrackd
|
|
|
|
T6075: firewall and NAT: check if interface-group exists when using them in firewall|nat rules.
|
|
wifi: T6095: incorrect country "uk" it's actually "gb"
|
|
T6096: Config commits are not synced properly because 00vyos-sync is deleted by vyos-router
|
|
T6061: fix rule parsing when connection-status is used
|
|
http-api: T6069: fix allocation outside of thread lock
|
|
T2447: add configurable kernel boot option 'disable-power-saving'
|
|
Lower available CPU C states to a minimum if this option set. This will set
Kernel commandline options "intel_idle.max_cstate=0 processor.max_cstate=1".
|
|
xml: T5738: use generic-disable-node building block for "disable" CLI nodes
|