Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-03-01 | graphql: T5040: use nullable key field to allow schema static generation | John Estabrook | |
Schema had been dynamically generated, based on configuration setting for authentication. Add nullable field 'key' for static generation of schema regardless of key/token use. | |||
2023-03-01 | Merge pull request #1854 from Yuanandcircle/current | Christian Breunig | |
policy: T5035: Add more actions to policy route rule | |||
2023-02-28 | qos: T4284: add general debug output in update() | Christian Breunig | |
2023-02-28 | T4967: xml: provide re-usable constraint for CLI host-name definitions | Christian Breunig | |
2023-02-28 | Merge pull request #1857 from nicolas-fort/nft_queue | Christian Breunig | |
T5037: Firewall: Add queue action and options to firewall | |||
2023-02-28 | Merge pull request #1860 from sever-sever/T4967 | Christian Breunig | |
T4967: Allow setting container hostname | |||
2023-02-28 | T4967: Allow setting container hostname | Viacheslav Hletenko | |
Ability setting container hostname This host name is used as /etc/hostname set container name <tag> host-name 'mybox' | |||
2023-02-28 | T5037: Firewall: Add queue action and options to firewall | Nicolas Fort | |
2023-02-28 | Merge branch 'vyos:current' into current | Youyuan | |
2023-02-28 | Merge pull request #1800 from vfreex/feature-babel | Christian Breunig | |
T4977: Add Babel routing protocol support | |||
2023-02-28 | Merge pull request #1784 from Zen3515/current-add-container-command-arg | Christian Breunig | |
container: T4014: Add `command`, `arg` and `entrypoint` configuration options for containers | |||
2023-02-28 | Merge pull request #1853 from sever-sever/T5033 | Christian Breunig | |
T5033: Ability to generate muliple keys from a file or link | |||
2023-02-28 | Merge pull request #1858 from jestabro/typo-openvpn | Christian Breunig | |
openvpn: T4770: fix tabulate output in _format_openvpn | |||
2023-02-27 | openvpn: T4770: fix tabulate output in _format_openvpn | John Estabrook | |
2023-02-27 | Merge pull request #1856 from jestabro/list-interfaces | Christian Breunig | |
op-mode: T4952: use list_interfaces from vyos-utils | |||
2023-02-27 | op-mode: T4952: use list_interfaces from vyos-utils | John Estabrook | |
2023-02-27 | Merge pull request #1855 from aapostoliuk/T4955-2-sagitta | Christian Breunig | |
openconnect: T4955: Renamed function and changed error messages | |||
2023-02-27 | openconnect: T4955: Renamed function and changed error messages | aapostoliuk | |
Renamed local function to be identical to 1.3 ver Changed error messages after commit to be identical to 1.3 ver | |||
2023-02-27 | Merge pull request #1644 from aapostoliuk/T4790-sagitta | Viacheslav Hletenko | |
T4790: Added check of the sum of radius timeouts | |||
2023-02-27 | T5033: Ability to generate muliple keys from a file or link | Viacheslav Hletenko | |
We generate only one public key (string) from a file xxx.pub op-mode with 'generate public-key-command user vyos lik_to_key_file' Add ability to generate configuration (from op-mode) for multiple keys As github keys don't use identifiers, generate uuid4 id for them | |||
2023-02-26 | graphql: T4979: add user info to token request | John Estabrook | |
2023-02-26 | T4997: add dhcp client user hooks | bri | |
This commit adds a script to run user-defined hook scripts upon renewing a DHCP lease. This can be used to, for example, dynamically define a firewall address-group based on the dynamic IP address of an interface. For an example of its use (as well as the use case I had in mind while coding this), see https://vyos.dev/T2196#142394 Co-authored-by: br <git@ibeep.com> | |||
2023-02-26 | policy: T5035: Add more actions to policy route rule | Youyuan | |
2023-02-26 | smoketest: tunnel: T5034: adjust to new multicast CLI syntax | Christian Breunig | |
Commit 54c36e43 (tunnel: T5034: migrate "multicast enable" CLI node to enable-multicast) changed the syntax on the CLI. This commits changes the testcase to make use of the new syntax. | |||
2023-02-25 | tunnel: T5034: migrate "multicast enable" CLI node to enable-multicast | Christian Breunig | |
Tunnel interface multicast settings can be "enabled or disabled". As we prefer valueless nodes, and the linux kernel default is "disabled" we should add a set interfaces tunnel tunXX enable-multicast command | |||
2023-02-25 | python: T5026: Replace deprecated Python modules crypt, spwd | sarthurdev | |
DeprecationWarning: 'crypt' is deprecated and slated for removal in Python 3.13 DeprecationWarning: 'spwd' is deprecated and slated for removal in Python 3.13 | |||
2023-02-24 | login: T1948: drop absolut path to /usr/libexec/vyos, re-use vyos.defaults | Christian Breunig | |
2023-02-24 | Merge pull request #1851 from zdc/T4943-sagitta | Christian Breunig | |
login: T4943: Fixed 2FA + RADIUS compatibility | |||
2023-02-24 | login: T4943: Fixed 2FA + RADIUS compatibility | zsdc | |
MFA requires KbdInteractiveAuthentication to ask a second factor, and the RADIUS module for PAM does not like it, which makes them incompatible. This commit: * disables KbdInteractiveAuthentication * changes order for PAM modules - make it first, before `pam_unix` or `pam_radius_auth` * enables the `forward_pass` option for `pam_google_authenticator` to accept both password and MFA in a single input As a result, local, RADIUS, and MFA work together. Important change: MFA should be entered together with a password. Before: ``` vyos login: <USERNAME> Password: <PASSWORD> Verification code: <MFA> ``` Now: ``` vyos login: <USERNAME> Password & verification code: <PASSWORD><MFA> ``` | |||
2023-02-24 | Merge pull request #1848 from sever-sever/T5029 | Christian Breunig | |
T5029: Change nginx default root directory | |||
2023-02-24 | Merge pull request #1850 from jestabro/T5030 | Christian Breunig | |
http-api: T5030: fix missing check on delete keys id tag or key value | |||
2023-02-24 | Merge pull request #1849 from sever-sever/T5029-regex | Christian Breunig | |
T5029: Fix Regex for nginx to find a better match | |||
2023-02-24 | T5029: Change nginx default root directory | Viacheslav Hletenko | |
2023-02-24 | T5029: Fix Regex for nginx to find a better match | Viacheslav Hletenko | |
2023-02-24 | http-api: T5030: fix missing check on delete keys id tag or key value | John Estabrook | |
2023-02-24 | Merge pull request #1847 from aapostoliuk/T4985-2-sagitta | Christian Breunig | |
ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library | |||
2023-02-24 | ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library | aapostoliuk | |
1. Changed reset IPSEC, IKE SAs to use vici library. 2. Created package vyos.ipsec to communicate with vici library. | |||
2023-02-23 | Merge pull request #1842 from sever-sever/T5027 | Christian Breunig | |
T5027: Enable legacy provider to support current ciphers | |||
2023-02-23 | Merge pull request #1829 from sever-sever/T5013 | Daniil Baturin | |
T5013: Extend accelppp op-mode script to get statistic | |||
2023-02-23 | Merge pull request #1845 from sever-sever/T5017 | Daniil Baturin | |
T5017: Add interface ifbX to constraint interface-name | |||
2023-02-23 | T5017: Add interface ifbX to constraint interface-name | Viacheslav Hletenko | |
2023-02-23 | Update README.md | Yuriy Andamasov | |
2023-02-23 | Update sonar-project.properties | Yuriy Andamasov | |
2023-02-23 | T5027: Enable legacy provider to support current ciphers | Viacheslav Hletenko | |
* We will need to remove insecure ciphers as a long-term solution (BF-CBC, DES...) | |||
2023-02-23 | Update sonar-project.properties | Yuriy Andamasov | |
2023-02-23 | Update sonar-project.properties | Yuriy Andamasov | |
2023-02-23 | Create build.yml | Yuriy Andamasov | |
2023-02-22 | Merge pull request #1841 from sever-sever/T5025 | Christian Breunig | |
T5025: Fix timezones and validator use timedatectl | |||
2023-02-22 | T5025: Fix timezones and validator use timedatectl | Viacheslav Hletenko | |
Fix timezones completion help and validotor Use 'timedatectl' insted of find zoneinfo | |||
2023-02-22 | Merge pull request #1840 from sarthurdev/T5023 | Christian Breunig | |
openconnect: T5023: Conf script missing optional config parameter |