Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-09-13 | firewall: T2199: Move initial firewall tables to data | sarthurdev | |
2022-09-13 | firewall: T2199: Refactor firewall + zone-policy, move interfaces under ↵ | sarthurdev | |
firewall node * Refactor firewall and zone-policy rule creation and cleanup * Migrate interface firewall values to `firewall interfaces <name> <direction> name/ipv6-name <name>` * Remove `firewall-interface.py` conf script | |||
2022-09-08 | Merge pull request #1525 from nicolas-fort/T1024 | Christian Poessinger | |
T1024: Firewall and Policy route: add option to match dscp value | |||
2022-09-07 | T1024: Firewall and Policy route: add option to match dscp value, both on ↵ | Nicolas Fort | |
firewall and in policy route | |||
2022-09-07 | Merge pull request #1522 from nicolas-fort/T4670 | zdc | |
T4670: policy route: extend matching criteria for policy route and route6 | |||
2022-09-07 | GitHub: assign discrete reviewers - GitHub team did not work properly | Christian Poessinger | |
2022-09-07 | Merge pull request #1523 from bmhughes/fix-radius-disable | Christian Poessinger | |
radius: T4672: Fix RADIUS server disable template logic | |||
2022-09-06 | graphql: T4674: print included op-mode error message, if it exists | John Estabrook | |
2022-09-06 | Merge pull request #1524 from jestabro/bridge-op-mode | John Estabrook | |
bridge: T4673: raise UnconfiguredSubsystem on non-existent bridge intf | |||
2022-09-06 | bridge: T4673: raise UnconfiguredSubsystem on non-existent bridge intf | John Estabrook | |
2022-09-06 | radius: T4672: Fix RADIUS server disable template logic | Benjamin M. Hughes | |
2022-09-06 | T4670: policy route: extend matching criteria for policy route and route6. ↵ | Nicolas Fort | |
Matching criteria added: ttl/hoplimit and packet-length | |||
2022-09-04 | GitHub: change all reviewers to the @vyos/maintainers team | Christian Poessinger | |
2022-09-03 | Merge branch 'firewall' into current | Christian Poessinger | |
* firewall: firewall: T4651: re-implement packet-length CLI option to use <multi/> firewall: T3568: improve default-action help string firewall: T3568: add XML include block for eq,gt,lt options smoketest: firewall: add re-usable variables when running testcases Firewall: T4651: Change proposed cli from ip-length to packet-length Firewall: T4651: Add options to match packet size on firewall rules. | |||
2022-09-03 | firewall: T4651: re-implement packet-length CLI option to use <multi/> | Christian Poessinger | |
2022-09-03 | firewall: T3568: improve default-action help string | Christian Poessinger | |
2022-09-03 | firewall: T3568: add XML include block for eq,gt,lt options | Christian Poessinger | |
2022-09-03 | smoketest: firewall: add re-usable variables when running testcases | Christian Poessinger | |
2022-09-03 | Merge pull request #1517 from initramfs/current-fix-bond-members | Christian Poessinger | |
bonding: T4668: Fix bond members not adding/interface state incorrect | |||
2022-09-02 | bonding: T4668: fix live bonding member add or remove | initramfs | |
Fixes several bugs around bonding member interface states not matching the committed configuration, including: - Disabled removed interfaces coming back up - Newly added disabled interfaces not staying down - Newly added interfaces not showing up in the bond | |||
2022-09-02 | bonding: T4668: refactor configuration mode interface bonding script | initramfs | |
Refactor interfaces-bonding.py to simplify existing code and to remove potentially bugprone sections in preparation for member add/remove fixes for T4668. | |||
2022-09-02 | Merge branch 'T4651' of https://github.com/nicolas-fort/vyos-1x into firewall | Christian Poessinger | |
* 'T4651' of https://github.com/nicolas-fort/vyos-1x: Firewall: T4651: Change proposed cli from ip-length to packet-length Firewall: T4651: Add options to match packet size on firewall rules. | |||
2022-09-01 | Firewall: T4651: Change proposed cli from ip-length to packet-length | Nicolas Fort | |
2022-09-01 | Merge pull request #1466 from sever-sever/T538 | Christian Poessinger | |
nat: T538: Add static NAT one-to-one | |||
2022-09-01 | Merge pull request #1512 from sever-sever/T4655 | Christian Poessinger | |
policy-route: T4655: Remove default_action from template | |||
2022-09-01 | Merge pull request #1513 from roedie/T4665 | Christian Poessinger | |
T4665: Keepalived: Allow same VRID on interface | |||
2022-09-01 | Merge pull request #1514 from sever-sever/T4663 | Daniil Baturin | |
macvlan: T4663: Fix update mode for pethX interface | |||
2022-09-01 | macvlan: T4663: Fix update mode for pethX interface | Viacheslav Hletenko | |
Fix the issue when configured pseudo-ethernet interface cannot change self mode | |||
2022-09-01 | policy-route: T4655: Remove default_action from template | Viacheslav Hletenko | |
Remove `default_action` from template "nftables-policy" as XML policy route does not use it Set default action 'accept' for policy route, as default action 'drop' must be used only for firewall and not related to the policy route | |||
2022-09-01 | T4665: Keepalived: Allow same VRID on interface | Sander Klein | |
Using the same VRID on an interface is allowed as long as the address family is different (VRRPv2 vs VRRPv3) | |||
2022-08-31 | nat: T538: Move nat configs to /run directory | Viacheslav Hletenko | |
2022-08-30 | firewall: T4655: implement XML defaultValue for name and ipv6-name | Christian Poessinger | |
This extends the implementation of commit 0cc7e0a49094 ("firewall: T4655: Fix default action 'drop' for the firewall") in a way that we can now also use the XML <defaultValue> node under "firewall name" and "firewall ipv6-name". This is a much cleaner approach which also adds the default value automatically to the CLIs completion helper ("?"). | |||
2022-08-30 | dns: op-mode: T2488: drop invalid "monitor dns forwarding" command | Christian Poessinger | |
The CLI command was a duplicate of the "show dns forwarding" command and did not follow or re-trigger the commadn to watch it. It produced 1:1 the same output as "show dns forwarding". | |||
2022-08-30 | firewall: T3568: cleanup XML help node - remove information passed via valueHelp | Christian Poessinger | |
2022-08-30 | firewall: T3568: rename XML building blocks to match CLI node name | Christian Poessinger | |
2022-08-30 | Merge pull request #1509 from zdc/T4657-sagitta | Daniil Baturin | |
opmode: T4657: fixed opmode with return type hints | |||
2022-08-30 | Merge pull request #1506 from sever-sever/T4655 | Christian Poessinger | |
firewall: T4655: Fix default action 'drop' for the firewall | |||
2022-08-30 | Merge pull request #1505 from sever-sever/T4367 | Christian Poessinger | |
nat: T4367: Move nat rules from /tmp to /run/nftables_nat.conf | |||
2022-08-30 | Merge pull request #1508 from zdc/T4646-sagitta | Christian Poessinger | |
console: T4646: Fixed USB console issues | |||
2022-08-30 | opmode: T4657: fixed opmode with return type hints | zsdc | |
This commit excludes `return` from `typing.get_type_hints()` output, which allows generate argparse arguments for function properly. | |||
2022-08-30 | console: T4646: Fixed USB console issues | zsdc | |
* fixed the `systemctl restart` command that used a value from config instead converted to `ttyUSBX` * moved systemd units from `/etc/` to `/run/` | |||
2022-08-29 | ethernet: T4653: bugfix copy-paste when processing NIC offloading | Christian Poessinger | |
Commit 31169fa8a763e ("vyos.ifconfig: T3619: only set offloading options if supported by NIC") added the new implementation which handles NIC offloading. Unfortunately every single implementation was copied from "gro" which resulted in a change to gro for each offloading option - thus options like lro, sg, tso had no effect at all. It all comes down to copy/paste errors ... one way or another. | |||
2022-08-29 | firewall: T4655: Fix default action 'drop' for the firewall | Viacheslav Hletenko | |
For some reason after firewall rewriting we are having default action 'accept' for 1.4 and default action 'drop' for 1.3 Fix this issue, set default action 'drop' | |||
2022-08-29 | nat: T4367: Move nat rules from /tmp to /run/nftables_nat.conf | Viacheslav Hletenko | |
Move nftables nat configuration from /tmp to /run As we have for other services like firewall, conntrack Don't remove the config file '/run/nftables_nat.conf' after commit | |||
2022-08-29 | Merge pull request #1503 from sever-sever/T4654 | Christian Poessinger | |
rpki: T4654: Fix RPKI cache description | |||
2022-08-29 | rpki: T4654: Fix RPKI cache description | Viacheslav Hletenko | |
Fix wrong descriptions for the RPKI server It was mentioned about the NTP server | |||
2022-08-29 | smoketest: config: drop almost empty https service test | Christian Poessinger | |
2022-08-28 | smoketest: T4652: upgrade PowerDNS recursor to 4.7 series | Christian Poessinger | |
2022-08-28 | smoketest: T4643: bind sstp service to port 8443 | Christian Poessinger | |
2022-08-27 | Firewall: T4651: Add options to match packet size on firewall rules. | Nicolas Fort | |