Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-06-08 | arp: T4397: bugfix on address iteration - ARP is IPv4 only | Christian Poessinger | |
2022-06-08 | Merge pull request #1340 from sever-sever/T3083 | Christian Poessinger | |
event-handler: T3083: Add simple event-handler | |||
2022-06-08 | event-handler: Change tagNode event-handler to node | Viacheslav Hletenko | |
Before: set service event-handler Foo After: set service event-handler event Foo | |||
2022-06-07 | event-handler: T3083: Extended event-handler features | zsdc | |
* Added the ability to filter by a syslog identifier * Added the ability to pass arguments to a script * Added the ability to pass preconfigured environment variables to a script * A message that triggered a script is now passed in the `message` variable and can be used in a script * Replaced `call()` to `run()`, since stdout are not need to be printed | |||
2022-06-07 | firewall: T970: domain-group should not starts with numeric | Viacheslav Hletenko | |
Edit regex to check firewall-group | |||
2022-06-07 | event-handler: T3083: Add arguments and environment options XML | Viacheslav Hletenko | |
2022-06-07 | event-handler: T3083: Move system to service event-handler | Viacheslav Hletenko | |
Move 'system event-handler' to 'service event-handler' | |||
2022-06-07 | event-handler: T3083: Optimized event-handler | Viacheslav Hletenko | |
2022-06-06 | event-handler: T3083: Optimized event-handler | zsdc | |
* Removed dynamic generating for systemd unit * Optimized configuration file deleting process * Added exceptions handlers to event-handler script to protect service from most obvious potential troubles * Improved logging * Moved pattern compilation outside a messages loop to avoid extra operations * Added signal handlers for proper systemd integration | |||
2022-06-06 | event-handler: T3083: Add simple event-handler | Viacheslav Hletenko | |
Event-handler allows executing a custom script when in logs it detects configured "pattern" A simple implemenation set system event-handler first pattern '.*ssh2.*' set system event-handler first script '/config/scripts/hello.sh' | |||
2022-06-06 | Merge pull request #1347 from dmbaturin/T4446 | Viacheslav Hletenko | |
T4446: use a unified neighbor display script | |||
2022-06-06 | T4446: use format strings instead of old-fasionhed format method | Daniil Baturin | |
2022-06-05 | Merge pull request #1350 from nicolas-fort/T4387-WLB-smoketest | Christian Poessinger | |
T4387: add more firewall checks for WLB smoketests. | |||
2022-06-05 | T4387: add more firewall checks for WLB smoketests. | Nicolas Fort | |
2022-06-05 | Merge pull request #1346 from sever-sever/T4387-curr | Viacheslav Hletenko | |
smoketest: T4387: Add test for load-balancing wan | |||
2022-06-05 | Merge pull request #2 from sarthurdev/T970 | Viacheslav Hletenko | |
firewall: T970: Maintain a domain state to fallback if resolution fails | |||
2022-06-05 | firewall: T970: Maintain a domain state to fallback if resolution fails | sarthurdev | |
2022-06-04 | Merge pull request #1348 from nicolas-fort/T3976-T4449-nexthop | Christian Poessinger | |
Policy: T3976-T4449-nexthop: add - match ipv6 nexthop type - | |||
2022-06-04 | Policy: T3976-T4449-nexthop: add - match ipv6 nexthop type - as available ↵ | Nicolas Fort | |
for ipv4 | |||
2022-06-02 | T4446: use a unified neighbor display script | Daniil Baturin | |
2022-06-02 | smoketest: T4387: Add test for load-balancing wan | Viacheslav Hletenko | |
Create 2 network namespaces which allow us to emulate 2 ISP with different static addresses Check routing table 201 for the first ISP and table 202 for the second ISP. Each table must contain default route (cherry picked from commit 6b75cbb0575ca95806e969f5d7f219c0cbeea334) | |||
2022-06-02 | Merge pull request #1345 from sever-sever/T4222 | Christian Poessinger | |
sla: T4222: Add OWAMP and TWAMP for service sla | |||
2022-06-02 | sla: T4222: Add OWAMP and TWAMP for service sla | Viacheslav Hletenko | |
OWAMP is a command line client application and a policy daemon used to determine one way latencies between hosts. OWAMP session control uses traditional client-server communication between a control-client and a server, TWAMP (two-way active measurement protocol) Add configuration and operation modes set service sla owamp-server set service sla twamp-server run force owping 192.0.2.120 run force twping 192.0.2.190 | |||
2022-05-31 | Merge pull request #1344 from sarthurdev/pki_update | Christian Poessinger | |
pki: T3642: Update conf scripts using changed PKI objects | |||
2022-05-31 | pki: T3642: Update conf scripts using changed PKI objects | sarthurdev | |
2022-05-31 | smoketest: policy: T3976: add migratable config snippet | Christian Poessinger | |
2022-05-31 | policy: T3976: fix SyntaxError: invalid non-printable character | Christian Poessinger | |
2022-05-31 | policy: T3976: bump version 2 -> 3 | Christian Poessinger | |
2022-05-31 | IPv6: T3976: add prefix-list and access-list option from ipv6 route-map | fett0 | |
2022-05-31 | Merge pull request #1343 from sarthurdev/pki_import | Christian Poessinger | |
pki: T3642: Add ability to import files into PKi configuration | |||
2022-05-31 | pki: T3642: Enable `generate pki openvpn ...` to install into config | sarthurdev | |
2022-05-30 | pki: T3642: Add ability to import files into PKi configuration | sarthurdev | |
2022-05-30 | eigrp: T2773: bugfix Makefile - temporary code removal | Christian Poessinger | |
2022-05-30 | Merge pull request #1342 from nicolas-fort/T4450 | Christian Poessinger | |
Policy: T4450: Expand options for ip|ipv6 address match. | |||
2022-05-29 | Policy: T4450: Expand options for ip|ipv6 address match. Now support ↵ | Nicolas Fort | |
prefix-len on both matches. Also change help properties of route-source node. | |||
2022-05-29 | xml: reword static routing completion help | Christian Poessinger | |
2022-05-29 | eigrp: T2472: add missing <multi/> specifier when redistributing protocols | Christian Poessinger | |
2022-05-29 | vyos.frr: T2472: add wigrpd support | Christian Poessinger | |
2022-05-29 | eigrp: T2472: add "local-as" CLI node to specify ASN like under BGP | Christian Poessinger | |
2022-05-29 | eigrp: T2472: add basic template rendering and FRR communication | Christian Poessinger | |
2022-05-29 | rip: T4448: remove default version for RIP | Christian Poessinger | |
Commit f9e38622 ("rip: T4448: add support to set protocol version on an interface level") also added the versionspecified on a per interface level. the RIp version carried a default value of 2 which makes RIPv1 and RIPv2 no longer working which is dthe default for FRR. Remove the default "2" from the RIP version specifier to make this behavior work again. | |||
2022-05-29 | Merge branch 'eigrp' into current | Christian Poessinger | |
* eigrp: eigrp: T2472: disable protocol by default eigrp: T2472: add initial python helper eigrp: vrf: T2773: prepare XML definitions for VRF instance eigrp: T2473: add XML definitions | |||
2022-05-29 | eigrp: T2472: disable protocol by default | Christian Poessinger | |
2022-05-29 | eigrp: T2472: add initial python helper | Christian Poessinger | |
2022-05-29 | eigrp: vrf: T2773: prepare XML definitions for VRF instance | Christian Poessinger | |
2022-05-29 | eigrp: T2473: add XML definitions | sever-sever | |
2022-05-29 | Merge branch 'T4449' of https://github.com/nicolas-fort/vyos-1x into current | Christian Poessinger | |
* 'T4449' of https://github.com/nicolas-fort/vyos-1x: Policy: T4449: Extend matching options for route-map ip nexthop | |||
2022-05-28 | rip: T4448: add support to set protocol version on an interface level | Christian Poessinger | |
2022-05-28 | xml: rip: T4448: rename include files to match schema | Christian Poessinger | |
2022-05-28 | firewall: T970: Add firewall group domain-group | Viacheslav Hletenko | |
Domain group allows to filter addresses by domain main Resolved addresses as elements are stored to named "nft set" that used in the nftables rules Also added a dynamic "resolver" systemd daemon vyos-domain-group-resolve.service which starts python script for the domain-group addresses resolving by timeout 300 sec set firewall group domain-group DOMAINS address 'example.com' set firewall group domain-group DOMAINS address 'example.org' set firewall name FOO rule 10 action 'drop' set firewall name FOO rule 10 source group domain-group 'DOMAINS' set interfaces ethernet eth0 firewall local name 'FOO' nft list table ip filter table ip filter { set DOMAINS { type ipv4_addr flags interval elements = { 192.0.2.1, 192.0.2.85, 203.0.113.55, 203.0.113.58 } } chain NAME_FOO { ip saddr @DOMAINS counter packets 0 bytes 0 drop comment "FOO-10" counter packets 0 bytes 0 return comment "FOO default-action accept" } } |