Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-03-08 | Merge pull request #1875 from sever-sever/T5066 | Christian Breunig | |
T5066: Fix GRE tunnel variable name which checks keys | |||
2023-03-08 | T5066: Fix GRE tunnel variable name which checks keys | Viacheslav Hletenko | |
2023-03-07 | frr: T5045: lift LimitNOFILE 1024 -> 4096 | Christian Breunig | |
Lift the amount of allowed open file descriptors for the FRR process tree. Required if there are hundreds to thousands interfaces on a system. | |||
2023-03-07 | Merge pull request #1868 from jestabro/literal | Daniil Baturin | |
op-mode: T5051: use Literal types to provide op-mode CLI choices and API enums | |||
2023-03-07 | Merge pull request #1872 from sever-sever/T5057 | Christian Breunig | |
T5057: Fix IPoE regex Jinja2 for interface | |||
2023-03-07 | Merge pull request #1870 from sever-sever/T5058 | Christian Breunig | |
T5058: Extend template filter range_to_regex to allow list as arg | |||
2023-03-07 | T5057: Fix IPoE regex Jinja2 for interface | Viacheslav Hletenko | |
Fix incorrect regex '\d+' when used vlan ranges For example 'ipoe-server interface eth1 vlan 2000-3000' - replace 'interface=re:eth1\.\d+' => 'interface=re:^eth1\.(200\d|20[1-9]\d|2[1-9]\d{2}|3000)$' | |||
2023-03-06 | T5055: Firewall: add packet-type matcher in firewall and route policy | Nicolas Fort | |
2023-03-06 | T5058: Extend template filter range_to_regex to allow list as arg | Viacheslav Hletenko | |
Extend template filter 'range_to_regex' Allow list of ranges as argument % range_to_regex(['11-12', '14-15']) '(1[1-2]|1[4-5])' | |||
2023-03-06 | Merge pull request #1869 from sever-sever/T5056 | Christian Breunig | |
T5056: Fix IPoE server template for vlan-mon | |||
2023-03-06 | T5056: Fix IPoE server template for vlan-mon | Viacheslav Hletenko | |
After rewriting IPoE server for config.dict the ipoe.config.j2 template wasn't changed for 'vlan-mon' section Fix it | |||
2023-03-06 | qos: T4989: bugfix dialer interface - speed detection | Christian Breunig | |
Not all interfaces have valid entries in the speed file. PPPoE interfaces have the appropriate speed file, but you can not read it: cat: /sys/class/net/pppoe7/speed: Invalid argument | |||
2023-03-05 | op-mode: T5051: use typing.Literal in op-mode scripts | John Estabrook | |
2023-03-05 | op-mode: T5051: interpret Literal types as enums | John Estabrook | |
2023-03-05 | op-mode: T5051: add support for Literal arg types | John Estabrook | |
2023-03-04 | Merge pull request #1862 from jestabro/schema-generate | Christian Breunig | |
graphql: T5040: generate schema on installation, rather than dynamically | |||
2023-03-03 | graphql: T5040: use path from defaults | John Estabrook | |
2023-03-02 | Merge pull request #1865 from jbordongit/T4916-sagitta | Christian Breunig | |
ipsec: T4916: Fixed migrations script | |||
2023-03-03 | ipsec: T4916: Fixed migrations script | jbordongit | |
* removed unused `re` from imports * replaced `return_value()` to `return_values()` for `remote-address` because this is a multi-value configuration node | |||
2023-03-02 | Merge pull request #1864 from jestabro/system-login-error | Christian Breunig | |
login: T5039: catch error on 'my_set' for auth plaintext-password | |||
2023-03-02 | Merge pull request #1863 from sarthurdev/T5039 | Christian Breunig | |
login: T5039: Support hashing rounds in `encrypted-password` values | |||
2023-03-02 | login: T5039: catch error on 'my_set' for auth plaintext-password | John Estabrook | |
2023-03-02 | login: T5039: Support hashing rounds in `encrypted-password` values | sarthurdev | |
Since glibc 2.7, the SHA-256 and SHA-512 implementations support a user-supplied number of hashing rounds, defaulting to 5000. If the "$id$" characters in the salt are followed by "rounds=xxx$", where xxx is an integer, then the result has the form $id$rounds=yyy$salt$encrypted where yyy is the number of hashing rounds actually used. The number of rounds actually used is 1000 if xxx is less than 1000, 999999999 if xxx is greater than 999999999, and is equal to xxx otherwise. | |||
2023-03-01 | qos: T4989: bugfix missing firewall mark support | Christian Breunig | |
2023-03-01 | graphql: T5040: adjust smoketest for nullable key | John Estabrook | |
Since 'key' field is no longer required, a missing key will register an error in the resolver, instead of being rejected as bad request. | |||
2023-03-01 | graphql: T5040: generate schema in vyos-1x.postinst | John Estabrook | |
2023-03-01 | graphql: T5040: fail gracefully if not on live system; needed for import | John Estabrook | |
For type introspection of op-mode scripts, scripts are loaded as modules. For generation of schema from type introspection, it is useful to load scripts during package installation, hence to fail gracefully if not on live system. | |||
2023-03-01 | graphql: T5040: use nullable key field to allow schema static generation | John Estabrook | |
Schema had been dynamically generated, based on configuration setting for authentication. Add nullable field 'key' for static generation of schema regardless of key/token use. | |||
2023-03-01 | Merge pull request #1854 from Yuanandcircle/current | Christian Breunig | |
policy: T5035: Add more actions to policy route rule | |||
2023-02-28 | qos: T4284: add general debug output in update() | Christian Breunig | |
2023-02-28 | T4967: xml: provide re-usable constraint for CLI host-name definitions | Christian Breunig | |
2023-02-28 | Merge pull request #1857 from nicolas-fort/nft_queue | Christian Breunig | |
T5037: Firewall: Add queue action and options to firewall | |||
2023-02-28 | Merge pull request #1860 from sever-sever/T4967 | Christian Breunig | |
T4967: Allow setting container hostname | |||
2023-02-28 | T4967: Allow setting container hostname | Viacheslav Hletenko | |
Ability setting container hostname This host name is used as /etc/hostname set container name <tag> host-name 'mybox' | |||
2023-02-28 | T5037: Firewall: Add queue action and options to firewall | Nicolas Fort | |
2023-02-28 | Merge branch 'vyos:current' into current | Youyuan | |
2023-02-28 | Merge pull request #1800 from vfreex/feature-babel | Christian Breunig | |
T4977: Add Babel routing protocol support | |||
2023-02-28 | Merge pull request #1784 from Zen3515/current-add-container-command-arg | Christian Breunig | |
container: T4014: Add `command`, `arg` and `entrypoint` configuration options for containers | |||
2023-02-28 | Merge pull request #1853 from sever-sever/T5033 | Christian Breunig | |
T5033: Ability to generate muliple keys from a file or link | |||
2023-02-28 | Merge pull request #1858 from jestabro/typo-openvpn | Christian Breunig | |
openvpn: T4770: fix tabulate output in _format_openvpn | |||
2023-02-27 | openvpn: T4770: fix tabulate output in _format_openvpn | John Estabrook | |
2023-02-27 | Merge pull request #1856 from jestabro/list-interfaces | Christian Breunig | |
op-mode: T4952: use list_interfaces from vyos-utils | |||
2023-02-27 | op-mode: T4952: use list_interfaces from vyos-utils | John Estabrook | |
2023-02-27 | Merge pull request #1855 from aapostoliuk/T4955-2-sagitta | Christian Breunig | |
openconnect: T4955: Renamed function and changed error messages | |||
2023-02-27 | openconnect: T4955: Renamed function and changed error messages | aapostoliuk | |
Renamed local function to be identical to 1.3 ver Changed error messages after commit to be identical to 1.3 ver | |||
2023-02-27 | Merge pull request #1644 from aapostoliuk/T4790-sagitta | Viacheslav Hletenko | |
T4790: Added check of the sum of radius timeouts | |||
2023-02-27 | T5033: Ability to generate muliple keys from a file or link | Viacheslav Hletenko | |
We generate only one public key (string) from a file xxx.pub op-mode with 'generate public-key-command user vyos lik_to_key_file' Add ability to generate configuration (from op-mode) for multiple keys As github keys don't use identifiers, generate uuid4 id for them | |||
2023-02-26 | graphql: T4979: add user info to token request | John Estabrook | |
2023-02-26 | T4997: add dhcp client user hooks | bri | |
This commit adds a script to run user-defined hook scripts upon renewing a DHCP lease. This can be used to, for example, dynamically define a firewall address-group based on the dynamic IP address of an interface. For an example of its use (as well as the use case I had in mind while coding this), see https://vyos.dev/T2196#142394 Co-authored-by: br <git@ibeep.com> | |||
2023-02-26 | policy: T5035: Add more actions to policy route rule | Youyuan | |