Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-10-25 | graphql: T4574: set byte length of shared secret from CLI | John Estabrook | |
2022-10-25 | graphql: T4574: extend smoketest for token authentication | John Estabrook | |
2022-10-25 | graphql: T4574: set token expiration time in claims | John Estabrook | |
2022-10-25 | graphql: T4574: add context to read token in queries/mutations | John Estabrook | |
2022-10-25 | graphql: T4574: read config and generate schema with/without key auth | John Estabrook | |
2022-10-25 | graphql: T4574: add mutation for requesting JWT token | John Estabrook | |
2022-10-25 | graphql: T4574: add interface definitions for authentication settings | John Estabrook | |
2022-10-25 | graphql: T4574: reorganize directory structure for clarity | John Estabrook | |
2022-10-25 | graphql: T4574: call all schema definition generation on init | John Estabrook | |
2022-10-24 | Merge pull request #1614 from jestabro/op-mode-route-output | John Estabrook | |
route: T4772: return list of dicts in 'raw' output | |||
2022-10-24 | route: T4772: return list of dicts in 'raw' output | John Estabrook | |
2022-10-23 | T4762: Add check for show nat if nat config does not exist | Viacheslav Hletenko | |
Add check for 'show nat xxx' if nat configuration does not exist | |||
2022-10-21 | Merge pull request #1611 from dmbaturin/field-normalization-2 | John Estabrook | |
T4765: support list and primitives in op mode output normalization | |||
2022-10-21 | T4765: support list and primitives in op mode output normalization | create with ansible | |
2022-10-21 | Merge pull request #1610 from jestabro/migrate-graphql | John Estabrook | |
graphql: T4768: change name of api child node from 'gql' to 'graphql' | |||
2022-10-21 | graphql: T4768: change name of api child node from 'gql' to 'graphql' | John Estabrook | |
2022-10-20 | Merge pull request #1608 from jestabro/T4765 | Daniil Baturin | |
T4765: normalize fields only if 'raw' is true; output must be dict | |||
2022-10-20 | T4765: normalize fields only if 'raw' is true; output must be dict | John Estabrook | |
2022-10-20 | Merge pull request #1607 from dmbaturin/op-mode-field-normalization | John Estabrook | |
T4765: normalize dict fields in op mode ouputs | |||
2022-10-20 | Merge pull request #1601 from sever-sever/T4720 | Christian Poessinger | |
ssh: T4720: Ability to configure SSH-server HostKeyAlgorithms | |||
2022-10-20 | T4765: normalize dict fields in op mode ouputs | Daniil Baturin | |
2022-10-20 | T4763: Use nat.py for show nat destination statistics | Viacheslav Hletenko | |
Use nat.py instead of old op-mode script | |||
2022-10-17 | login: 2fa: T874: fix PAM string during ISO build | Christian Poessinger | |
Turns out a local installation of a package using "dpkg -i" differs when assembling an ISO using live-build. The previous version worked when using "dpkg -i" but it failed hard (no login possible) during ISO build. This has been fixed by using double quotes. | |||
2022-10-17 | T4720: Add smoketest for SSH NDcPP | Viacheslav Hletenko | |
2022-10-17 | ssh: T4720: Ability to configure SSH-server HostKeyAlgorithms | Viacheslav Hletenko | |
Ability to configure SSH-server HostKeyAlgorithms. Specifies the host key signature algorithms that the server offers. Can accept multiple values. | |||
2022-10-17 | Merge pull request #1600 from jestabro/gql-composite | John Estabrook | |
graphql: T4753: generalize system_status to composite_{query,mutation} | |||
2022-10-17 | xdp: T4284: libbpf-dev/libbpf0 is only available for VyOS on amd64 | Christian Poessinger | |
2022-10-16 | graphql: T4753: generalize system_status to composite_{query,mutation} | John Estabrook | |
2022-10-16 | xdp: T4284: migrate to Debian libbpf | Christian Poessinger | |
In order to properly retrieve JSON information in the Smoketests for the new QoS implementation we need a recent (>6.0) version of iproute2. This requires the libbpf-dev package and this small source-code change. | |||
2022-10-16 | login: 2fa: T874: fix PAM string generation on multiple package installations | Christian Poessinger | |
Commit da535ef5 ("login: 2fa: T874: fix Google authenticator issues") used different strings for grep and sed resulting in the same line beeing added on every installation of the package. This is only disturbing during development not during ISO build. | |||
2022-10-14 | Merge pull request #1588 from dmbaturin/pr-title-check | John Estabrook | |
T4748: add a CI action to check pull request title format | |||
2022-10-14 | Merge pull request #1597 from jestabro/http-api-config-dict | John Estabrook | |
http-api: T4749: transition to config_dict for conf_mode http-api.py | |||
2022-10-14 | Merge pull request #1598 from sever-sever/T4533 | Christian Poessinger | |
T4533: Allow basic permissions to unprivileged RADIUS users | |||
2022-10-14 | login: 2fa: T874: remove unused code path for global 1fa settings | Christian Poessinger | |
2022-10-14 | login: 2fa: T874: fix Google authenticator issues | Christian Poessinger | |
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos' | |||
2022-10-14 | T4533: Allow basic permissions to unprivileged RADIUS users | Viacheslav Hletenko | |
Unprivileged RADIUS users cannot do simple diagnostics like ping or traceroute. Allow them such tools. Ability to execute op-mode commands for them. It is not new 'operator mode' feature but it allows RADIUS users execute op-mode commands | |||
2022-10-14 | http-api: T4749: transition to config_dict | John Estabrook | |
2022-10-14 | Merge pull request #1595 from Cheeze-It/current | Christian Poessinger | |
isis, ospf: T4739: ISIS and OSPF segment routing being refactored | |||
2022-10-14 | Merge pull request #1596 from sever-sever/T4725 | Christian Poessinger | |
T4725: Fix Regex for correctly reset IPsec peers | |||
2022-10-14 | T4725: Fix Regex for correctly reset IPsec peers | Viacheslav Hletenko | |
As IPsec site-so-site was rewritten we do not need replace ':' => '-' as ':' can not be in the connection name So connection name can not use IP(v6) address as peer name And current peers/connections not required prefix 'peer_' Fix template that search correctly connection name of the peers that allow to reset them again (reset ipsec peer was broken) | |||
2022-10-13 | T4739: OSPF segment routing being refactored | Cheeze_It | |
2022-10-13 | T4739: ISIS segment routing being refactored | Cheeze_It | |
2022-10-13 | ci: T4748: add a CI action to check pull request title | Daniil Baturin | |
and commit messages format | |||
2022-10-13 | Merge pull request #1592 from sever-sever/T4746 | Christian Poessinger | |
monitoring: T4746: Add exception if we do not have firewall rules | |||
2022-10-13 | monitoring: T4746: Add exception if we do not have firewall rules | Viacheslav Hletenko | |
Telegraf checks the firewall table 'vyos_filter' but it we don't have any firewall in the system we don't have this table by default It cause commit error for "service monitoring" Add exception if the table "vyos_filter" is not found | |||
2022-10-13 | Merge pull request #1591 from sever-sever/T4312 | Christian Poessinger | |
monitoring: T4312: Ability to set IP address in the URL | |||
2022-10-13 | monitoring: T4312: Ability to set IP address in the URL | Viacheslav Hletenko | |
Use common "url.xml" which allow URL as domain name or IP entrie | |||
2022-10-12 | Merge pull request #1585 from goodNETnick/ssh_login_bugfix | John Estabrook | |
system login: T874: add 2FA support for local and ssh authentication.… | |||
2022-10-12 | Merge pull request #1586 from sever-sever/T4744 | Christian Poessinger | |
bgp: T4744: Directly connected neighbors and ebgp-multihop check | |||
2022-10-12 | bgp: T4744: Directly connected neighbors and ebgp-multihop check | Viacheslav Hletenko | |
BGP directly connected neighbors (interface neighbors) do not compatible with ebgp-multihop option |