Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-08-19 | ethernet: T4538: fix wrong systemd unit used for EAPoL | Christian Poessinger | |
When MACsec was bound to an ethernet interface and the underlaying source-interface got changed (even description only) this terminated the MACsec session running on top of it. The root cause is when EAPoL was implemented in commit d59354e52a8a7f we re-used the same systemd unit which is responsible for MACsec. That indeed lead to the fact that wpa_supplicant was always stopped when anything happened on the underlaying source-interface that was not related to EAPoL. | |||
2022-08-19 | UPnP: T4611: Rule must be as prefix instead of an address | Viacheslav Hletenko | |
From the doc miniupnpd IP/mask format must be nnn.nnn.nnn.nnn/nn Comment out invalid option "anchor" | |||
2022-08-18 | firewall: T4622: Add TCP MSS option | Viacheslav Hletenko | |
Ability to drop|accept packets based on TCP MSS size set firewall name <tag> rule <tag> tcp mss '501-1460' | |||
2022-08-17 | nat: T538: Add static NAT one-to-one | Viacheslav Hletenko | |
Ability to set static NAT (one-to-one) in one rule set nat static rule 10 destination address '203.0.113.0/24' set nat static rule 10 inbound-interface 'eth0' set nat static rule 10 translation address '192.0.2.0/24' It will be enough for PREROUTING and POSTROUTING rules Use a separate table 'vyos_static_nat' as SRC/DST rules and STATIC rules can have the same rule number | |||
2022-08-16 | Merge pull request #1475 from sever-sever/T4613 | Christian Poessinger | |
upnp: T4613: Verify listen key in dictionary | |||
2022-08-16 | Merge pull request #1474 from DaniilHarun/current | Christian Poessinger | |
T4619: Replacing instead of adding a static arp entry | |||
2022-08-16 | UPnP: T4620: Fix Jinja2 template rules | Viacheslav Hletenko | |
2022-08-16 | upnp: T4613: Verify listen key in dictionary | Viacheslav Hletenko | |
There is no check if 'listen' is exist in the dictionary, fix it Fix odd ValueHelp format | |||
2022-08-16 | T4619: Replacing instead of adding a static arp entry | DaniilHarun | |
2022-08-16 | Merge pull request #1462 from sever-sever/T4596 | Christian Poessinger | |
ocserv: T4596: Rewrite show openconnect sessions op-mode | |||
2022-08-16 | Debian: T4584: remove version number from hostap package requirement | Christian Poessinger | |
2022-08-16 | Merge pull request #1471 from mkorobeinikov/current | Christian Poessinger | |
dhcp-relay: T4601: restart dhcp relay-agent | |||
2022-08-16 | dhcp-relay: T4601: restart dhcp relay-agent | mkorobeinikov | |
The command "restart dhcp relay-agent" doesn't restart "isc-dhcp-relay" service. | |||
2022-08-15 | ocserv: openconnect: T4614: add support for split-dns | Christian Poessinger | |
set vpn openconnect network-settings split-dns <domain> | |||
2022-08-15 | smoketest: ocserv: implement config file validation | Christian Poessinger | |
2022-08-15 | ocserv: T4333: migrate to new vyos_defined Jinja2 test | Christian Poessinger | |
2022-08-15 | Merge pull request #1468 from sever-sever/T4609 | Christian Poessinger | |
container: T4609: Fix restart container | |||
2022-08-15 | container: T4609: Fix restart container | Viacheslav Hletenko | |
Add 2 dashes for arg "name" | |||
2022-08-15 | Merge pull request #1465 from sever-sever/T4595 | Christian Poessinger | |
dmvpn: T4595: Fix dpd profile options | |||
2022-08-11 | Merge pull request #1464 from sever-sever/T4603 | Christian Poessinger | |
l2tp: T4603: Add RADIUS nas-ip-address option | |||
2022-08-10 | dmvpn: T4595: Fix dpd profile options | Viacheslav Hletenko | |
Fix template for configuration DMVPN IKE profile dead-peer-detection delay and dead-peer-detecion timeout options | |||
2022-08-10 | l2tp: T4603: Add RADIUS nas-ip-address option | Viacheslav Hletenko | |
Add l2tp authentication radius nas-ip-address option which will be sent in NAS-IP-Address Radius attribute | |||
2022-08-08 | Merge pull request #1461 from nicolas-fort/nat66-exclude | Christian Poessinger | |
nat66: T4598: Add exclude options in nat66 | |||
2022-08-08 | nat66: T4598: add file nat-exclue.xml.i, which is invoked by nat66.xml.in ↵ | Nicolas Fort | |
and nat-rule.xml.i | |||
2022-08-06 | ocserv: T4596: Rewrite show openconnect sessions op-mode | Viacheslav Hletenko | |
Rewrite "show openconnect-server sessions" to vyos.opmode format Ability to get raw and formatted output Ability to get data via API | |||
2022-08-05 | Merge pull request #1460 from sever-sever/T4597 | Christian Poessinger | |
ocserv: T4597: Check bind port before openconnect commit | |||
2022-08-05 | nat66: T4598: Add exclude options in nat66 | Nicolas Fort | |
2022-08-05 | ocserv: T4597: Check bind port before openconnect commit | Viacheslav Hletenko | |
Check if openconnect listen port is available and not used by another service | |||
2022-08-05 | Merge pull request #1459 from dmbaturin/genop-exn | Viacheslav Hletenko | |
T2719: add an exception hierarchy for op mode errors | |||
2022-08-05 | bgp: T4257: bugfixes after renaming "local-as" to "system-as" | Christian Poessinger | |
2022-08-04 | Merge https://github.com/Cheeze-It/vyos-1x into current | Christian Poessinger | |
* https://github.com/Cheeze-It/vyos-1x: bgp: T4257: Changing BGP "local-as" to "system-as" | |||
2022-08-04 | macsec: T4537: macsec_csindex can be set even without encryption | Christian Poessinger | |
2022-08-04 | smoketest: macsec: T4537: validate macsec_csindex for both AES-GCM-128 and ↵ | Christian Poessinger | |
AES-GCM-256 | |||
2022-08-04 | T2719: add an exception hierarchy for op mode errors | Daniil Baturin | |
2022-08-04 | Merge pull request #1457 from sever-sever/T4586 | Christian Poessinger | |
nat66: T4586: Add SNAT destination prefix and DNAT address | |||
2022-08-04 | ipsec: T4594: Rewrite op-mode show vpn ipsec sa | Viacheslav Hletenko | |
Rewrite op-mode "show vpn ipsec sa" to new format Use vyos.opmode format Ability to get raw and formatted output | |||
2022-08-04 | graphql: T4544: Add ipsec.py to op-mode-standardized.json | Viacheslav Hletenko | |
Add overwritten script 'ipsec.py' to 'op-mode-standardized.json' | |||
2022-08-04 | utils: T4594: Add convert_data util | Viacheslav Hletenko | |
Convert multiple types of data to types usable in CLI For example 'vici' returns values in bytestring/bytes and we can decode them all at once | |||
2022-08-04 | macsec: T4592: can not create two interfaces using the same source-interface | Christian Poessinger | |
2022-08-04 | vyos.config.configdict: T4592: only print interface name, not interface dict ↵ | Christian Poessinger | |
on error | |||
2022-08-04 | smoketest: macsec: T4537: verify macsec_csindex | Christian Poessinger | |
2022-08-03 | Merge pull request #1369 from nicolas-fort/T4480 | Daniil Baturin | |
T4480: webproxy: Add safe-ports and ssl-safe-ports for acl squid config | |||
2022-08-03 | nat66: T4586: Add SNAT destination prefix and DNAT address | Viacheslav Hletenko | |
Ability to configure SNAT destination prefix and DNAT source address Add option "!" - not address/prefix for NAT66 | |||
2022-08-03 | validators: T4586: Add IPv6 exclude validators for address/prefix | Viacheslav Hletenko | |
Add IPV6 exclude validators: - ipv6-address-exclude - ipv6-prefix-exclude Will use in nat66 source/destination | |||
2022-08-02 | Merge pull request #1456 from sever-sever/T4585 | Christian Poessinger | |
containers: T4585: Add option restart to containers.py | |||
2022-08-02 | containers: T4585: Add option restart to containers.py | Viacheslav Hletenko | |
Add option restart to `containers.py` | |||
2022-08-02 | Merge pull request #1455 from sever-sever/T4544 | Christian Poessinger | |
graphql: T4544: Add overwritten scripts op-mode-standardized.json | |||
2022-08-02 | graphql: T4544: Add overwritten scripts op-mode-standardized.json | Viacheslav Hletenko | |
Add overwritten scripts to 'op-mode-standardized.json' | |||
2022-08-02 | Merge pull request #1454 from sever-sever/T4585 | Christian Poessinger | |
container: T4585: Rewrite show container | |||
2022-08-02 | container: T4585: Rewrite show container | Viacheslav Hletenko | |
Rewrite op-mode: - show container - show container network - show container image to the new vyos.opmode format |