summaryrefslogtreecommitdiff
path: root/data/templates
AgeCommit message (Collapse)Author
2020-11-04mpls-conf: T915: Add TTL security for static LDP neighborsCheeze_It
The commit has to do with the addition of TTL security for LDP neighbors. The code was 90% done by Viascheslav. I modified it a little bit to get it to properly work. We added more parameters to the neighbors dynamic loop. Once this is merged then we should be able to add more for the dynamic neighbor statements. The way that this works is to have either TTL disabled, or to add the amount of hops accepted for the neighbor.
2020-11-03Merge branch 'wifi-wpa3' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 'wifi-wpa3' of github.com:c-po/vyos-1x: wireless: T3042: move wifi-regulatory-domain into individual interface definition wireless: T2653: reset wireless priority to crux state wireless: T3034: add WPA3 support wireless: T3043: rename "wpa mode both" to "wpa+wpa2" ifconfig: T2985: fix wireless-bridge creation
2020-11-03wireless: T3042: move wifi-regulatory-domain into individual interface ↵Christian Poessinger
definition
2020-11-03Merge pull request #585 from Cheeze-It/currentChristian Poessinger
mpls-conf: T915: Separate IPv4 and IPv6 hello timers, add IPv6 timers
2020-11-03wireless: T3034: add WPA3 supportChristian Poessinger
2020-11-03wireless: T3043: rename "wpa mode both" to "wpa+wpa2"Christian Poessinger
2020-11-03ifconfig: T2985: fix wireless-bridge creationChristian Poessinger
2020-11-03bgp: T2850: Fixing the priority of template processing and missing paramssever-sever
2020-11-02Merge pull request #589 from sever-sever/T2387Christian Poessinger
bgp-xml: T2387: Fix validators and add capability for new format bgp
2020-11-02bgp-xml: T2387: Fix validators and add capability for new format bgpsever-sever
2020-11-01openvpn: T2994: re-add ifconfig-pool statement in server configChristian Poessinger
Re-organize the template code and add addtitional Jinja2 filters for processing the ifconfig-pool statement. This reverts the changes from commit 7e546be9 ("openvpn: T2994: temporary revert to 1.2 crux behavior for client pools").
2020-11-01openvpn: T2994: remove workarounds for individual ipv4 and ipv6 keysChristian Poessinger
Remove workaround which split (local|remote)_address and also subnet keys into individual keys for the assigned IP address family (4/6). During template rendering check IP version by introducing new ipv4 and ipv6 Jinja2 filters {% if foo | ipv4 %} or {% if bar | ipv6 %} options.
2020-10-31openvpn: T2994: temporary revert to 1.2 crux behavior for client poolsChristian Poessinger
2020-10-31openvpn: T2994: bugfix evaluating replace-default-route in templateChristian Poessinger
2020-10-30openvpn: T2994: migrate to get_config_dict()Christian Poessinger
2020-10-29Merge pull request #587 from sever-sever/T2850Christian Poessinger
bgp: T2850: Fix FRR template for new bgp scheme
2020-10-29bgp: T2850: Fix FRR template for new bgp schemesever-sever
2020-10-29T3029 Correct generated nginx contentCédric Jeanneret
The redirection was using the wrong variable ($server_name), making the browser going to https://_ instead of the right variable.
2020-10-27mpls-conf: T915: Separate IPv4 and IPv6 hello timers, add IPv6 timersCheeze_It
The commit has to do with separating the hello/hold timers from being only IPv4 to being both IPv4 and IPv6. I renamed the existing hello and hold timers with an "-ipv4" and added ones that were "-ipv6". I did verify that the commands properly commit under FRR as well. I also added some room on the protocols_mpls.py file for the different variables as it seems we're might end up having longer names. Removed some spaces that I found too that weren't needed on ldpd.frr.tmpl as well.
2020-10-27bgp: T2387: Fix XML sheme for new bgp and bgp.py handlersever-sever
2020-10-17Merge pull request #573 from sever-sever/T2938Christian Poessinger
conf-mode: T2938: Add format octet-counted for syslog
2020-10-17syslog: T2938: Add format octet-counted for syslog conf-modesever-sever
2020-10-17Merge pull request #575 from DmitriyEshenko/ipoe-fix-issue01Christian Poessinger
ipoe-server: T2978: Add required proxy-arp by default
2020-10-16ipoe-server: T2978: Add required proxy-arp by defaultDmitriyEshenko
2020-10-15conf-mode: T915: Add mpls ldp explicit and holdtime commandssever-sever
2020-10-11tftp-server: T2974: migrate to get_config_dict()Christian Poessinger
2020-10-06pdns_recursor: T2964: Expose query-local-address to dns config.Lucas Christian
In certain split DNS configurations, there is a need for more fine-grained control over the local address DNS forwarding uses to issue queries. The current pdns_recursor configuration allows the recursor to send queries from any available address on the interface the OS selects for the query, with no option to limit queries to a particular address or set of addresses. This commit exposes the `query-local-address` option in `recursor.conf` to users via the `service` `dns` `forwarding` `source-address` config node. If the parameter is unspecified, the default value of 0.0.0.0 (any IPv4 address) and :: (any IPv6 address) are used to match current behavior. Users who want more control can specify one or more IPv4 and IPv6 addresses to issue queries from. Per pdns_recursor docs, the recursor will load balance queries between any available addresses in the pools. Since IPv4 and IPv6 are different pools, note that specifying only one type of address will disable issuing queries for the other address family.
2020-10-05Merge pull request #562 from lucasec/dhcpv6-statelessChristian Poessinger
dhcpv6: T2961: support stateless dhcpv6 clients
2020-10-05nat: T2951: use proper comments for source/destination loggingChristian Poessinger
For both source and destination NAT always the LOG name contained DST - which is definately false. This has been corrected to use SRC and DST on the appropriate rules.
2020-10-04dhcpv6: T2961: support stateless dhcpv6 clientsLucas Christian
This commit adds support for configuring the DHCPv6 server to serve "stateless" DHCPv6 clients (those that send an information-request message and do not request an address). The change introduces a `common-options` node at the `shared-network-name` level, which allows specifying options applicable to clients regardless of subnet assigned (or in the case of stateless clients, when no subnet is assigned). Parameters specified at the subnet level take precedence over those set at the shared-network level. Presently, only parameters that are meaningful to stateless clients have been exposed under `common-options`, as there is no precedent of exposing parameters at multiple levels under the current DHCPv4 or DHCPv6 configuration syntax. If desired, additional parameters could certainly be added with relative ease.
2020-10-04sstp: T2960: migrate to get_config_dict() and reusable templatesChristian Poessinger
2020-10-04pppoe-server: T2953: prepare common chap-secrets fileChristian Poessinger
2020-10-04pppoe-server: T2953: rename CLI local-ip to gateway-addressChristian Poessinger
Required to get a common CLI for all services provided by Accel-PPP. Once the CLI for each service is consitent - Jinja2 templates can be reused together with get_config_dict().
2020-10-03smoketest: sstp: add basic testsChristian Poessinger
2020-10-03pppoe-server: T2956: make use of defaultValue list featureChristian Poessinger
2020-10-02Merge pull request #559 from sever-sever/T2944Christian Poessinger
ntp: T2944: By default do not listen port 123 on any address
2020-10-01pppoe-server: T2936: move to get_config_dict()Christian Poessinger
For easier configuration read in (CLI) validation and also template rendering it makes sense to drop the old, single implementation and move to the new, generic get_config_dict() approach. Recurring configuration parts like ip-pool, ipv6-pool and nameservers have also been split our into individual templates which will be included through Jinja2 - leading to a single-source of the template sections, too.
2020-10-01ntp: T2944: By default do not listen port 123 on any addresssever-sever
2020-09-29vrrp: T2933: Add option virtual-address-excludedsever-sever
2020-09-28pppoe-server: T2919: Add possibility change Called-Station-Id formatDmitriyEshenko
2020-09-26accel-ppp: T2918: Add accounting interim jitter optionsever-sever
2020-09-26accel-ppp: T2917: Add Preallocate NAS-port-idsever-sever
2020-09-25dns: forwarding: T2921: migrate to get_config_dict()Christian Poessinger
2020-09-24wireless: T2241: add "wds" CLI optionChristian Poessinger
2020-09-24dns: forwarding: T2921: template cleanupChristian Poessinger
2020-09-22openvpn: T2906: tls-auth missing key directionMarcus Hoff
2020-09-22openvpn: T2907: add 'none' encryption option to not encrypt any dataMarcus Hoff
2020-09-21wireless: T2887: help when searching hidden SSIDs in station modeChristian Poessinger
2020-09-21wireless: T2887: hostapd: add bridge optionChristian Poessinger
2020-09-21smoketest: macsec: T2023: test MTU settingChristian Poessinger