summaryrefslogtreecommitdiff
path: root/data/templates
AgeCommit message (Collapse)Author
2021-09-19dhcp-server: T3672: bugfix Jinja2 templateChristian Poessinger
The DHCP servers pool {} option can only be used when there follows a range statement. This is invalid for a network with only "static" leases. (cherry picked from commit 6c2c089c26f1652644c9ded7d5cfd8a0497f148e)
2021-09-19dhcp-server: T3841: add option to perform ICMP check before address assignmentChristian Poessinger
(cherry picked from commit 83ea0cb273e29db22062cc133b6eabd4ba2761c7)
2021-09-19dhcp-server: T3672: re-add missing "name" CLI optionChristian Poessinger
This option is mandatory and must be user configurable as it needs to match on both sides. (cherry picked from commit 2985035bcb2f3732e15a41e3c2ee6c6c93a6836e)
2021-09-19dhcp-server: T3672: only one failover peer is supportedChristian Poessinger
(cherry picked from commit a8ccf72c222caad8cd7aaca9bca773be39e87f5c)
2021-09-19dhcp-server: T3838: rename dns-server to name-server nodeChristian Poessinger
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given pool. In order to use the same CLI syntax this should be renamed to name-server, which is already the case for DHCPv6. (cherry picked from commit e2f9f4f4e8b2e961a58d935d09798ddb4e1e0460)
2021-09-19dhcp-server: T1968: allow multiple static-routes to be configuredChristian Poessinger
vyos@vyos# show service dhcp-server shared-network-name LAN { subnet 10.0.0.0/24 { default-router 10.0.0.1 dns-server 194.145.150.1 lease 88 range 0 { start 10.0.0.100 stop 10.0.0.200 } static-route 192.168.10.0/24 { next-hop 10.0.0.2 } static-route 192.168.20.0/24 { router 10.0.0.2 } } } (cherry picked from commit a4440bd589db645eb99f343a8163e188a700774c)
2021-09-11T3275: conntrack: Add missing conntrack templatesLulu Cathrinus Grimalkin
2021-09-09openvpn: T3805: drop privileges using systemd - required for rtnetlinkChristian Poessinger
(cherry picked from commit 2647edc30f1e02840cae62fde8b44345d35ac720)
2021-09-06https: T2230: only support TLS1.2 and TLS1.3Christian Poessinger
(cherry picked from commit 7546e249708de3e0b4bf8f89912caf73265edd60)
2021-09-06syslog: T3396: Fix template for remote IPv6 hostViacheslav
2021-09-03openvpn: T690: Add metric for pushed routesViacheslav
2021-09-02sstp-server: T2661: Delete CA certificate redundancy checkDmitriyEshenko
2021-09-01pptp-server: T3790: Change ippool priority and define gw-ip-addressDmitriyEshenko
2021-08-25isis: T3779: backport entire 1.4 (current) featuresetChristian Poessinger
As IS-IS is a new feature and the CLI configuration changed from 1.3 -> 1.4 (required by T3417) it makes sense to synchronize the CLI configuration for both versions. This means backporting the CLI from 1.4 -> 1.3 to not confuse the userbase already with a brand new feature. As 1.3.0-epa1 is on the way and should not contain any CLI changes afterwards, this is the perfect time.
2021-08-22pppoe: T1318: set source interface next to rp-pppoe.so plugin in peer templateChristian Poessinger
(cherry picked from commit 8fc06b5f8bbfcc49e69406fd70cd5cd42fb6d39f)
2021-08-22pppoe: T1318: implement missing access-concentrator CLI optionChristian Poessinger
(cherry picked from commit b121ee14ff1961b56568b0116de3c246ea4af934)
2021-08-13nginx: T3740: use bracketize_ipv6 Jinja2 filter on server addressChristian Poessinger
(cherry picked from commit f3df9e97c6bedd305133e860654fc0213c12fd6b)
2021-08-12nat: T1083: fix Jinja2 templating errorChristian Poessinger
Commit 166d44b3 ("nat: T1083: add translation options for persistent/random mapping of address and port") added support for persistent IP address and port mappings for NAT. Unfortunately one if clause got lost in translation.
2021-08-05nat: T1083: add translation options for persistent/random mapping of address ↵Igor Melnyk
and port Tested using: set destination rule 100 inbound-interface 'eth0' set destination rule 100 translation address '19.13.23.42' set destination rule 100 translation options address-mapping 'random' set destination rule 100 translation options port-mapping 'none' set source rule 1000 outbound-interface 'eth0' set source rule 1000 translation address '122.233.231.12' set source rule 1000 translation options address-mapping 'persistent' set source rule 1000 translation options port-mapping 'fully-random'
2021-08-03isis: T1316: rename Jinja2 template to match other FRR daemonsChristian Poessinger
(cherry picked from commit d77a2f56ea7e76158c07f5829397be4555473e3d)
2021-07-31router-advert: T2745: use template common coding style in for loopsChristian Poessinger
(cherry picked from commit f89a0cfc7d0d908cbe1715b760b07926ffa3f7b9)
2021-07-19isis: T3576: add IPv6 supportChristian Poessinger
(cherry picked from commit f26ef2a25690826eed4200b219d7f61e8dbf9201)
2021-07-02conntrack: T3660: make peer port configurableChristian Poessinger
(cherry picked from commit bc01277bdfdf49be8950fe2cbf3749d42da2850d)
2021-07-02conntrack-sync: T3535: Rewrite conf and op modes to XML python styleViacheslav
2021-06-30dhcpdv6: T3658: add support for dhcpdv6 fixed-prefix6Brandon Stepler
(cherry picked from commit 2318c874c4ec43076c2664e473f7273928d9f2a6)
2021-06-29pppoe-server: T3593: Change called-sid position in templateEshenko Dmitriy
(cherry picked from commit 4b646c1fb31a1a9f9c9d1658734d478fed5f19f1)
2021-06-29pppoe-server: T3405: Add interface cache featureDmitriyEshenko
(cherry picked from commit 065c6b620cb52a3235c7b6e210d34dc8cb943b95)
2021-06-25openvpn: T1512: T3641: drop deprecated "compat-names" optionChristian Poessinger
(cherry picked from commit c8ef5e8bdce01bbf05297df39e6c6223d0b2a2ea)
2021-06-25openvpn: T3641: remove deprecated iproute optionChristian Poessinger
Executing iproute2 commands as unprivileged member of the openvpn group is now handled via a sudoers file. (cherry picked from commit 9c8facc69c09163b74bc428f1dbf8be030766758)
2021-06-25openvpn: T1704: drop deprecated disable-ncp optionChristian Poessinger
(cherry picked from commit 6b7b19c93f90839549dd668116c4da2f38cfdc66) VyOS 1.3 will ship OpenVPN 2.5.1 and thus it is the perfect timing to still remove this option before introducing it in a new LTS release.
2021-06-13wwan: T3620: rename "wirelessmodem wlm" interfaces to new wwan interface treeChristian Poessinger
(cherry picked from commit c2a1c071e7d0a9ca754d7f5016eed7db188b3d1a)
2021-06-10ddclient: T3138: Fix typo for keysever-sever
(cherry picked from commit c12320f2f2bf511de82658b81e9d2ddbcfb1331a)
2021-05-24router-advert: T3561: add support for specific routesMark Royds
Co-authored-by: Mark Royds <mark.royds@vitaminit.co.uk> (cherry picked from commit c17f259d09abd2bf632d09400fe8deb4c2781d32)
2021-05-15dhcpv6-server: T3549: fix incorrect syntax for global name-server definitionChristian Poessinger
dhcp6.name-servers is a comma-delimited, multi-value list of name-servers that should only appear once in the dhcpdv6.conf file.
2021-05-01dhcpv6-server: T3379: Add option global-parameters name-serversever-sever
(cherry picked from commit 117533482d29ce0bd1bc7f3a3f2536921c16565c)
2021-04-20bgp: remove references to new XML/Python implementation not yet available in ↵Christian Poessinger
equuleus
2021-04-12interfaces: dhcp-client: T3454: add reject optionCharles Surett
Sometimes a modem might give a local IP before it retrieves a WAN IP. This can be an issue with failover routes, since the default route will get overridden. (cherry picked from commit e8535616aae2bf0c20aacee6a4d0761183bae6d9)
2021-03-19dhcp: T3300: add DHCP default route distanceBrandon Stepler
(cherry picked from commit dd2eb5e5686655c996ae95285b8ad7eb73d63d0b)
2021-03-10rpki: T3399: Fix template dashes replacesever-sever
2021-03-04pppoe: T3386: Fix client ip-pool stop rangesever-sever
(cherry picked from commit 52ee92b8edf851939c5ea3dc90fac3f5f90096c2)
2021-02-26https: T3357: redirect http request on non-standard https portJohn Estabrook
(cherry picked from commit 2c798f7b9064bc9833935eae534a885b97d34738)
2021-02-21console-server: T2490: do not use cli-shell-api in systemd unitChristian Poessinger
2021-02-14templates: convert DOS -> UNIX line endingsChristian Poessinger
2021-02-13nat: T3307: fix destination nat generationEsa Varemo
Fix destination NAT template trying to map source->translation instead of destination->translation. Fixes https://phabricator.vyos.net/T3307 (cherry picked from commit 4a0504a96cf0f3078e964ed201f196fb55172e00)
2021-02-02rpki: T3255: backport new implementation from current branchChristian Poessinger
2021-01-30pppoe: T3273: Leave default-route in place if 'default-route' is set to 'none'Sam Burney
(cherry picked from commit 2dc11253e46b945adb392c5946fd9ad43f391d86)
2021-01-30dhcpv6: T3240: send DUID when only DHCPv6 PD is configuredBrandon Stepler
(cherry picked from commit e41857b6e179a7df20d15486847663be9676e376)
2021-01-30dhcpv6: T3240: support per-interface client DUIDsBrandon Stepler
(cherry picked from commit b23323922939a9ac3b43e0761b0af84dc9e3b47e)
2021-01-25pppoe: T3251: Add double-quotes to protect special charactersDmitriyEshenko
(cherry picked from commit b64b45c6a5b66b8d6b07ab5a03fccaeabb3677a9)
2021-01-18ssh: T3212: remove RestartPreventExitStatus from systemd unitChristian Poessinger
When configuring SSH to only run inside a given VRF the system can not start SSHd on bootup as the Kernel will report EPERM (Operation not permitted) when loading the VRF BPF program. This returns the exit code 255 which is marked in the systemd unit file to stop restarting the service forever. Removing this limitation will restart the SSHd on startup and it will live inside the VRF till the end of days. (cherry picked from commit cdbac8f10b470a06aff54832da7f006aa3ed194e)