Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-01-19 | nat: T2947: add many-many translation | Christian Poessinger | |
Support a 1:1 or 1:n prefix translation. The following configuration will NAT source addresses from the 10.2.0.0/16 range to an address from 192.0.2.0/29. For this feature to work a Linux Kernel 5.8 or higher is required! vyos@vyos# show nat source { rule 100 { outbound-interface eth1 source { address 10.2.0.0/16 } translation { address 192.0.2.0/29 } } } This results in the nftables configuration: chain POSTROUTING { type nat hook postrouting priority srcnat; policy accept; oifname "eth1" counter packets 0 bytes 0 snat ip prefix to ip saddr map { 10.2.0.0/16 : 192.0.2.0/29 } comment "SRC-NAT-100" } | |||
2021-01-18 | bgp: T2174: use better variable names when creating peers | Christian Poessinger | |
2021-01-18 | ssh: T3212: remove RestartPreventExitStatus from systemd unit | Christian Poessinger | |
When configuring SSH to only run inside a given VRF the system can not start SSHd on bootup as the Kernel will report EPERM (Operation not permitted) when loading the VRF BPF program. This returns the exit code 255 which is marked in the systemd unit file to stop restarting the service forever. Removing this limitation will restart the SSHd on startup and it will live inside the VRF till the end of days. | |||
2021-01-17 | openvpn: T2381: bugfix rendering multiple openvpn-options from CLI | Christian Poessinger | |
The CLI statement "set interfaces openvpn vtun10 openvpn-option '--tun-mtu 1500 --fragment 1300 --mssfix'" will render in vtun10.conf to: --tun-mtu 1500 --fragment 1300 --mssfix On startup OpenVPN complains about: openvpn-vtun10: Options error: Unrecognized option or missing or extra parameter(s) in vtun10.conf:76: tun-mtu (2.4.7) The options must be split on -- to a new configuration line. | |||
2021-01-17 | ntp: T2185: store configuration in volatile /run area | Christian Poessinger | |
2021-01-16 | vrf: T31: migrate to get_config_dict() | Christian Poessinger | |
2021-01-15 | snmp: T652: enable interface_replace_old option and restart command | Christian Poessinger | |
- Remove all old ifTable entries with the same ifName as newly appeared interface (with different ifIndex) - this is the case on e.g. ppp interfaces - Add new op-mode command "restart snmp" to restart the daemon | |||
2021-01-15 | Merge pull request #681 from jjakob/T3219-openvpn-ipv6-iroute | Christian Poessinger | |
openvpn: T3219: fix for server client subnet IPv6 iroute | |||
2021-01-15 | salt: T3157: Fix location for log file | sever-sever | |
2021-01-14 | openvpn: T3219: fix for server client subnet IPv6 iroute | Jernej Jakob | |
2021-01-14 | bgp: T2174: remove invalid "no bgp default ipv4-unicast" from default config | Christian Poessinger | |
2021-01-13 | ssh: T3212: do not make /run/sshd directory disappear on failure | Christian Poessinger | |
2021-01-13 | bgp: T2174: bugfix FRR template generation | Christian Poessinger | |
2021-01-12 | Merge pull request #679 from sever-sever/T3210 | Christian Poessinger | |
is-is: T3210: Fix three-way-handshake | |||
2021-01-12 | nat: T3186: fix negated addresses not applied from CLI | Christian Poessinger | |
2021-01-12 | Merge pull request #678 from sever-sever/T2387 | Christian Poessinger | |
bgp: T2387: Fix template for bgp redistribute proto ospfv3 | |||
2021-01-12 | is-is: T3210: Fix three-way-handshake | sever-sever | |
2021-01-12 | bgp: T2387: Fix template for bgp redistribute proto ospv3 | sever-sever | |
2021-01-12 | Revert "ntp: T2944: By default do not listen port 123 on any address" | sever-sever | |
This reverts commit ca61add5e7dea828c67ea074368196025f4cb4eb. | |||
2021-01-07 | login: radius: T3192: migrate to get_config_dict() | Christian Poessinger | |
2021-01-07 | ssh: T2635: harden Jinja2 template and daemon startup | Christian Poessinger | |
2021-01-07 | ssh: T2635: change sshd_config path to /run/sshd | Christian Poessinger | |
2021-01-07 | login: radius: T3192: support IPv6 server(s) and source-address | Christian Poessinger | |
2021-01-05 | ISIS: T3156: Adding segment routing for ISIS | Cheeze_It | |
In this commit we add the segment routing portion for ISIS. There's also an additional check that is added so that the global block label ranges are properly configured. Also added traffic engineering configurations as well. | |||
2021-01-03 | dhcp: T3180: bugfix assignment of sliced ranges to config dict | Christian Poessinger | |
A reference to a dictionary key obtained by a for loop can not be used to update values inside that dictionaries key. You must use the original path to the nested dictionaries key. | |||
2020-12-31 | openvpn: T2994: fix ipv6 server mode | Christian Poessinger | |
2020-12-30 | pppoe-server: T3162: Add generation pado-delay to jinja2 template | DmitriyEshenko | |
2020-12-29 | pppoe-server: T3160: Move called-sid param to required section | DmitriyEshenko | |
2020-12-29 | ethernet: T1466: add EAPoL support | Christian Poessinger | |
2020-12-28 | webproxy: T563: squidguard: support default ruleset | Christian Poessinger | |
2020-12-28 | webproxy: T563: add squidguard body | Christian Poessinger | |
2020-12-28 | webproxy: T563: improve handling of cache-peers | Christian Poessinger | |
2020-12-28 | webproxy: T563: migrate from old Perl code to XML and get_config_dict() | Christian Poessinger | |
Basic proxy functionality is working but the squidguard smoketest still fails as this is yet not implemented. | |||
2020-12-22 | Merge pull request #657 from Cheeze-It/current | Christian Poessinger | |
mpls: T915: Add ordered control for LDP | |||
2020-12-22 | mpls: T915: Add ordered control for LDP | Cheeze_It | |
In here we are adding the latest FRR update to allow for LDP label distribution to operate in ordered control mode. | |||
2020-12-21 | openvpn: T3143: Push routes in correct format <IP> <NETMASK> | DmitriyEshenko | |
2020-12-21 | flow-accounting: T3141: remove legacy jinja2 template | Jan-Philipp Benecke | |
2020-12-20 | flow-accounting: T3141: Fixing wrongly formated config | Jan-Philipp Benecke | |
2020-12-20 | wifi: T3043: country-code should be lower case | Christian Poessinger | |
2020-12-20 | Merge pull request #647 from jpbede/feature/flowacc-enable-egress | Christian Poessinger | |
flow-accounting: T3132: enable egress traffic accounting | |||
2020-12-17 | T3135: bfd template missing newlines | bedmisten | |
trim blocks removes newlines after {% endif %} blocks. Added the required newlines. | |||
2020-12-17 | flow-accounting: T3132: enable egress traffic accounting | Jan-Philipp Benecke | |
2020-12-12 | dhcpv6-pd: pppoe: T2677: always restart daemon | Christian Poessinger | |
2020-12-09 | dns: T3121: recursion zone bugfix | NEOMorphey | |
2020-12-09 | Merge pull request #639 from Cheeze-It/current | Christian Poessinger | |
mpls-conf: T915: Add LDP import and export control | |||
2020-12-08 | mpls-conf: T915: Add LDP import and export control | Cheeze_It | |
In this commit we added the ability to control import and export of LDP FECs. This allows for an operator to specify which to filter on ingress, and which to not announce on egress. | |||
2020-12-08 | openvpn: T3117: fix generated ncp-ciphers in server config | Christian Poessinger | |
2020-12-08 | bgp: T2174: Fix Template. Update to use FRRConfig framework | sever-sever | |
2020-12-07 | Merge pull request #636 from c-po/t2562-dhcp | Christian Poessinger | |
dhcp: T2562: add "listen-address" CLI node for better DHCP relay support | |||
2020-12-06 | Merge pull request #635 from Cheeze-It/current | Christian Poessinger | |
mpls-conf: T915: Add LDP local label allocation control |