summaryrefslogtreecommitdiff
path: root/data/templates
AgeCommit message (Collapse)Author
2022-04-04ipoe: T2580: Add pools and gateway optionsViacheslav Hletenko
Add new feature to allow to use named pools Can be used also with Radius attribute 'Framed-Pool' set service ipoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service ipoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'
2022-03-31bgp: T4326: Add bgp parameter no-suppress-duplicatesViacheslav Hletenko
Add new bgp parameter 'no-suppress-duplicates' set protocols bgp parameters no-suppress-duplicates
2022-03-24Merge pull request #1251 from srividya0208/T4288aChristian Poessinger
ike-group: T4288 : close-action is missing in swanctl.conf
2022-03-24ike-group: T4288 : close-action is missing in swanctl.confsrividya0208
close-action parameter is missing in the swanctl.conf file
2022-03-17OSPF : T4304: Set import/export filter inter-area prefixfett0
2022-03-16frr: T4302: fix Jinja2 template to match new FRR syntaxChristian Poessinger
According to a wrong bug [1] there is no longer a vrf suffix available for interfaces. This got changed in [2] which no longer print vrf name for interface config when using vrf-lite. 1: https://github.com/FRRouting/frr/issues/10805 2: https://github.com/FRRouting/frr/pull/10411
2022-03-15frr: T4302: upgrade to version 8.2Christian Poessinger
2022-03-12Merge branch 'T2493-nexthop-unchanged' of https://github.com/plett/vyos-1x ↵Christian Poessinger
into current * 'T2493-nexthop-unchanged' of https://github.com/plett/vyos-1x: policy: T2493 ip-next-hop unchanged & peer-address
2022-03-09policy: T2493 ip-next-hop unchanged & peer-addressPaul Lettington
Also add ipv6-next-hop peer-address
2022-03-07logrotate: T4250: Fixed logrotate config generationzsdc
* Removed `/var/log/auth.log` and `/var/log/messages` from `/etc/logrotate.d/rsyslog`, because they conflict with VyOS-controlled items what leads to service error. * Removed generation config file for `/var/log/messages` from `system-syslog.py` - this should be done from `syslom logs` now. * Generate each logfile from `system syslog file` to a dedicated logrotate config file. * Fixed logrotate config file names in `/etc/rsyslog.d/vyos-rsyslog.conf`. * Added default logrotate settins for `/var/log/messages`
2022-03-03static: T4283: support "reject" routes - emit an ICMP unreachable when matchedChristian Poessinger
2022-03-01flow-accounting: T4277: support sending flow-data via VRF interfaceChristian Poessinger
It should be possible to send the gathered data via a VRF bound interface to the collector. This is somehow related to T3981 but it's the opposite side of the netflow process. set system flow-accounting vrf <name>
2022-02-26lldp: T4272: minor bugfix in Jinja2 template for locationChristian Poessinger
2022-02-26lldp: T4272: migrate to get_config_dict()Christian Poessinger
2022-02-25zone-policy: T2199: bugfix defaultValue usageChristian Poessinger
Instead of hardcoding the default behavior inside the Jinaj2 template, all defaults are required to be specified inside teh XML definition. This is required to automatically render the appropriate CLI tab completion commands.
2022-02-22Merge pull request #1230 from sever-sever/T1856Christian Poessinger
ipsec: T1856: Ability to set SA life bytes and packets
2022-02-20ipsec: T3948: Add CLI site-to-site peer connection-type noneViacheslav Hletenko
set vpn ipsec site-to-site peer 192.0.2.14 connection-type none
2022-02-20ipsec: T1856: Ability to set SA life bytes and packetsViacheslav Hletenko
set vpn ipsec esp-group grp-ESP life-bytes '100000' set vpn ipsec esp-group grp-ESP life-packets '2000000'
2022-02-20Merge branch 't4203-dhcp' into currentChristian Poessinger
* t4203-dhcp: smoketest: dhcp: T4203: move testcase to base class static: T4203: obey interface dhcp default route distance interface: T4203: prevent DHCP client restart if not necessary
2022-02-20Merge pull request #1226 from sever-sever/T4254Christian Poessinger
vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options
2022-02-20static: T4203: obey interface dhcp default route distanceChristian Poessinger
Commit 05aa22dc ("protocols: static: T3680: do not delete DHCP received routes") added a bug whenever a static route is modified - the DHCP interface will always end up with metric 210 - if there was a default route over a DHCP interface.
2022-02-19vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on optionsViacheslav Hletenko
Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn charon.install_virtual_ip_on swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z set vpn ipsec options flexvpn set vpn ipsec options virtual-ip set vpn ipsec options interface tunX set vpn ipsec site-to-site peer x.x.x.x virtual-address x.x.x.x
2022-02-18DHCP : T4258: Set correct port for dhcp-failoverfett0
2022-02-09openvpn: T3686: Fix for check local-address in script and tmplViacheslav Hletenko
Local-address should be checked/executed only if it exists in the openvpn configuration, dictionary, jinja2 template
2022-02-08Merge pull request #1208 from sever-sever/T3600Christian Poessinger
dhcp: T3600: Fix DHCP static table dhcp-interface route
2022-02-08monitoring: T3872: Add input filter for firewall InfluxDB2Viacheslav Hletenko
Input filter for firewall allows to get bytes/counters from nftables in format, required for InfluxDB2
2022-02-07dhcp: T3600: Fix DHCP static table dhcp-interface routeViacheslav Hletenko
Static table dhcp-interface route required table in template Without table this route will be placed to table 'main' by default
2022-02-05Merge pull request #1200 from sever-sever/T3872Christian Poessinger
monitoring: T3872: Fix template input plugin for running services
2022-02-04firewall: T4209: Fix support for rule `recent` matchessarthurdev
2022-02-02monitoring: T3872: Fix template input plugin for running servicesViacheslav Hletenko
Add required capability for input scripts which collect statistics of running services
2022-01-29firewall: T4218: Adds a prefix to all user defined chainssarthurdev
2022-01-30Merge pull request #789 from jack9603301/T3420Daniil Baturin
upnpd: T3420: Support UPNP protocol
2022-01-25monitoring: T3872: Delete iptables input plugin as we use nftViacheslav
Telegraf inputs iptables plugin incompatible with nftables As it tries to get statistics from "iptables -L -n -v" which doesnt display required data in 1.4 as we don't use iptables anymore
2022-01-25sshd: T4205: Hide extra version suffix "Debian"Viacheslav Hletenko
Disable distribution-specified extra version suffix is included during initial protocol handshake SSH-2.0-OpenSSH_8.4p1 Debian-5 => SSH-2.0-OpenSSH_8.4p1
2022-01-21Merge pull request #1180 from goodNETnick/dhcp-client-prefixChristian Poessinger
DHCP: T4196: fix client-prefix-length parameter
2022-01-20DHCP: T4196: fix client-prefix-length parametergoodNETnick
2022-01-20firewall: T2199: Add log prefix to match legacy perl behavioursarthurdev
Example syslog: [FWNAME-default-D] ... * Also clean-up firewall default-action
2022-01-19Merge pull request #1177 from sarthurdev/mac_groupsChristian Poessinger
firewall: T3560: Add support for MAC address groups
2022-01-19OSPF : T4195: ability to set maximum paths for OSPFfett0
2022-01-18firewall: T3560: Add support for MAC address groupssarthurdev
2022-01-18firewall: T4188: Create default conntrack `FW_CONNTRACK` chainsarthurdev
This chain was missing from the XML/Python rewrite thus all traffic fell through to the `notrack` rule.
2022-01-17Merge pull request #1174 from sarthurdev/firewallChristian Poessinger
firewall: T4178: T3873: tcp flags syntax refactor, intra-zone-filtering fix
2022-01-17zone-policy: T3873: Fix intra-zone-filtering return to zone default-actionsarthurdev
2022-01-15ntp: T4184: Fix allow-clients addressViacheslav
NTP-server with option "allow-clients address x.x.x.x" should accept requests only from clients addresses which declared in configuration if this option exists Add "restrict default ignore" to fix it, in another case it responce to any address
2022-01-13monitoring: T3872: Add just required interfaces for ethtoolViacheslav
Telegraf ethtool input filter expected ethX interfaces and not other interfaces like vlans/tunnels/dummy Add "interface_include" option to telegraf template.
2022-01-11policy: T2199: Refactor policy route script for better error handlingsarthurdev
* Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6`
2022-01-11firewall: policy: T4159: T4164: Fix empty firewall groups, create separate ↵sarthurdev
file for group definitions.
2022-01-11policy: T4170: rename "policy ipv6-route" -> "policy route6"Christian Poessinger
In order to have a consistent looking CLI we should rename this CLI node. There is: * access-list and access-list6 (policy) * prefix-list and prefix-list6 (policy) * route and route6 (static routes)
2022-01-10conntrack: T3579: prepare for "conntrack timeout custom rule" CLI commandsChristian Poessinger
2022-01-10conntrack: T3579: use "notrack" over "return" in nft statementsChristian Poessinger