summaryrefslogtreecommitdiff
path: root/data/templates
AgeCommit message (Collapse)Author
2024-09-30Merge pull request #4113 from vyos/mergify/bp/circinus/pr-4024Christian Breunig
T6687: add fqdn support to nat rules. (backport #4024)
2024-09-30T6687: add fqdn support to nat rules.Nicolas Fort
(cherry picked from commit 4c3d037f036e84c77333a400b35bb1a628a1a118)
2024-09-30syslog: T5367: add format option to include timezone in messageChristian Breunig
Add CLI option to include the systems timezone in the syslog message sent to a collector. This can be enabled using: set system syslog host <hostname> format include-timezone (cherry picked from commit 042be39ccabb43a766e04a447207610ff017bd7d)
2024-09-24syslog: T6719: fix the behavior of "syslog global preserve-fqdn"Nicolas Vollmar
(cherry picked from commit c196c6d9207ef112e478f44923b2d0bc8a15b3c9)
2024-09-19wireless: T6496: use mac-address validator on BSSID and move it up one CLI levelChristian Breunig
(cherry picked from commit 0c9499c5b3f7cc053c1f29ecf28d679c1a3156e2)
2024-09-19wireless: T6496: support for EAP-MSCHAPv2 client over wifiChristopher
fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: incorrect bssid mapping fix: use the correct jinja templating (I think) fix: “remote blank space fix: attempt to fix the formatting in j2 fix: attempt to fix the formatting in j2 feat: rename enterprise username and password + add checks in conf mode. fix: move around `bssid` config option on `wpa_supplicant.conf.j2` and fix the security config part fix: fix indentation on `wpa_supplicant.conf.j2` (cherry picked from commit fc4263021acb72d2d8afb165922d9cb7e11b2bf1)
2024-09-18OpenVPN CLI-option: T6571: rename ncp-ciphers with data-cipherssrividya0208
(cherry picked from commit b62b2f5f8a9c4f0a7dc26bce1f15843651119256)
2024-09-18T6539: add logging options to load-balancer reverse-proxyJonathan Voss
(cherry picked from commit dd5908eac390294ea178953fc0e6821d803d62f6)
2024-09-11T6693: wireless: Enable WiFi-6 (802.11ax) for 2.4GHz AccessPoints (#4045)mergify[bot]
(cherry picked from commit 194a14e958ad336d590ba8f076e163f6908dcddc) Co-authored-by: Alain Lamar <alain_lamar@yahoo.de>
2024-09-02T6681: Add option for SLAAC to support suppress Interval Advertisement in RAsHikari Kongou
(cherry picked from commit eec95109981140f1b4323bcf4526c10c6364d9ae)
2024-08-16T6649: Accel-ppp separate vlan-mon from listen interfacesNataliia Solomko
(cherry picked from commit 663e468de2b431f771534b4e3a2d00a5924b98fe)
2024-08-05OPENVPN: T6555: fix name to bridgefett0
(cherry picked from commit d5ae708581d453e2205ad4cf8576503f42e262b6)
2024-08-05OPENVPN: T6555: add server-bridge options in mode serverfett0
(cherry picked from commit 4acad3eb8d9be173b76fecafc32b0c70eae9b192)
2024-08-02T6619: Remove the remaining uses of per-protocol FRR configs (#3916)Roman Khramshin
(cherry picked from commit f2256ad338fc3fbaa9a5de2c0615603cd23e0f94)
2024-08-01T6617: T6618: vpn ipsec remote-access: fix profile generatorsLucas Christian
(cherry picked from commit e97d86e619e134f4dfda06efb7df4a3296d17b95)
2024-07-23SSTP-server: add missed pppd_compat moduleViacheslav Hletenko
(cherry picked from commit 8c8054ad5410e8aedf6ab7a0702b317872d4fd41)
2024-07-23PPTP-server: add missed pppd_compat moduleViacheslav Hletenko
(cherry picked from commit 440a3e6b89748bfd861f580fc8c4f41b58c6cec2)
2024-07-23L2TP-server: add missed pppd_compat moduleViacheslav Hletenko
(cherry picked from commit ef50cd9954a2d6eb2a041c26a0bb8ea0758b1f17)
2024-07-23IPoE-server: add missed pppd_compat moduleViacheslav Hletenko
(cherry picked from commit b92bc209cc1d6ed54a5fa052e0c27c54488ae955)
2024-07-22wireless: T6320: add 802.11ax at 6GHzAlain Lamar
Authored-By: Alain Lamar <alain_lamar@yahoo.de> (cherry picked from commit d5e988ba2d0fa0189feff22374c9b46eb49e2e79)
2024-07-22wireless: T6425: Fix broken VHT beamformingAlain Lamar
(cherry picked from commit f75f0f9c94472f46e056808c3ac6aba809c090f0)
2024-07-22T6599: ipsec: support disabling rekey of CHILD_SA.Lucas Christian
Also adds support for life_bytes, life_packets, and DPD for remote-access connections. Changes behavior of remote-access esp-group lifetime setting to have parity with site-to-site connections. (cherry picked from commit fd5d7ff0b4fd69b248ecb29c6ec1f3cf844c41cf)
2024-07-03Merge pull request #3758 from vyos/mergify/bp/circinus/pr-3721Christian Breunig
ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option (backport #3721)
2024-07-03syslog: T5366: remove reference to deprecated sysvinit rsyslog scriptJohn Estabrook
(cherry picked from commit 977d2fbf7a62a97d98b38cf28e62f08fc9e8d3a2)
2024-07-03ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms optionkhramshinr
(cherry picked from commit 06e6e011cdf12e8d10cf1f6d4d848fd5db51720d)
2024-07-02T6523: Telegraf use nft scripts only if the firewall configuredViacheslav Hletenko
If a firewall is not configured there is no reason to get and execute telegraf firewall custom scripts as there are no nft chain in the firewall nftables configuration (cherry picked from commit ebff0c481907ac0c2c0be9981c3c3d87caf3003b)
2024-06-28T6477: Add telegraf loki output pluginViacheslav Hletenko
Add Loki plugin to telegraf set service monitoring telegraf loki url xxx (cherry picked from commit 3365eb7ab99fa9a259fe440eb51e82fc0a0a4dc6)
2024-06-26Merge pull request #3723 from sever-sever/T751Daniil Baturin
T751: Remove ids suricata
2024-06-22T5949: Add option to disable USB autosuspendkhramshinr
(cherry picked from commit c0b2693cebc3429e1974a9cec5946fa88ffc0205)
2024-06-12op_mode: T6227: Rewrite show conntrack-sync cache internal to use tabulate ↵Nataliia Solomko
output
2024-06-10T751: Remove ids suricataViacheslav Hletenko
2024-06-09op-mode: T6424: ipsec: honor certificate CN and CA chain during profile ↵Christian Breunig
generation In e6fe6e50a5c ("op-mode: ipsec: T6407: fix profile generation") we fixed support for multiple CAs when dealing with the generation of Apple IOS profiles. This commit extends support to properly include the common name of the server certificate issuer and all it's paren't CAs. A list of parent CAs is automatically generated from the "PKI" subsystem content and embedded into the resulting profile.
2024-06-07reverse-proxy: T6454: Set default value of http for haproxy modeAlex W
2024-06-06Merge pull request #3578 from nicolas-fort/raw-hookDaniil Baturin
T3900: Add support for raw tables in firewall
2024-06-05Merge pull request #3584 from dmbaturin/T6446-display-support-urlDaniil Baturin
show version: T6446: display the support URL for LTS builds
2024-06-05Merge pull request #3571 from fett0/T6429Daniil Baturin
isis: T6429: fix isis metric-style configuration missing
2024-06-05show version: T6446: display the support URL for LTS buildsDaniil Baturin
2024-06-04T3900: T6394: extend functionalities in firewall; move netfilter sysctl ↵Nicolas Fort
timeout parameters defined in conntrack to firewall global-opton section.
2024-06-03reverse-proxy: T6434: Support additional healthcheck options (#3574)Alex W
2024-05-31isis: T6429: fix isis metric-style configuration missingfett0
2024-05-30Merge pull request #3510 from HollyGurza/T4576Daniil Baturin
T4576: Accel-ppp logging level configuration
2024-05-30Merge pull request #3552 from c-po/ipsec-profileChristian Breunig
op-mode: ipsec: T6407: fix profile generation
2024-05-30Merge pull request #3546 from c-po/haproxyChristian Breunig
reverse-proxy: T6419: build full CA chain when verifying backend server
2024-05-30op-mode: ipsec: T6407: fix profile generationChristian Breunig
Commit 952b1656f51 ("ipsec: T5606: T5871: Use multi node for CA certificates") added support for multiple CA certificates which broke the OP mode command to generate the IPSec profiles as it did not expect a list and was rather working on a string. Now multiple CAs can be rendered into the Apple IOS profile.
2024-05-29reverse-proxy: T5231: better mark v4v6 listen any addressChristian Breunig
haproxy supports both ":::80 v4v6" and "[::]:80 v4v6" as listen statement, where the later one is more humand readable. Both act in the same way.
2024-05-29ISIS: T6332: Fix isis not working only ipv6fett0
2024-05-27T4576: Accel-ppp logging level configurationkhramshinr
add ability to change logging level config for: * VPN L2TP * VPN PPTP * VPN SSTP * IPoE Server * PPPoE Serve
2024-05-23Merge pull request #3399 from 0xThiebaut/suricataChristian Breunig
suricata: T751: Initial support for suricata
2024-05-23suricata: T751: use key_mangling in get_config_dict()Christian Breunig
2024-05-21reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responsesAlex W