Age | Commit message (Collapse) | Author |
|
T6687: add fqdn support to nat rules. (backport #4024)
|
|
(cherry picked from commit 4c3d037f036e84c77333a400b35bb1a628a1a118)
|
|
Add CLI option to include the systems timezone in the syslog message sent to
a collector. This can be enabled using:
set system syslog host <hostname> format include-timezone
(cherry picked from commit 042be39ccabb43a766e04a447207610ff017bd7d)
|
|
(cherry picked from commit c196c6d9207ef112e478f44923b2d0bc8a15b3c9)
|
|
(cherry picked from commit 0c9499c5b3f7cc053c1f29ecf28d679c1a3156e2)
|
|
fix: attempt to fix indentation on `wpa_supplicant.conf.j2`
fix: attempt to fix indentation on `wpa_supplicant.conf.j2`
fix: incorrect bssid mapping
fix: use the correct jinja templating (I think)
fix: “remote blank space
fix: attempt to fix the formatting in j2
fix: attempt to fix the formatting in j2
feat: rename enterprise username and password + add checks in conf mode.
fix: move around `bssid` config option on `wpa_supplicant.conf.j2` and fix the security config part
fix: fix indentation on `wpa_supplicant.conf.j2`
(cherry picked from commit fc4263021acb72d2d8afb165922d9cb7e11b2bf1)
|
|
(cherry picked from commit b62b2f5f8a9c4f0a7dc26bce1f15843651119256)
|
|
(cherry picked from commit dd5908eac390294ea178953fc0e6821d803d62f6)
|
|
(cherry picked from commit 194a14e958ad336d590ba8f076e163f6908dcddc)
Co-authored-by: Alain Lamar <alain_lamar@yahoo.de>
|
|
(cherry picked from commit eec95109981140f1b4323bcf4526c10c6364d9ae)
|
|
(cherry picked from commit 663e468de2b431f771534b4e3a2d00a5924b98fe)
|
|
(cherry picked from commit d5ae708581d453e2205ad4cf8576503f42e262b6)
|
|
(cherry picked from commit 4acad3eb8d9be173b76fecafc32b0c70eae9b192)
|
|
(cherry picked from commit f2256ad338fc3fbaa9a5de2c0615603cd23e0f94)
|
|
(cherry picked from commit e97d86e619e134f4dfda06efb7df4a3296d17b95)
|
|
(cherry picked from commit 8c8054ad5410e8aedf6ab7a0702b317872d4fd41)
|
|
(cherry picked from commit 440a3e6b89748bfd861f580fc8c4f41b58c6cec2)
|
|
(cherry picked from commit ef50cd9954a2d6eb2a041c26a0bb8ea0758b1f17)
|
|
(cherry picked from commit b92bc209cc1d6ed54a5fa052e0c27c54488ae955)
|
|
Authored-By: Alain Lamar <alain_lamar@yahoo.de>
(cherry picked from commit d5e988ba2d0fa0189feff22374c9b46eb49e2e79)
|
|
(cherry picked from commit f75f0f9c94472f46e056808c3ac6aba809c090f0)
|
|
Also adds support for life_bytes, life_packets, and DPD for
remote-access connections. Changes behavior of remote-access esp-group
lifetime setting to have parity with site-to-site connections.
(cherry picked from commit fd5d7ff0b4fd69b248ecb29c6ec1f3cf844c41cf)
|
|
ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option (backport #3721)
|
|
(cherry picked from commit 977d2fbf7a62a97d98b38cf28e62f08fc9e8d3a2)
|
|
(cherry picked from commit 06e6e011cdf12e8d10cf1f6d4d848fd5db51720d)
|
|
If a firewall is not configured there is no reason to get and
execute telegraf firewall custom scripts as there are no nft
chain in the firewall nftables configuration
(cherry picked from commit ebff0c481907ac0c2c0be9981c3c3d87caf3003b)
|
|
Add Loki plugin to telegraf
set service monitoring telegraf loki url xxx
(cherry picked from commit 3365eb7ab99fa9a259fe440eb51e82fc0a0a4dc6)
|
|
T751: Remove ids suricata
|
|
(cherry picked from commit c0b2693cebc3429e1974a9cec5946fa88ffc0205)
|
|
output
|
|
|
|
generation
In e6fe6e50a5c ("op-mode: ipsec: T6407: fix profile generation") we fixed
support for multiple CAs when dealing with the generation of Apple IOS profiles.
This commit extends support to properly include the common name of the server
certificate issuer and all it's paren't CAs. A list of parent CAs is
automatically generated from the "PKI" subsystem content and embedded into the
resulting profile.
|
|
|
|
T3900: Add support for raw tables in firewall
|
|
show version: T6446: display the support URL for LTS builds
|
|
isis: T6429: fix isis metric-style configuration missing
|
|
|
|
timeout parameters defined in conntrack to firewall global-opton section.
|
|
|
|
|
|
T4576: Accel-ppp logging level configuration
|
|
op-mode: ipsec: T6407: fix profile generation
|
|
reverse-proxy: T6419: build full CA chain when verifying backend server
|
|
Commit 952b1656f51 ("ipsec: T5606: T5871: Use multi node for CA certificates")
added support for multiple CA certificates which broke the OP mode command
to generate the IPSec profiles as it did not expect a list and was rather
working on a string.
Now multiple CAs can be rendered into the Apple IOS profile.
|
|
haproxy supports both ":::80 v4v6" and "[::]:80 v4v6" as listen statement,
where the later one is more humand readable. Both act in the same way.
|
|
|
|
add ability to change logging level config for:
* VPN L2TP
* VPN PPTP
* VPN SSTP
* IPoE Server
* PPPoE Serve
|
|
suricata: T751: Initial support for suricata
|
|
|
|
|