Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-04-03 | mpls: T4333: migrate to new vyos_defined Jinja2 test | Christian Poessinger | |
2022-04-03 | isis: T3156: add segment routing local-block for ISIS | Christian Poessinger | |
2022-04-03 | isis: T4333: fix remaining "is defined" instances | Christian Poessinger | |
2022-04-03 | isis: T4336: add support for MD5 authentication password on a circuit | Christian Poessinger | |
2022-04-03 | isis: T4333: migrate to new vyos_defined Jinja2 test | Christian Poessinger | |
2022-04-03 | bfd: T4333: migrate to new vyos_defined Jinja2 test | Christian Poessinger | |
2022-04-03 | conntrack: T4333: migrate to new vyos_defined Jinja2 test | Christian Poessinger | |
2022-04-02 | udp-broadcast-relay: T4333: migrate to new vyos_defined Jinja2 test | Christian Poessinger | |
2022-04-01 | bgp: T4333: migrate to new vyos_defined Jinja2 test | Christian Poessinger | |
2022-03-31 | bgp: T4326: Add bgp parameter no-suppress-duplicates | Viacheslav Hletenko | |
Add new bgp parameter 'no-suppress-duplicates' set protocols bgp parameters no-suppress-duplicates | |||
2022-03-24 | Merge pull request #1251 from srividya0208/T4288a | Christian Poessinger | |
ike-group: T4288 : close-action is missing in swanctl.conf | |||
2022-03-24 | ike-group: T4288 : close-action is missing in swanctl.conf | srividya0208 | |
close-action parameter is missing in the swanctl.conf file | |||
2022-03-17 | OSPF : T4304: Set import/export filter inter-area prefix | fett0 | |
2022-03-16 | frr: T4302: fix Jinja2 template to match new FRR syntax | Christian Poessinger | |
According to a wrong bug [1] there is no longer a vrf suffix available for interfaces. This got changed in [2] which no longer print vrf name for interface config when using vrf-lite. 1: https://github.com/FRRouting/frr/issues/10805 2: https://github.com/FRRouting/frr/pull/10411 | |||
2022-03-15 | frr: T4302: upgrade to version 8.2 | Christian Poessinger | |
2022-03-12 | Merge branch 'T2493-nexthop-unchanged' of https://github.com/plett/vyos-1x ↵ | Christian Poessinger | |
into current * 'T2493-nexthop-unchanged' of https://github.com/plett/vyos-1x: policy: T2493 ip-next-hop unchanged & peer-address | |||
2022-03-09 | policy: T2493 ip-next-hop unchanged & peer-address | Paul Lettington | |
Also add ipv6-next-hop peer-address | |||
2022-03-07 | logrotate: T4250: Fixed logrotate config generation | zsdc | |
* Removed `/var/log/auth.log` and `/var/log/messages` from `/etc/logrotate.d/rsyslog`, because they conflict with VyOS-controlled items what leads to service error. * Removed generation config file for `/var/log/messages` from `system-syslog.py` - this should be done from `syslom logs` now. * Generate each logfile from `system syslog file` to a dedicated logrotate config file. * Fixed logrotate config file names in `/etc/rsyslog.d/vyos-rsyslog.conf`. * Added default logrotate settins for `/var/log/messages` | |||
2022-03-03 | static: T4283: support "reject" routes - emit an ICMP unreachable when matched | Christian Poessinger | |
2022-03-01 | flow-accounting: T4277: support sending flow-data via VRF interface | Christian Poessinger | |
It should be possible to send the gathered data via a VRF bound interface to the collector. This is somehow related to T3981 but it's the opposite side of the netflow process. set system flow-accounting vrf <name> | |||
2022-02-26 | lldp: T4272: minor bugfix in Jinja2 template for location | Christian Poessinger | |
2022-02-26 | lldp: T4272: migrate to get_config_dict() | Christian Poessinger | |
2022-02-25 | zone-policy: T2199: bugfix defaultValue usage | Christian Poessinger | |
Instead of hardcoding the default behavior inside the Jinaj2 template, all defaults are required to be specified inside teh XML definition. This is required to automatically render the appropriate CLI tab completion commands. | |||
2022-02-22 | Merge pull request #1230 from sever-sever/T1856 | Christian Poessinger | |
ipsec: T1856: Ability to set SA life bytes and packets | |||
2022-02-20 | ipsec: T3948: Add CLI site-to-site peer connection-type none | Viacheslav Hletenko | |
set vpn ipsec site-to-site peer 192.0.2.14 connection-type none | |||
2022-02-20 | ipsec: T1856: Ability to set SA life bytes and packets | Viacheslav Hletenko | |
set vpn ipsec esp-group grp-ESP life-bytes '100000' set vpn ipsec esp-group grp-ESP life-packets '2000000' | |||
2022-02-20 | Merge branch 't4203-dhcp' into current | Christian Poessinger | |
* t4203-dhcp: smoketest: dhcp: T4203: move testcase to base class static: T4203: obey interface dhcp default route distance interface: T4203: prevent DHCP client restart if not necessary | |||
2022-02-20 | Merge pull request #1226 from sever-sever/T4254 | Christian Poessinger | |
vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options | |||
2022-02-20 | static: T4203: obey interface dhcp default route distance | Christian Poessinger | |
Commit 05aa22dc ("protocols: static: T3680: do not delete DHCP received routes") added a bug whenever a static route is modified - the DHCP interface will always end up with metric 210 - if there was a default route over a DHCP interface. | |||
2022-02-19 | vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options | Viacheslav Hletenko | |
Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn charon.install_virtual_ip_on swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z set vpn ipsec options flexvpn set vpn ipsec options virtual-ip set vpn ipsec options interface tunX set vpn ipsec site-to-site peer x.x.x.x virtual-address x.x.x.x | |||
2022-02-18 | DHCP : T4258: Set correct port for dhcp-failover | fett0 | |
2022-02-09 | openvpn: T3686: Fix for check local-address in script and tmpl | Viacheslav Hletenko | |
Local-address should be checked/executed only if it exists in the openvpn configuration, dictionary, jinja2 template | |||
2022-02-08 | Merge pull request #1208 from sever-sever/T3600 | Christian Poessinger | |
dhcp: T3600: Fix DHCP static table dhcp-interface route | |||
2022-02-08 | monitoring: T3872: Add input filter for firewall InfluxDB2 | Viacheslav Hletenko | |
Input filter for firewall allows to get bytes/counters from nftables in format, required for InfluxDB2 | |||
2022-02-07 | dhcp: T3600: Fix DHCP static table dhcp-interface route | Viacheslav Hletenko | |
Static table dhcp-interface route required table in template Without table this route will be placed to table 'main' by default | |||
2022-02-05 | Merge pull request #1200 from sever-sever/T3872 | Christian Poessinger | |
monitoring: T3872: Fix template input plugin for running services | |||
2022-02-04 | firewall: T4209: Fix support for rule `recent` matches | sarthurdev | |
2022-02-02 | monitoring: T3872: Fix template input plugin for running services | Viacheslav Hletenko | |
Add required capability for input scripts which collect statistics of running services | |||
2022-01-29 | firewall: T4218: Adds a prefix to all user defined chains | sarthurdev | |
2022-01-30 | Merge pull request #789 from jack9603301/T3420 | Daniil Baturin | |
upnpd: T3420: Support UPNP protocol | |||
2022-01-25 | monitoring: T3872: Delete iptables input plugin as we use nft | Viacheslav | |
Telegraf inputs iptables plugin incompatible with nftables As it tries to get statistics from "iptables -L -n -v" which doesnt display required data in 1.4 as we don't use iptables anymore | |||
2022-01-25 | sshd: T4205: Hide extra version suffix "Debian" | Viacheslav Hletenko | |
Disable distribution-specified extra version suffix is included during initial protocol handshake SSH-2.0-OpenSSH_8.4p1 Debian-5 => SSH-2.0-OpenSSH_8.4p1 | |||
2022-01-21 | Merge pull request #1180 from goodNETnick/dhcp-client-prefix | Christian Poessinger | |
DHCP: T4196: fix client-prefix-length parameter | |||
2022-01-20 | DHCP: T4196: fix client-prefix-length parameter | goodNETnick | |
2022-01-20 | firewall: T2199: Add log prefix to match legacy perl behaviour | sarthurdev | |
Example syslog: [FWNAME-default-D] ... * Also clean-up firewall default-action | |||
2022-01-19 | Merge pull request #1177 from sarthurdev/mac_groups | Christian Poessinger | |
firewall: T3560: Add support for MAC address groups | |||
2022-01-19 | OSPF : T4195: ability to set maximum paths for OSPF | fett0 | |
2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
2022-01-18 | firewall: T4188: Create default conntrack `FW_CONNTRACK` chain | sarthurdev | |
This chain was missing from the XML/Python rewrite thus all traffic fell through to the `notrack` rule. | |||
2022-01-17 | Merge pull request #1174 from sarthurdev/firewall | Christian Poessinger | |
firewall: T4178: T3873: tcp flags syntax refactor, intra-zone-filtering fix |