Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-07-22 | T6599: ipsec: support disabling rekey of CHILD_SA. | Lucas Christian | |
Also adds support for life_bytes, life_packets, and DPD for remote-access connections. Changes behavior of remote-access esp-group lifetime setting to have parity with site-to-site connections. | |||
2024-07-19 | SSTP-server: add missed pppd_compat module | Viacheslav Hletenko | |
2024-07-19 | PPTP-server: add missed pppd_compat module | Viacheslav Hletenko | |
2024-07-19 | L2TP-server: add missed pppd_compat module | Viacheslav Hletenko | |
2024-07-19 | IPoE-server: add missed pppd_compat module | Viacheslav Hletenko | |
2024-07-19 | T6362: Create conntrack logger daemon | khramshinr | |
2024-07-05 | wireless: T6496: use mac-address validator on BSSID and move it up one CLI level | Christian Breunig | |
2024-07-05 | wireless: T6496: support for EAP-MSCHAPv2 client over wifi | Christopher | |
fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: incorrect bssid mapping fix: use the correct jinja templating (I think) fix: “remote blank space fix: attempt to fix the formatting in j2 fix: attempt to fix the formatting in j2 feat: rename enterprise username and password + add checks in conf mode. fix: move around `bssid` config option on `wpa_supplicant.conf.j2` and fix the security config part fix: fix indentation on `wpa_supplicant.conf.j2` | |||
2024-07-04 | Merge pull request #3753 from jvoss/haproxy_logging | Christian Breunig | |
T6539: add logging options to load-balancer reverse-proxy | |||
2024-07-03 | T6539: add logging options to load-balancer reverse-proxy | Jonathan Voss | |
2024-07-03 | syslog: T5366: remove reference to deprecated sysvinit rsyslog script | John Estabrook | |
2024-07-02 | Merge pull request #3721 from HollyGurza/T5878 | Daniil Baturin | |
ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option | |||
2024-07-02 | T6523: Telegraf use nft scripts only if the firewall configured | Viacheslav Hletenko | |
If a firewall is not configured there is no reason to get and execute telegraf firewall custom scripts as there are no nft chain in the firewall nftables configuration | |||
2024-06-28 | Merge pull request #3720 from sever-sever/T6477 | Christian Breunig | |
T6477: Add telegraf loki output plugin | |||
2024-06-28 | Merge pull request #3730 from natali-rs1985/T5710-current | Christian Breunig | |
pppoe-server: T5710: Add option permit any-login | |||
2024-06-28 | T6477: Add telegraf loki output plugin | Viacheslav Hletenko | |
Add Loki plugin to telegraf set service monitoring telegraf loki url xxx | |||
2024-06-28 | pppoe-server: T5710: Add option permit any-login | Nataliia Solomko | |
2024-06-28 | ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option | khramshinr | |
2024-06-27 | wireless: T6320: add 802.11ax at 6GHz | Alain Lamar | |
Authored-By: Alain Lamar <alain_lamar@yahoo.de> | |||
2024-06-25 | T3900: extend latest fix for firewall raw implementation to ipv6. | Nicolas Fort | |
2024-06-24 | T5735: Stunnel CLI and configuration | khramshinr | |
Add CLI commands Add config Add conf_mode Add systemd config Add stunnel smoketests Add log level config | |||
2024-06-20 | T3900: firewall: fix for initial implementation - remove jump to state ↵ | Nicolas Fort | |
policy on OUTUT_raw | |||
2024-06-20 | Merge pull request #3677 from HollyGurza/T5949 | Christian Breunig | |
T5949: Add option to disable USB autosuspend | |||
2024-06-19 | T5949: Add option to disable USB autosuspend | khramshinr | |
2024-06-18 | wireless: T6425: Fix broken VHT beamforming | Alain Lamar | |
2024-06-12 | op_mode: T6227: Rewrite show conntrack-sync cache internal to use tabulate ↵ | Nataliia Solomko | |
output | |||
2024-06-09 | op-mode: T6424: ipsec: honor certificate CN and CA chain during profile ↵ | Christian Breunig | |
generation In e6fe6e50a5c ("op-mode: ipsec: T6407: fix profile generation") we fixed support for multiple CAs when dealing with the generation of Apple IOS profiles. This commit extends support to properly include the common name of the server certificate issuer and all it's paren't CAs. A list of parent CAs is automatically generated from the "PKI" subsystem content and embedded into the resulting profile. | |||
2024-06-07 | reverse-proxy: T6454: Set default value of http for haproxy mode | Alex W | |
2024-06-06 | Merge pull request #3578 from nicolas-fort/raw-hook | Daniil Baturin | |
T3900: Add support for raw tables in firewall | |||
2024-06-05 | Merge pull request #3584 from dmbaturin/T6446-display-support-url | Daniil Baturin | |
show version: T6446: display the support URL for LTS builds | |||
2024-06-05 | Merge pull request #3571 from fett0/T6429 | Daniil Baturin | |
isis: T6429: fix isis metric-style configuration missing | |||
2024-06-05 | show version: T6446: display the support URL for LTS builds | Daniil Baturin | |
2024-06-04 | T3900: T6394: extend functionalities in firewall; move netfilter sysctl ↵ | Nicolas Fort | |
timeout parameters defined in conntrack to firewall global-opton section. | |||
2024-06-03 | reverse-proxy: T6434: Support additional healthcheck options (#3574) | Alex W | |
2024-05-31 | isis: T6429: fix isis metric-style configuration missing | fett0 | |
2024-05-30 | Merge pull request #3510 from HollyGurza/T4576 | Daniil Baturin | |
T4576: Accel-ppp logging level configuration | |||
2024-05-30 | Merge pull request #3552 from c-po/ipsec-profile | Christian Breunig | |
op-mode: ipsec: T6407: fix profile generation | |||
2024-05-30 | Merge pull request #3546 from c-po/haproxy | Christian Breunig | |
reverse-proxy: T6419: build full CA chain when verifying backend server | |||
2024-05-30 | op-mode: ipsec: T6407: fix profile generation | Christian Breunig | |
Commit 952b1656f51 ("ipsec: T5606: T5871: Use multi node for CA certificates") added support for multiple CA certificates which broke the OP mode command to generate the IPSec profiles as it did not expect a list and was rather working on a string. Now multiple CAs can be rendered into the Apple IOS profile. | |||
2024-05-29 | reverse-proxy: T5231: better mark v4v6 listen any address | Christian Breunig | |
haproxy supports both ":::80 v4v6" and "[::]:80 v4v6" as listen statement, where the later one is more humand readable. Both act in the same way. | |||
2024-05-29 | ISIS: T6332: Fix isis not working only ipv6 | fett0 | |
2024-05-27 | T4576: Accel-ppp logging level configuration | khramshinr | |
add ability to change logging level config for: * VPN L2TP * VPN PPTP * VPN SSTP * IPoE Server * PPPoE Serve | |||
2024-05-23 | Merge pull request #3399 from 0xThiebaut/suricata | Christian Breunig | |
suricata: T751: Initial support for suricata | |||
2024-05-23 | suricata: T751: use key_mangling in get_config_dict() | Christian Breunig | |
2024-05-21 | reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses | Alex W | |
2024-05-16 | Merge pull request #3450 from HollyGurza/T5756 | Christian Breunig | |
T5756: L2TP RADIUS backup and weight settings | |||
2024-05-15 | T3900: add support for raw table in firewall. | Nicolas Fort | |
2024-05-15 | T5756: L2TP RADIUS backup and weight settings | khramshinr | |
2024-05-14 | T3420: Remove service upnp | Viacheslav Hletenko | |
Remove `service upnp` as it never worked as expected, nft rules do not integrated and custom patches do not seem like a suitable solution for now. Security: UPnP has been historically associated with security risks due to its automatic and potentially unauthenticated nature. UPnP devices might be vulnerable to unauthorized access or exploitation. | |||
2024-05-12 | suricata: T751: Initial support for suricata | Maxime THIEBAUT | |