| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-09-17 | Revert "openvpn: T3736: openvpn-option keeps and adds double dashes (--)" | Kim Hagen | |
| This reverts commit 415e572dfba776a981e2ec1e4331c30cd5cb59f3. | |||
| 2021-09-17 | update the location of the openvpn-otp.so plugin | Kim Hagen | |
| 2021-09-15 | ipsec: T3830: "authentication id|use-x509-id" are mutually exclusive | Christian Poessinger | |
| Manually set peer id and use-x509-id are mutually exclusive! | |||
| 2021-09-15 | ipsec: T3830: set connections.<conn>.remote<suffix>.id to "peer" if undefined | Christian Poessinger | |
| Restore "default" behavior from ipsec.conf | |||
| 2021-09-13 | ipsec: T3828: Use IKE dh-group when ESP dh-group is set to `enable` | sarthurdev | |
| 2021-09-10 | Merge pull request #1000 from sever-sever/T3810 | Christian Poessinger | |
| squid: squidguard: T3810: Fix template for sourcre-group and rule | |||
| 2021-09-10 | squid: squidguard: T3810: Fix template for sourcre-group and rule | Viacheslav | |
| Modify template for squid Replace old directives to actual | |||
| 2021-09-10 | squid: T3810: Remove build in acl vars localost and to_localhost | Viacheslav | |
| 2021-09-08 | openvpn: T3805: drop privileges using systemd - required for rtnetlink | Christian Poessinger | |
| 2021-09-06 | https: T2230: only support TLS1.2 and TLS1.3 | Christian Poessinger | |
| 2021-09-04 | bgp: T3798: "replace-as" option can only be used when "no-prepend" is defined | Christian Poessinger | |
| Commit 5f1c1ae4 ("bgp: T3798: add support for neighbor local-as <n> replace-as") added support for a new CLI option when the local-as is changed for a specified neighbor or peer-group. There was an error in the CLI / design as the "replace-as" option can only be used when "no-prepend" is defined. Thus "no-prepend" became a <node> and the new "replace-as" leafNode is now a child of "no-prepend". | |||
| 2021-09-03 | bgp: T3798: add support for neighbor local-as <n> replace-as | Christian Poessinger | |
| 2021-09-03 | do not use capitals in opmode | Kim Hagen | |
| rename t0 to drift add subnemu for 2fa to make it more readable | |||
| 2021-09-03 | fix configure error if 2fa is defined but no option is defined | Kim Hagen | |
| 2021-09-03 | change secret file location in template | Kim Hagen | |
| 2021-09-03 | fix file location and use correct variable | Kim Hagen | |
| 2021-09-02 | pptp-server: T3790: Change ippool priority and define gw-ip-address | DmitriyEshenko | |
| (cherry picked from commit 23388fe193f04ab05f270098123cbb3e5f0b9f75) | |||
| 2021-09-02 | add 2fa op files and update template | Kim Hagen | |
| 2021-08-29 | ospf: T3236: add possibility to redistribute "table" | Christian Poessinger | |
| Add new CLI command: * "set protocols ospf redistribute table <n>" | |||
| 2021-08-29 | isis: T3783: bugfix configuring spf-delay-ietf | Christian Poessinger | |
| Mandatory FRR options for spf-delay-ietf did not get rendered in the Jinja2 template. | |||
| 2021-08-27 | ipsec: T1210: Jinj2 template did not honor inactivity/timeout setting | Christian Poessinger | |
| 2021-08-26 | Merge pull request #965 from c-po/t3739-evpn-route-map | Christian Poessinger | |
| bgp: evpn: T3739: add route-map match support | |||
| 2021-08-22 | l2tp: Jinja2 add trailing newline | Christian Poessinger | |
| 2021-08-22 | pppoe: T1318: set source interface next to rp-pppoe.so plugin in peer template | Christian Poessinger | |
| 2021-08-22 | pppoe: T3641: set "noipv6" if IPv6 is not configured in newer pppd version | Christian Poessinger | |
| 2021-08-21 | pppoe: T1318: implement missing access-concentrator CLI option | Christian Poessinger | |
| 2021-08-21 | pppoe: T3090: migrate to vyos.ifconfig library to use the full potential | Christian Poessinger | |
| Now that MSS clamping is done on the "per-interface" level the entire PPPoE stuff would have needed to get a full copy in GNU BASH for this or, participate in the common library. Add a new PPP ip-up script named 99-vyos-pppoe-callback which will call the vyos.ifconfig.PPPoEIf.update() function to configure everything as done with all other interfaces. This removes duplicated code for VRF assignment and route installation when a PPPoE interface is brought up or down. | |||
| 2021-08-21 | route: static: T2450: add next-hop interface on dhcp routes | Christian Poessinger | |
| 2021-08-20 | bgp: T3759: add IPv4/IPv6 unicast AFI route-map for VPN import/export | Christian Poessinger | |
| This adds the following new commands: set protocols bgp address-family ipv4-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv4-unicast route-map vpn import foo-map-in set protocols bgp address-family ipv6-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv6-unicast route-map vpn import foo-map-in | |||
| 2021-08-20 | ipsec: T1210: add missing if clause around unique key | Christian Poessinger | |
| 2021-08-19 | ipsec: dmvpn: T3764: bugfix mixed up IKE/ESP lifetime variable | Christian Poessinger | |
| IKE lifetime is life_time, and ESP lifetime is rekey_time. | |||
| 2021-08-19 | ipsec: T3764: add additional quantifier for IKE and ESP lifetime | Christian Poessinger | |
| Commit 7a873eb6 ("ipsec: T3764: bugfix missing IKE and ESP lifetime values") re-added the lost in translation IKE/ESP rekey values. But it did not specify the unit, which is s(econd). | |||
| 2021-08-19 | ipsec: T3764: bugfix missing IKE and ESP lifetime values | Christian Poessinger | |
| During the migration the IKE and ESP key/re-key lifetime settings got lost in translation. This is now fixed and the values/defaults correspond to VyOS 1.3. | |||
| 2021-08-18 | bgp: evpn: T1513: fix indention when writing address-family config | Christian Poessinger | |
| 2021-08-18 | bgp: T3759: add l3vpn "route-target vpn" commands | Christian Poessinger | |
| Add the following new commands: * set protocols bgp address-family ipv4-unicast route-target vpn both 1.1.1.1:100 * set protocols bgp address-family ipv4-unicast route-target vpn export 1.1.1.1:100 * set protocols bgp address-family ipv4-unicast route-target vpn import 1.1.1.1:100 | |||
| 2021-08-18 | bgp: T3759: fix indention when writing address-family config | Christian Poessinger | |
| 2021-08-18 | bgp: T3759: add l3vpn "rd" route-distinguisher commands | Christian Poessinger | |
| Add the following new commands: * set protocols bgp address-family ipv4-unicast rd vpn export * set protocols bgp address-family ipv6-unicast rd vpn export | |||
| 2021-08-18 | bgp: T2387: fix indention when writing address-family config | Christian Poessinger | |
| 2021-08-18 | bgp: T3759: add l3vpn "label vpn export" commands | Christian Poessinger | |
| Add the following new commands: * set protocols bgp address-family ipv4-unicast label vpn export (auto | 0-1048575) * set protocols bgp address-family ipv6-unicast label vpn export (auto | 0-1048575) | |||
| 2021-08-18 | nat66: ndppd: T2518: rename Jinja2 template folder to match common naming ↵ | Christian Poessinger | |
| convention | |||
| 2021-08-18 | ndppd: T2518: add missing if statement for translation address in Jinja2 ↵ | Christian Poessinger | |
| template This triggered a bug during smoketesting. File "/usr/share/vyos/templates/proxy-ndp/ndppd.conf.tmpl", line 24, in top-level template code {% if config.translation.address is defined and config.translation.address | is_ip_network %} File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 471, in getattr return getattr(obj, attribute) jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'translation' | |||
| 2021-08-17 | bgp: T3759: add l3vpn "import vrf" commands | Christian Poessinger | |
| 2021-08-17 | bgp: T3759: add l3vpn import/export vpn command for IPv4/IPv6 AFI | Christian Poessinger | |
| 2021-08-17 | add part 2fa | Kim Hagen | |
| 2021-08-16 | openvpn: T690: Add metric for pushed routes | Viacheslav | |
| 2021-08-15 | ospf: T3236: improve Jinja2 template - always use if before a loop | Christian Poessinger | |
| 2021-08-15 | ospf: T3757: support to configure area at an interface level | Christian Poessinger | |
| FRR supports configuring either network prefixes per area, or assign an interface to an area to participate in the routing process. This is already well known from other venders and supported by FRR. A valid VyOS OSPF configuration would then look like: vyos@vyos# show protocols ospf { interface dum0 { area 0 } interface eth0.201 { area 0 authentication { md5 { key-id 10 { md5-key vyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } log-adjacency-changes { detail } parameters { abr-type cisco router-id 172.18.254.201 } passive-interface default passive-interface-exclude eth0.201 } | |||
| 2021-08-14 | ospf: T3236: use proper daemon named template file | Christian Poessinger | |
| 2021-08-13 | vrf: T3734: T3728: vni must be configured with a higher priority then bgpd | Christian Poessinger | |
| When removing bgp (vrf) instances the assigned VRF vni must be deleted from FRR prior the removal of the bgp settings (T3734). This is now done by moving the CLI command "set vrf name red vni 1000" to a dedicated Python script with a priority higher then bgp. | |||
| 2021-08-13 | Merge pull request #914 from sever-sever/T3673 | Christian Poessinger | |
| policy: T3673: Add set large-comm-list for route-map | |||
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/marekm72/vyos-1x.git) |
| summaryrefslogtreecommitdiff |