summaryrefslogtreecommitdiff
path: root/data
AgeCommit message (Collapse)Author
2021-09-21vrrp: keepalived: T616: enable script securityChristian Poessinger
(cherry picked from commit 590cf0e626f6a5e813ec4f3021c028a5e098e27d)
2021-09-21vrrp: keepalived: T616: move configuration to volatile /run directoryChristian Poessinger
Move keepalived configuration from /etc/keepalived to /run/keepalived. (cherry picked from commit b243795eba1b36cadd81c3149e833bdf5c5bea70)
2021-09-21vrrp: keepalived: T2720: adjust to Jinja2 trim_blocks featureChristian Poessinger
This is a successor to commit a2ac9fac16e ("vyos.template: T2720: always enable Jinja2 trim_blocks feature"). It only shifts the whitespaces / indents inside the keepalived configuration file. (cherry picked from commit c1ac0630cfe0ee65569fbe435cc006ade20fed22)
2021-09-21dhcp-server: T3839: support domain-search and ntp-server config per ↵Christian Poessinger
shared-network (cherry picked from commit 689d1824d251ea9fbd81bf0c941dbd36e33ef420)
2021-09-19dhcp-server: T2927: Add empty args if does not possible to determine variablesDmitriyEshenko
(cherry picked from commit 2f8b33a26e63e5b9ac4e697b9312f2238d6241f3)
2021-09-19dhcp-server: T3839: support name-servers and domain config per shared-networkChristian Poessinger
DHCP servers "shared-network" level only makes sense if one can specify configuration items that can be inherited by individual subnets. This is now possible for name-servers and the domain-name. set service dhcp-server shared-network-name LAN domain-name 'vyos.net' set service dhcp-server shared-network-name LAN name-server '192.0.2.1' (cherry picked from commit d411a40a3598c55fae7abd8bc5f1876007aa704b)
2021-09-19dhcp-server: T3672: bugfix Jinja2 templateChristian Poessinger
The DHCP servers pool {} option can only be used when there follows a range statement. This is invalid for a network with only "static" leases. (cherry picked from commit 6c2c089c26f1652644c9ded7d5cfd8a0497f148e)
2021-09-19dhcp-server: T3841: add option to perform ICMP check before address assignmentChristian Poessinger
(cherry picked from commit 83ea0cb273e29db22062cc133b6eabd4ba2761c7)
2021-09-19dhcp-server: T3672: re-add missing "name" CLI optionChristian Poessinger
This option is mandatory and must be user configurable as it needs to match on both sides. (cherry picked from commit 2985035bcb2f3732e15a41e3c2ee6c6c93a6836e)
2021-09-19dhcp-server: T3672: only one failover peer is supportedChristian Poessinger
(cherry picked from commit a8ccf72c222caad8cd7aaca9bca773be39e87f5c)
2021-09-19dhcp-server: T3838: rename dns-server to name-server nodeChristian Poessinger
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given pool. In order to use the same CLI syntax this should be renamed to name-server, which is already the case for DHCPv6. (cherry picked from commit e2f9f4f4e8b2e961a58d935d09798ddb4e1e0460)
2021-09-19dhcp-server: T1968: allow multiple static-routes to be configuredChristian Poessinger
vyos@vyos# show service dhcp-server shared-network-name LAN { subnet 10.0.0.0/24 { default-router 10.0.0.1 dns-server 194.145.150.1 lease 88 range 0 { start 10.0.0.100 stop 10.0.0.200 } static-route 192.168.10.0/24 { next-hop 10.0.0.2 } static-route 192.168.20.0/24 { router 10.0.0.2 } } } (cherry picked from commit a4440bd589db645eb99f343a8163e188a700774c)
2021-09-11T3275: conntrack: Add missing conntrack templatesLulu Cathrinus Grimalkin
2021-09-09openvpn: T3805: drop privileges using systemd - required for rtnetlinkChristian Poessinger
(cherry picked from commit 2647edc30f1e02840cae62fde8b44345d35ac720)
2021-09-06https: T2230: only support TLS1.2 and TLS1.3Christian Poessinger
(cherry picked from commit 7546e249708de3e0b4bf8f89912caf73265edd60)
2021-09-06syslog: T3396: Fix template for remote IPv6 hostViacheslav
2021-09-03openvpn: T690: Add metric for pushed routesViacheslav
2021-09-02sstp-server: T2661: Delete CA certificate redundancy checkDmitriyEshenko
2021-09-01pptp-server: T3790: Change ippool priority and define gw-ip-addressDmitriyEshenko
2021-08-25isis: T3779: backport entire 1.4 (current) featuresetChristian Poessinger
As IS-IS is a new feature and the CLI configuration changed from 1.3 -> 1.4 (required by T3417) it makes sense to synchronize the CLI configuration for both versions. This means backporting the CLI from 1.4 -> 1.3 to not confuse the userbase already with a brand new feature. As 1.3.0-epa1 is on the way and should not contain any CLI changes afterwards, this is the perfect time.
2021-08-22pppoe: T1318: set source interface next to rp-pppoe.so plugin in peer templateChristian Poessinger
(cherry picked from commit 8fc06b5f8bbfcc49e69406fd70cd5cd42fb6d39f)
2021-08-22pppoe: T1318: implement missing access-concentrator CLI optionChristian Poessinger
(cherry picked from commit b121ee14ff1961b56568b0116de3c246ea4af934)
2021-08-13nginx: T3740: use bracketize_ipv6 Jinja2 filter on server addressChristian Poessinger
(cherry picked from commit f3df9e97c6bedd305133e860654fc0213c12fd6b)
2021-08-12nat: T1083: fix Jinja2 templating errorChristian Poessinger
Commit 166d44b3 ("nat: T1083: add translation options for persistent/random mapping of address and port") added support for persistent IP address and port mappings for NAT. Unfortunately one if clause got lost in translation.
2021-08-05nat: T1083: add translation options for persistent/random mapping of address ↵Igor Melnyk
and port Tested using: set destination rule 100 inbound-interface 'eth0' set destination rule 100 translation address '19.13.23.42' set destination rule 100 translation options address-mapping 'random' set destination rule 100 translation options port-mapping 'none' set source rule 1000 outbound-interface 'eth0' set source rule 1000 translation address '122.233.231.12' set source rule 1000 translation options address-mapping 'persistent' set source rule 1000 translation options port-mapping 'fully-random'
2021-08-03isis: T1316: rename Jinja2 template to match other FRR daemonsChristian Poessinger
(cherry picked from commit d77a2f56ea7e76158c07f5829397be4555473e3d)
2021-07-31router-advert: T2745: use template common coding style in for loopsChristian Poessinger
(cherry picked from commit f89a0cfc7d0d908cbe1715b760b07926ffa3f7b9)
2021-07-19isis: T3576: add IPv6 supportChristian Poessinger
(cherry picked from commit f26ef2a25690826eed4200b219d7f61e8dbf9201)
2021-07-02conntrack: T3660: make peer port configurableChristian Poessinger
(cherry picked from commit bc01277bdfdf49be8950fe2cbf3749d42da2850d)
2021-07-02conntrack-sync: T3535: Rewrite conf and op modes to XML python styleViacheslav
2021-06-30dhcpdv6: T3658: add support for dhcpdv6 fixed-prefix6Brandon Stepler
(cherry picked from commit 2318c874c4ec43076c2664e473f7273928d9f2a6)
2021-06-29pppoe-server: T3593: Change called-sid position in templateEshenko Dmitriy
(cherry picked from commit 4b646c1fb31a1a9f9c9d1658734d478fed5f19f1)
2021-06-29pppoe-server: T3405: Add interface cache featureDmitriyEshenko
(cherry picked from commit 065c6b620cb52a3235c7b6e210d34dc8cb943b95)
2021-06-25openvpn: T1512: T3641: drop deprecated "compat-names" optionChristian Poessinger
(cherry picked from commit c8ef5e8bdce01bbf05297df39e6c6223d0b2a2ea)
2021-06-25openvpn: T3641: remove deprecated iproute optionChristian Poessinger
Executing iproute2 commands as unprivileged member of the openvpn group is now handled via a sudoers file. (cherry picked from commit 9c8facc69c09163b74bc428f1dbf8be030766758)
2021-06-25openvpn: T1704: drop deprecated disable-ncp optionChristian Poessinger
(cherry picked from commit 6b7b19c93f90839549dd668116c4da2f38cfdc66) VyOS 1.3 will ship OpenVPN 2.5.1 and thus it is the perfect timing to still remove this option before introducing it in a new LTS release.
2021-06-13wwan: T3620: rename "wirelessmodem wlm" interfaces to new wwan interface treeChristian Poessinger
(cherry picked from commit c2a1c071e7d0a9ca754d7f5016eed7db188b3d1a)
2021-06-10ddclient: T3138: Fix typo for keysever-sever
(cherry picked from commit c12320f2f2bf511de82658b81e9d2ddbcfb1331a)
2021-05-24router-advert: T3561: add support for specific routesMark Royds
Co-authored-by: Mark Royds <mark.royds@vitaminit.co.uk> (cherry picked from commit c17f259d09abd2bf632d09400fe8deb4c2781d32)
2021-05-15dhcpv6-server: T3549: fix incorrect syntax for global name-server definitionChristian Poessinger
dhcp6.name-servers is a comma-delimited, multi-value list of name-servers that should only appear once in the dhcpdv6.conf file.
2021-05-01dhcpv6-server: T3379: Add option global-parameters name-serversever-sever
(cherry picked from commit 117533482d29ce0bd1bc7f3a3f2536921c16565c)
2021-04-20bgp: remove references to new XML/Python implementation not yet available in ↵Christian Poessinger
equuleus
2021-04-12interfaces: dhcp-client: T3454: add reject optionCharles Surett
Sometimes a modem might give a local IP before it retrieves a WAN IP. This can be an issue with failover routes, since the default route will get overridden. (cherry picked from commit e8535616aae2bf0c20aacee6a4d0761183bae6d9)
2021-03-19dhcp: T3300: add DHCP default route distanceBrandon Stepler
(cherry picked from commit dd2eb5e5686655c996ae95285b8ad7eb73d63d0b)
2021-03-10rpki: T3399: Fix template dashes replacesever-sever
2021-03-04pppoe: T3386: Fix client ip-pool stop rangesever-sever
(cherry picked from commit 52ee92b8edf851939c5ea3dc90fac3f5f90096c2)
2021-02-26https: T3357: redirect http request on non-standard https portJohn Estabrook
(cherry picked from commit 2c798f7b9064bc9833935eae534a885b97d34738)
2021-02-21console-server: T2490: do not use cli-shell-api in systemd unitChristian Poessinger
2021-02-14templates: convert DOS -> UNIX line endingsChristian Poessinger
2021-02-13nat: T3307: fix destination nat generationEsa Varemo
Fix destination NAT template trying to map source->translation instead of destination->translation. Fixes https://phabricator.vyos.net/T3307 (cherry picked from commit 4a0504a96cf0f3078e964ed201f196fb55172e00)