summaryrefslogtreecommitdiff
path: root/data
AgeCommit message (Collapse)Author
2021-01-29ospf: T3267: move "interface ip ospf" configuration to "protocols ospf ↵Christian Poessinger
interface" For easier maintenance and operability move the interface specific protocol setting of OSPF to the OSPF protocol section. This is now also in-line with IS-IS. This means to migrate: ethernet eth0 { vif 202 { ip { ospf { authentication { md5 { key-id 10 { md5-key vyosvyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } } } } to protocols { ospf { interface eth0.201 { authentication { md5 { key-id 10 { md5-key vyosvyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } }
2021-01-29rpki: T3266: support deleting entire section from FRR configChristian Poessinger
2021-01-29rpki: T3255: provide full protocol support in XML and PythonChristian Poessinger
This commit provides the implementation of the OSPF CLI with a Jinja2 template that is loaded by FRR reload.
2021-01-27dhcpv6: T3240: send DUID when only DHCPv6 PD is configuredBrandon Stepler
2021-01-25Merge pull request #697 from DmitriyEshenko/1x-pppoe-2501202101Christian Poessinger
pppoe: T3251: Add double-quotes to protect special characters
2021-01-25pppoe: T3251: Add double-quotes to protect special charactersDmitriyEshenko
2021-01-25Merge pull request #693 from bstepler/T3240Christian Poessinger
dhcpv6: T3240: support per-interface client DUIDs
2021-01-24bgp: T3247: bugfix import/export filter-listChristian Poessinger
2021-01-24bgp: T3247: bugfix import/export prefix-list and distribution-listChristian Poessinger
This is an amendment to commit 5ab6882f ("bgp: T2347: bugfix import/export route-map") which did not take care about fixing the other two if/elif statements.
2021-01-24bgp: T2347: bugfix import/export route-mapChristian Poessinger
There can be both an import and an export route-map - the Jinja2 template syntax only allowed one direction and not the other.
2021-01-24ospfv3: T3244: provide full protocol support in XML and PythonChristian Poessinger
This commit provides the implementation of the OSPFv3 (IPv6) CLI with a Jinja2 template that is loaded by FRR reload. It also contains some initial smoketests. There is yet no verify() implementation!
2021-01-24bgp: T2850: bugfix templating neighbor interface statementsChristian Poessinger
2021-01-24nptv6: T2518: Delete redundant blank linesjack9603301
2021-01-23nptv6: T2518: Use better variable namesjack9603301
2021-01-23nptv6: T2518: Remove trailing spacesjack9603301
2021-01-23nptv6: T2518: Optimized implementationjack9603301
2021-01-23nptv6: T2518: outbound_interface cannot be any, inbound_interface can be anyjack9603301
2021-01-23nptv6: T2518: DNPT does not need NDP agentjack9603301
2021-01-23nptv6: T2518: Support many to many DNPT(DNAT66)jack9603301
2021-01-23nptv6: T2518: Improved template generationjack9603301
2021-01-23nptv6: T2518: Initial support for nat66 (NPT)jack9603301
2021-01-23ospf: T3236: provide full protocol support in XML and PythonChristian Poessinger
This commit provides the implementation of the OSPF CLI with a Jinja2 template that is loaded by FRR reload. It also contains some initial smoketests. There is yet no verify() implementation!
2021-01-22dhcpv6: T3240: support per-interface client DUIDsBrandon Stepler
2021-01-22ospf: T3236: support processing by vyos-configdChristian Poessinger
2021-01-22bgp: T1875: update CLI description under protocols and template indention levelChristian Poessinger
2021-01-22bgp: T1875: support processing by vyos-configdChristian Poessinger
2021-01-21Merge pull request #690 from Cheeze-It/currentChristian Poessinger
bgp: T1875: Adding BGP listen range FRR feature
2021-01-20bgp: T1875: Adding BGP listen range FRR featureCheeze_It
In this commit we are adding the FRR BGP listen range feature. Specifically it is useful for being able to specify a range in which BGP peers can connect to the local router.
2021-01-20ospf: add skeleton for new XML/Python based implementationChristian Poessinger
2021-01-19nat: T2947: add many-many translationChristian Poessinger
Support a 1:1 or 1:n prefix translation. The following configuration will NAT source addresses from the 10.2.0.0/16 range to an address from 192.0.2.0/29. For this feature to work a Linux Kernel 5.8 or higher is required! vyos@vyos# show nat source { rule 100 { outbound-interface eth1 source { address 10.2.0.0/16 } translation { address 192.0.2.0/29 } } } This results in the nftables configuration: chain POSTROUTING { type nat hook postrouting priority srcnat; policy accept; oifname "eth1" counter packets 0 bytes 0 snat ip prefix to ip saddr map { 10.2.0.0/16 : 192.0.2.0/29 } comment "SRC-NAT-100" }
2021-01-18bgp: T2174: use better variable names when creating peersChristian Poessinger
2021-01-18ssh: T3212: remove RestartPreventExitStatus from systemd unitChristian Poessinger
When configuring SSH to only run inside a given VRF the system can not start SSHd on bootup as the Kernel will report EPERM (Operation not permitted) when loading the VRF BPF program. This returns the exit code 255 which is marked in the systemd unit file to stop restarting the service forever. Removing this limitation will restart the SSHd on startup and it will live inside the VRF till the end of days.
2021-01-17openvpn: T2381: bugfix rendering multiple openvpn-options from CLIChristian Poessinger
The CLI statement "set interfaces openvpn vtun10 openvpn-option '--tun-mtu 1500 --fragment 1300 --mssfix'" will render in vtun10.conf to: --tun-mtu 1500 --fragment 1300 --mssfix On startup OpenVPN complains about: openvpn-vtun10: Options error: Unrecognized option or missing or extra parameter(s) in vtun10.conf:76: tun-mtu (2.4.7) The options must be split on -- to a new configuration line.
2021-01-17ntp: T2185: store configuration in volatile /run areaChristian Poessinger
2021-01-16vrf: T31: migrate to get_config_dict()Christian Poessinger
2021-01-15snmp: T652: enable interface_replace_old option and restart commandChristian Poessinger
- Remove all old ifTable entries with the same ifName as newly appeared interface (with different ifIndex) - this is the case on e.g. ppp interfaces - Add new op-mode command "restart snmp" to restart the daemon
2021-01-15Merge pull request #681 from jjakob/T3219-openvpn-ipv6-irouteChristian Poessinger
openvpn: T3219: fix for server client subnet IPv6 iroute
2021-01-15salt: T3157: Fix location for log filesever-sever
2021-01-14openvpn: T3219: fix for server client subnet IPv6 irouteJernej Jakob
2021-01-14bgp: T2174: remove invalid "no bgp default ipv4-unicast" from default configChristian Poessinger
2021-01-13ssh: T3212: do not make /run/sshd directory disappear on failureChristian Poessinger
2021-01-13bgp: T2174: bugfix FRR template generationChristian Poessinger
2021-01-12Merge pull request #679 from sever-sever/T3210Christian Poessinger
is-is: T3210: Fix three-way-handshake
2021-01-12nat: T3186: fix negated addresses not applied from CLIChristian Poessinger
2021-01-12Merge pull request #678 from sever-sever/T2387Christian Poessinger
bgp: T2387: Fix template for bgp redistribute proto ospfv3
2021-01-12is-is: T3210: Fix three-way-handshakesever-sever
2021-01-12bgp: T2387: Fix template for bgp redistribute proto ospv3sever-sever
2021-01-12Revert "ntp: T2944: By default do not listen port 123 on any address"sever-sever
This reverts commit ca61add5e7dea828c67ea074368196025f4cb4eb.
2021-01-07login: radius: T3192: migrate to get_config_dict()Christian Poessinger
2021-01-07ssh: T2635: harden Jinja2 template and daemon startupChristian Poessinger