summaryrefslogtreecommitdiff
path: root/data
AgeCommit message (Collapse)Author
2021-01-24ospfv3: T3244: provide full protocol support in XML and PythonChristian Poessinger
This commit provides the implementation of the OSPFv3 (IPv6) CLI with a Jinja2 template that is loaded by FRR reload. It also contains some initial smoketests. There is yet no verify() implementation!
2021-01-24bgp: T2850: bugfix templating neighbor interface statementsChristian Poessinger
2021-01-24nptv6: T2518: Delete redundant blank linesjack9603301
2021-01-23nptv6: T2518: Use better variable namesjack9603301
2021-01-23nptv6: T2518: Remove trailing spacesjack9603301
2021-01-23nptv6: T2518: Optimized implementationjack9603301
2021-01-23nptv6: T2518: outbound_interface cannot be any, inbound_interface can be anyjack9603301
2021-01-23nptv6: T2518: DNPT does not need NDP agentjack9603301
2021-01-23nptv6: T2518: Support many to many DNPT(DNAT66)jack9603301
2021-01-23nptv6: T2518: Improved template generationjack9603301
2021-01-23nptv6: T2518: Initial support for nat66 (NPT)jack9603301
2021-01-23ospf: T3236: provide full protocol support in XML and PythonChristian Poessinger
This commit provides the implementation of the OSPF CLI with a Jinja2 template that is loaded by FRR reload. It also contains some initial smoketests. There is yet no verify() implementation!
2021-01-22ospf: T3236: support processing by vyos-configdChristian Poessinger
2021-01-22bgp: T1875: update CLI description under protocols and template indention levelChristian Poessinger
2021-01-22bgp: T1875: support processing by vyos-configdChristian Poessinger
2021-01-21Merge pull request #690 from Cheeze-It/currentChristian Poessinger
bgp: T1875: Adding BGP listen range FRR feature
2021-01-20bgp: T1875: Adding BGP listen range FRR featureCheeze_It
In this commit we are adding the FRR BGP listen range feature. Specifically it is useful for being able to specify a range in which BGP peers can connect to the local router.
2021-01-20ospf: add skeleton for new XML/Python based implementationChristian Poessinger
2021-01-19nat: T2947: add many-many translationChristian Poessinger
Support a 1:1 or 1:n prefix translation. The following configuration will NAT source addresses from the 10.2.0.0/16 range to an address from 192.0.2.0/29. For this feature to work a Linux Kernel 5.8 or higher is required! vyos@vyos# show nat source { rule 100 { outbound-interface eth1 source { address 10.2.0.0/16 } translation { address 192.0.2.0/29 } } } This results in the nftables configuration: chain POSTROUTING { type nat hook postrouting priority srcnat; policy accept; oifname "eth1" counter packets 0 bytes 0 snat ip prefix to ip saddr map { 10.2.0.0/16 : 192.0.2.0/29 } comment "SRC-NAT-100" }
2021-01-18bgp: T2174: use better variable names when creating peersChristian Poessinger
2021-01-18ssh: T3212: remove RestartPreventExitStatus from systemd unitChristian Poessinger
When configuring SSH to only run inside a given VRF the system can not start SSHd on bootup as the Kernel will report EPERM (Operation not permitted) when loading the VRF BPF program. This returns the exit code 255 which is marked in the systemd unit file to stop restarting the service forever. Removing this limitation will restart the SSHd on startup and it will live inside the VRF till the end of days.
2021-01-17openvpn: T2381: bugfix rendering multiple openvpn-options from CLIChristian Poessinger
The CLI statement "set interfaces openvpn vtun10 openvpn-option '--tun-mtu 1500 --fragment 1300 --mssfix'" will render in vtun10.conf to: --tun-mtu 1500 --fragment 1300 --mssfix On startup OpenVPN complains about: openvpn-vtun10: Options error: Unrecognized option or missing or extra parameter(s) in vtun10.conf:76: tun-mtu (2.4.7) The options must be split on -- to a new configuration line.
2021-01-17ntp: T2185: store configuration in volatile /run areaChristian Poessinger
2021-01-16vrf: T31: migrate to get_config_dict()Christian Poessinger
2021-01-15snmp: T652: enable interface_replace_old option and restart commandChristian Poessinger
- Remove all old ifTable entries with the same ifName as newly appeared interface (with different ifIndex) - this is the case on e.g. ppp interfaces - Add new op-mode command "restart snmp" to restart the daemon
2021-01-15Merge pull request #681 from jjakob/T3219-openvpn-ipv6-irouteChristian Poessinger
openvpn: T3219: fix for server client subnet IPv6 iroute
2021-01-15salt: T3157: Fix location for log filesever-sever
2021-01-14openvpn: T3219: fix for server client subnet IPv6 irouteJernej Jakob
2021-01-14bgp: T2174: remove invalid "no bgp default ipv4-unicast" from default configChristian Poessinger
2021-01-13ssh: T3212: do not make /run/sshd directory disappear on failureChristian Poessinger
2021-01-13bgp: T2174: bugfix FRR template generationChristian Poessinger
2021-01-12Merge pull request #679 from sever-sever/T3210Christian Poessinger
is-is: T3210: Fix three-way-handshake
2021-01-12nat: T3186: fix negated addresses not applied from CLIChristian Poessinger
2021-01-12Merge pull request #678 from sever-sever/T2387Christian Poessinger
bgp: T2387: Fix template for bgp redistribute proto ospfv3
2021-01-12is-is: T3210: Fix three-way-handshakesever-sever
2021-01-12bgp: T2387: Fix template for bgp redistribute proto ospv3sever-sever
2021-01-12Revert "ntp: T2944: By default do not listen port 123 on any address"sever-sever
This reverts commit ca61add5e7dea828c67ea074368196025f4cb4eb.
2021-01-07login: radius: T3192: migrate to get_config_dict()Christian Poessinger
2021-01-07ssh: T2635: harden Jinja2 template and daemon startupChristian Poessinger
2021-01-07ssh: T2635: change sshd_config path to /run/sshdChristian Poessinger
2021-01-07login: radius: T3192: support IPv6 server(s) and source-addressChristian Poessinger
2021-01-05ISIS: T3156: Adding segment routing for ISISCheeze_It
In this commit we add the segment routing portion for ISIS. There's also an additional check that is added so that the global block label ranges are properly configured. Also added traffic engineering configurations as well.
2021-01-03dhcp: T3180: bugfix assignment of sliced ranges to config dictChristian Poessinger
A reference to a dictionary key obtained by a for loop can not be used to update values inside that dictionaries key. You must use the original path to the nested dictionaries key.
2020-12-31openvpn: T2994: fix ipv6 server modeChristian Poessinger
2020-12-30pppoe-server: T3162: Add generation pado-delay to jinja2 templateDmitriyEshenko
2020-12-29pppoe-server: T3160: Move called-sid param to required sectionDmitriyEshenko
2020-12-29ethernet: T1466: add EAPoL supportChristian Poessinger
2020-12-28webproxy: T563: squidguard: support default rulesetChristian Poessinger
2020-12-28webproxy: T563: add squidguard bodyChristian Poessinger
2020-12-28webproxy: T563: improve handling of cache-peersChristian Poessinger