Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-08-14 | T6636: firewall: fix firewall template in order to write logs for ↵ | Nicolas Fort | |
default-action in order to match same structure as in rules. This way op-mode command for showing firewall log prints logs for default-actions too | |||
2024-08-05 | sysctl: T3204: restore sysctl setttings overwritten by tuned | Christian Breunig | |
2024-08-05 | Merge pull request #3920 from fett0/T6555 | Christian Breunig | |
OPENVPN: T6555: add server-bridge options in mode server | |||
2024-08-04 | Merge pull request #3901 from nicolas-fort/T4072-extend-bridge-fwall | Christian Breunig | |
T4072: firewall extend bridge firewall | |||
2024-08-02 | T6619: Remove the remaining uses of per-protocol FRR configs (#3916) | Roman Khramshin | |
2024-08-02 | OPENVPN: T6555: fix name to bridge | fett0 | |
2024-08-02 | T4072: change same helpers in xml definitions; add notrack action for ↵ | Nicolas Fort | |
prerouting chain; re introduce <set vrf> in policy; change global options for passing traffic to IPvX firewall; update smoketest | |||
2024-08-01 | T4072: firewall: extend firewall bridge smoketest | Nicolas Fort | |
2024-08-01 | T6570: firewall: add global-option to configure sysctl parameter for ↵ | Nicolas Fort | |
enabling/disabling sending traffic from bridge layer to ipvX layer | |||
2024-08-01 | T4072: firewall: extend firewall bridge capabilities, in order to include ↵ | Nicolas Fort | |
new chains, priorities, and firewall groups | |||
2024-08-01 | Merge pull request #3221 from lucasec/t5873 | Christian Breunig | |
T5873: ipsec remote access VPN: support VTI interfaces. | |||
2024-08-01 | Merge pull request #3903 from lucasec/ipsec-remote-access-profile | Christian Breunig | |
T6617: T6618: vpn ipsec remote-access: fix profile generators | |||
2024-07-31 | OPENVPN: T6555: add server-bridge options in mode server | fett0 | |
2024-07-31 | T5657: Add VRF support for zabbix-agent | Viacheslav Hletenko | |
To start the service under VRF requires starting under User=root otherwise it had issues with cgroups | |||
2024-07-30 | T6617: T6618: vpn ipsec remote-access: fix profile generators | Lucas Christian | |
2024-07-29 | Merge pull request #3804 from HollyGurza/T6362 | Daniil Baturin | |
T6362: Create conntrack logger daemon | |||
2024-07-26 | T5873: vpn ipsec remote-access: improve child ESP session naming | Lucas Christian | |
2024-07-25 | OpenVPN CLI-option: T6571: rename ncp-ciphers with data-ciphers | srividya0208 | |
2024-07-24 | Merge pull request #3853 from natali-rs1985/T5552-current | Christian Breunig | |
system_option: T5552: Apply IPv4 and IPv6 options after reapplying sysctls by TuneD | |||
2024-07-23 | system_option: T5552: Apply IPv4 and IPv6 options after reapplying sysctls ↵ | Nataliia Solomko | |
by TuneD | |||
2024-07-22 | T5873: vpn ipsec remote-access: support VTI interfaces | Lucas Christian | |
2024-07-22 | Merge pull request #3832 from sever-sever/T6594 | Christian Breunig | |
T6594: Add missed pppd_compat module | |||
2024-07-22 | T6599: ipsec: support disabling rekey of CHILD_SA. | Lucas Christian | |
Also adds support for life_bytes, life_packets, and DPD for remote-access connections. Changes behavior of remote-access esp-group lifetime setting to have parity with site-to-site connections. | |||
2024-07-19 | SSTP-server: add missed pppd_compat module | Viacheslav Hletenko | |
2024-07-19 | PPTP-server: add missed pppd_compat module | Viacheslav Hletenko | |
2024-07-19 | L2TP-server: add missed pppd_compat module | Viacheslav Hletenko | |
2024-07-19 | IPoE-server: add missed pppd_compat module | Viacheslav Hletenko | |
2024-07-19 | T6362: Create conntrack logger daemon | khramshinr | |
2024-07-05 | wireless: T6496: use mac-address validator on BSSID and move it up one CLI level | Christian Breunig | |
2024-07-05 | wireless: T6496: support for EAP-MSCHAPv2 client over wifi | Christopher | |
fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: incorrect bssid mapping fix: use the correct jinja templating (I think) fix: “remote blank space fix: attempt to fix the formatting in j2 fix: attempt to fix the formatting in j2 feat: rename enterprise username and password + add checks in conf mode. fix: move around `bssid` config option on `wpa_supplicant.conf.j2` and fix the security config part fix: fix indentation on `wpa_supplicant.conf.j2` | |||
2024-07-04 | Merge pull request #3753 from jvoss/haproxy_logging | Christian Breunig | |
T6539: add logging options to load-balancer reverse-proxy | |||
2024-07-03 | T6539: add logging options to load-balancer reverse-proxy | Jonathan Voss | |
2024-07-03 | syslog: T5366: remove reference to deprecated sysvinit rsyslog script | John Estabrook | |
2024-07-02 | Merge pull request #3721 from HollyGurza/T5878 | Daniil Baturin | |
ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option | |||
2024-07-02 | T6523: Telegraf use nft scripts only if the firewall configured | Viacheslav Hletenko | |
If a firewall is not configured there is no reason to get and execute telegraf firewall custom scripts as there are no nft chain in the firewall nftables configuration | |||
2024-06-28 | T6452: Add QoS Op Commands (#3591) | l0crian1 | |
* T6452: Add QoS Op Commands Added the following commands: show qos shaping show qos shaping detail show qos shaping interface <int name> show qos shaping interface <int name> detail show qos shaping interface <int name> class <class name> show qos shaping interface <int name> class <class name> detail show qos cake interface <int name> | |||
2024-06-28 | Merge pull request #3720 from sever-sever/T6477 | Christian Breunig | |
T6477: Add telegraf loki output plugin | |||
2024-06-28 | Merge pull request #3730 from natali-rs1985/T5710-current | Christian Breunig | |
pppoe-server: T5710: Add option permit any-login | |||
2024-06-28 | T6477: Add telegraf loki output plugin | Viacheslav Hletenko | |
Add Loki plugin to telegraf set service monitoring telegraf loki url xxx | |||
2024-06-28 | pppoe-server: T5710: Add option permit any-login | Nataliia Solomko | |
2024-06-28 | ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option | khramshinr | |
2024-06-27 | wireless: T6320: add 802.11ax at 6GHz | Alain Lamar | |
Authored-By: Alain Lamar <alain_lamar@yahoo.de> | |||
2024-06-26 | vyos-configd: T6510: autogenerate configd-include.json | Christian Breunig | |
Now that there is a build time validation that Config() is not instantiated twice in a config mode script, and also as there are no more direct calls on the my_set and my_delete binary, we can auto generate the list of helpers run by vyos-configd. | |||
2024-06-25 | T3900: extend latest fix for firewall raw implementation to ipv6. | Nicolas Fort | |
2024-06-24 | T5735: Stunnel CLI and configuration | khramshinr | |
Add CLI commands Add config Add conf_mode Add systemd config Add stunnel smoketests Add log level config | |||
2024-06-21 | Merge pull request #3694 from c-po/T6489-snmpd | Christian Breunig | |
snmp: T6489: use new Python wrapper to interact with config filesystem | |||
2024-06-20 | snmp: T6489: use new Python wrapper to interact with config filesystem | Christian Breunig | |
Do no longer use my_set and my_delete as this prevents scripts beeing run under supervision of vyos-configd. | |||
2024-06-20 | T3900: firewall: fix for initial implementation - remove jump to state ↵ | Nicolas Fort | |
policy on OUTUT_raw | |||
2024-06-20 | Merge pull request #3677 from HollyGurza/T5949 | Christian Breunig | |
T5949: Add option to disable USB autosuspend | |||
2024-06-19 | T5949: Add option to disable USB autosuspend | khramshinr | |