summaryrefslogtreecommitdiff
path: root/data
AgeCommit message (Collapse)Author
2024-08-14T6636: firewall: fix firewall template in order to write logs for ↵Nicolas Fort
default-action in order to match same structure as in rules. This way op-mode command for showing firewall log prints logs for default-actions too
2024-08-05sysctl: T3204: restore sysctl setttings overwritten by tunedChristian Breunig
2024-08-05Merge pull request #3920 from fett0/T6555Christian Breunig
OPENVPN: T6555: add server-bridge options in mode server
2024-08-04Merge pull request #3901 from nicolas-fort/T4072-extend-bridge-fwallChristian Breunig
T4072: firewall extend bridge firewall
2024-08-02T6619: Remove the remaining uses of per-protocol FRR configs (#3916)Roman Khramshin
2024-08-02OPENVPN: T6555: fix name to bridgefett0
2024-08-02T4072: change same helpers in xml definitions; add notrack action for ↵Nicolas Fort
prerouting chain; re introduce <set vrf> in policy; change global options for passing traffic to IPvX firewall; update smoketest
2024-08-01T4072: firewall: extend firewall bridge smoketestNicolas Fort
2024-08-01T6570: firewall: add global-option to configure sysctl parameter for ↵Nicolas Fort
enabling/disabling sending traffic from bridge layer to ipvX layer
2024-08-01T4072: firewall: extend firewall bridge capabilities, in order to include ↵Nicolas Fort
new chains, priorities, and firewall groups
2024-08-01Merge pull request #3221 from lucasec/t5873Christian Breunig
T5873: ipsec remote access VPN: support VTI interfaces.
2024-08-01Merge pull request #3903 from lucasec/ipsec-remote-access-profileChristian Breunig
T6617: T6618: vpn ipsec remote-access: fix profile generators
2024-07-31OPENVPN: T6555: add server-bridge options in mode serverfett0
2024-07-31T5657: Add VRF support for zabbix-agentViacheslav Hletenko
To start the service under VRF requires starting under User=root otherwise it had issues with cgroups
2024-07-30T6617: T6618: vpn ipsec remote-access: fix profile generatorsLucas Christian
2024-07-29Merge pull request #3804 from HollyGurza/T6362Daniil Baturin
T6362: Create conntrack logger daemon
2024-07-26T5873: vpn ipsec remote-access: improve child ESP session namingLucas Christian
2024-07-25OpenVPN CLI-option: T6571: rename ncp-ciphers with data-cipherssrividya0208
2024-07-24Merge pull request #3853 from natali-rs1985/T5552-currentChristian Breunig
system_option: T5552: Apply IPv4 and IPv6 options after reapplying sysctls by TuneD
2024-07-23system_option: T5552: Apply IPv4 and IPv6 options after reapplying sysctls ↵Nataliia Solomko
by TuneD
2024-07-22T5873: vpn ipsec remote-access: support VTI interfacesLucas Christian
2024-07-22Merge pull request #3832 from sever-sever/T6594Christian Breunig
T6594: Add missed pppd_compat module
2024-07-22T6599: ipsec: support disabling rekey of CHILD_SA.Lucas Christian
Also adds support for life_bytes, life_packets, and DPD for remote-access connections. Changes behavior of remote-access esp-group lifetime setting to have parity with site-to-site connections.
2024-07-19SSTP-server: add missed pppd_compat moduleViacheslav Hletenko
2024-07-19PPTP-server: add missed pppd_compat moduleViacheslav Hletenko
2024-07-19L2TP-server: add missed pppd_compat moduleViacheslav Hletenko
2024-07-19IPoE-server: add missed pppd_compat moduleViacheslav Hletenko
2024-07-19T6362: Create conntrack logger daemonkhramshinr
2024-07-05wireless: T6496: use mac-address validator on BSSID and move it up one CLI levelChristian Breunig
2024-07-05wireless: T6496: support for EAP-MSCHAPv2 client over wifiChristopher
fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: attempt to fix indentation on `wpa_supplicant.conf.j2` fix: incorrect bssid mapping fix: use the correct jinja templating (I think) fix: “remote blank space fix: attempt to fix the formatting in j2 fix: attempt to fix the formatting in j2 feat: rename enterprise username and password + add checks in conf mode. fix: move around `bssid` config option on `wpa_supplicant.conf.j2` and fix the security config part fix: fix indentation on `wpa_supplicant.conf.j2`
2024-07-04Merge pull request #3753 from jvoss/haproxy_loggingChristian Breunig
T6539: add logging options to load-balancer reverse-proxy
2024-07-03T6539: add logging options to load-balancer reverse-proxyJonathan Voss
2024-07-03syslog: T5366: remove reference to deprecated sysvinit rsyslog scriptJohn Estabrook
2024-07-02Merge pull request #3721 from HollyGurza/T5878Daniil Baturin
ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option
2024-07-02T6523: Telegraf use nft scripts only if the firewall configuredViacheslav Hletenko
If a firewall is not configured there is no reason to get and execute telegraf firewall custom scripts as there are no nft chain in the firewall nftables configuration
2024-06-28T6452: Add QoS Op Commands (#3591)l0crian1
* T6452: Add QoS Op Commands Added the following commands: show qos shaping show qos shaping detail show qos shaping interface <int name> show qos shaping interface <int name> detail show qos shaping interface <int name> class <class name> show qos shaping interface <int name> class <class name> detail show qos cake interface <int name>
2024-06-28Merge pull request #3720 from sever-sever/T6477Christian Breunig
T6477: Add telegraf loki output plugin
2024-06-28Merge pull request #3730 from natali-rs1985/T5710-currentChristian Breunig
pppoe-server: T5710: Add option permit any-login
2024-06-28T6477: Add telegraf loki output pluginViacheslav Hletenko
Add Loki plugin to telegraf set service monitoring telegraf loki url xxx
2024-06-28pppoe-server: T5710: Add option permit any-loginNataliia Solomko
2024-06-28ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms optionkhramshinr
2024-06-27wireless: T6320: add 802.11ax at 6GHzAlain Lamar
Authored-By: Alain Lamar <alain_lamar@yahoo.de>
2024-06-26vyos-configd: T6510: autogenerate configd-include.jsonChristian Breunig
Now that there is a build time validation that Config() is not instantiated twice in a config mode script, and also as there are no more direct calls on the my_set and my_delete binary, we can auto generate the list of helpers run by vyos-configd.
2024-06-25T3900: extend latest fix for firewall raw implementation to ipv6.Nicolas Fort
2024-06-24T5735: Stunnel CLI and configurationkhramshinr
Add CLI commands Add config Add conf_mode Add systemd config Add stunnel smoketests Add log level config
2024-06-21Merge pull request #3694 from c-po/T6489-snmpdChristian Breunig
snmp: T6489: use new Python wrapper to interact with config filesystem
2024-06-20snmp: T6489: use new Python wrapper to interact with config filesystemChristian Breunig
Do no longer use my_set and my_delete as this prevents scripts beeing run under supervision of vyos-configd.
2024-06-20T3900: firewall: fix for initial implementation - remove jump to state ↵Nicolas Fort
policy on OUTUT_raw
2024-06-20Merge pull request #3677 from HollyGurza/T5949Christian Breunig
T5949: Add option to disable USB autosuspend
2024-06-19T5949: Add option to disable USB autosuspendkhramshinr