| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-02-07 | xml: ssh: T4233: sync regex for allow/deny usernames to "system login" | Christian Poessinger | |
| 2022-02-04 | firewall: T4209: Fix support for rule `recent` matches | sarthurdev | |
| 2022-01-30 | policy: T4219: add local-route(6) incoming-interface | Henning Surmeier | |
| 2022-01-25 | nat: T4138: Add port-range validation for NAT | Viacheslav Hletenko | |
| Add port-validators for NAT rules that prevent to set incorrect port-ranges (21-5) and incorrect ports (70000) | |||
| 2022-01-21 | Firewall: T4186: Adding icmpv6 corrections, in corcondancy of what was done ↵ | Nicolas Fort | |
| for icmp | |||
| 2022-01-21 | Firewall: T4186: typo correction on address-mask-reply description | Nicolas Fort | |
| 2022-01-21 | Firewall: T4186: Correct icmp type-name options for firewall rules | Nicolas Fort | |
| 2022-01-19 | Merge pull request #1177 from sarthurdev/mac_groups | Christian Poessinger | |
| firewall: T3560: Add support for MAC address groups | |||
| 2022-01-19 | OSPF : T4195: ability to set maximum paths for OSPF | fett0 | |
| 2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
| 2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
| * Add support for ECN and CWR flags | |||
| 2022-01-14 | firewall: T4178: Use lowercase for TCP flags and add an validator | sarthurdev | |
| 2022-01-11 | policy: T2199: Refactor policy route script for better error handling | sarthurdev | |
| * Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6` | |||
| 2022-01-10 | Merge pull request #1152 from sarthurdev/firewall_validators | Christian Poessinger | |
| firewall: validators: T4148: Improve validators and firewall validator usage | |||
| 2022-01-10 | conntrack: T3579: make the timeout tree re-usable as XML include | Christian Poessinger | |
| 2022-01-10 | conntrack: T3579: migrate "conntrack ignore" tree to vyos-1x and nftables | Christian Poessinger | |
| 2022-01-10 | firewall: validators: T2199: Improve port validation | sarthurdev | |
| 2022-01-07 | xml: nat: use generic bulding block for rule description | Christian Poessinger | |
| 2022-01-07 | xml: firewall: T4130: add protocol completion helper all and tcp_udp | Christian Poessinger | |
| 2022-01-04 | firewall: T4134: Fix completion help for protocols | Viacheslav | |
| 2022-01-03 | Merge pull request #1124 from sever-sever/T4110 | Christian Poessinger | |
| listen-address: T4110: Ability to set IPv6 link-local addresses | |||
| 2022-01-03 | listen-address: T4110: Ability to set IPv6 link-local addresses | Viacheslav | |
| Some services allows to set link-local IPv6 addresses as listen-address. Allow it and add a validator 'ipv6-link-local' and extend listen-address.xml.i to this validator | |||
| 2021-12-31 | Merge branch 'firewall' of https://github.com/sarthurdev/vyos-1x into current | Christian Poessinger | |
| * 'firewall' of https://github.com/sarthurdev/vyos-1x: zone_policy: T3873: Implement intra-zone-filtering policy: T2199: Migrate policy route op-mode to XML/Python policy: T2199: Migrate policy route to XML/Python zone-policy: T2199: Migrate zone-policy op-mode to XML/Python zone-policy: T2199: Migrate zone-policy to XML/Python firewall: T2199: Migrate firewall op-mode to XML/Python firewall: T2199: Migrate firewall to XML/Python | |||
| 2021-12-30 | snmp: T4124: migrate to get_config_dict() | Christian Poessinger | |
| 2021-12-29 | More consise consistent help strings for listen-address commands | Daniil Baturin | |
| 2021-12-26 | xml: ospfv3: remove leading whitespaces from ospfv3/no-summary.xml.i | Christian Poessinger | |
| 2021-12-26 | ospfv3: T4107: add support for "default-information originate" | Christian Poessinger | |
| 2021-12-26 | ospfv3: T4108: add support for auto-cost parameter | Christian Poessinger | |
| 2021-12-25 | ospfv3: T4102: add support for NSSA area-type | Christian Poessinger | |
| 2021-12-12 | bgp: T3967: add support for conditional advertisement | Christian Poessinger | |
| The BGP conditional advertisement feature uses the non-exist-map or the exist-map and the advertise-map keywords of the neighbor advertise-map command in order to track routes by the route prefix. non-exist-map ============= * If a route prefix is not present in the output of non-exist-map command, then advertise the route specified by the advertise-map command. * If a route prefix is present in the output of non-exist-map command, then do not advertise the route specified by the addvertise-map command. exist-map ========= * If a route prefix is present in the output of exist-map command, then advertise the route specified by the advertise-map command. * If a route prefix is not present in the output of exist-map command, then do not advertise the route specified by the advertise-map command. This feature is useful when some prefixes are advertised to one of its peers only if the information from the other peer is not present (due to failure in peering session or partial reachability etc). The conditional BGP announcements are sent in addition to the normal announcements that a BGP router sends to its peer. CLI nodes can be found under: * set protocols bgp neighbor <ip> address-family <afi> conditional-advertisement * set protocols bgp peer-group <p> address-family <afi> conditional-advertisement | |||
| 2021-12-12 | xml: bgp: rename afi-common.xml.i -> neighbor-afi-ipv4-ipv6-common.xml.i | Christian Poessinger | |
| 2021-12-12 | bgp: T4069: add "parameters suppress-fib-pending" CLI option | Christian Poessinger | |
| This command is applicable at the global level and at an individual bgp level. If applied at the global level all bgp instances will wait for fib installation before announcing routes and there is no way to turn it off for a particular BGP vrf. | |||
| 2021-12-12 | bgp: T4069: add "parameters shutdown" CLI option | Christian Poessinger | |
| Administrative shutdown of all peers of a bgp instance. Drop all BGP peers, but preserve their configurations. The peers are notified in accordance with RFC 8203 by sending a NOTIFICATION message with error code Cease and subcode Administrative Shutdown prior to terminating connections. This global shutdown is independent of the neighbor shutdown, meaning that individually shut down peers will not be affected by lifting it. | |||
| 2021-12-12 | bgp: T4069: add "parameters reject-as-sets" CLI option | Christian Poessinger | |
| This command enables rejection of incoming and outgoing routes having AS_SET or AS_CONFED_SET type. | |||
| 2021-12-12 | bgp: T4069: add "parameters minimum-holdtime <n>" CLI option | Christian Poessinger | |
| This command allows user to prevent session establishment with BGP peers with lower holdtime less than configured minimum holdtime. When this command is not set, minimum holdtime does not work. | |||
| 2021-12-12 | bgp: T4069: add "parameters fast-convergence" CLI option | Christian Poessinger | |
| Whenever BGP peer address becomes unreachable we must bring down the BGP session immediately. Currently only single-hop EBGP sessions are brought down immediately. IBGP and multi-hop EBGP sessions wait for hold-timer expiry to bring down the sessions. This new configuration option helps user to teardown BGP sessions immediately whenever peer becomes unreachable. This configuration is available at the bgp level. When enabled, configuration is applied to all the neighbors configured in that bgp instance. | |||
| 2021-12-12 | bgp: T3967: add "parameters conditional-advertisement timer <n>" option | Christian Poessinger | |
| Set the period to rerun the conditional advertisement scanner process. The default is 60 seconds. | |||
| 2021-12-12 | xml: bgp: fix "shutdown" help string (remove whitespace) | Christian Poessinger | |
| 2021-12-09 | bgp: T4058: add support for BFD profiles | Christian Poessinger | |
| 2021-12-09 | xml: T4058: provide building block for BFD profiles | Christian Poessinger | |
| 2021-12-09 | xml: include: create dedicated bfd subfolder | Christian Poessinger | |
| 2021-12-09 | Merge pull request #1024 from lucasec/dns-authoritative | Christian Poessinger | |
| T562: Config syntax for defining DNS forward authoritative zones | |||
| 2021-12-06 | policy: T2199: Migrate policy route to XML/Python | sarthurdev | |
| 2021-12-06 | firewall: T2199: Migrate firewall to XML/Python | sarthurdev | |
| 2021-12-06 | Revert "bfd: T3753: FRR 8.1 uses a default echo-interval of 50 - reflect ↵ | Christian Poessinger | |
| this in CLI" This reverts commit 49047b88c9bac0b2e007ccce7ac7d42e82ee0a2b. > Echo mode is only available for single hop sessions | |||
| 2021-12-06 | bfd: T3753: FRR 8.1 uses a default echo-interval of 50 - reflect this in CLI | Christian Poessinger | |
| 2021-12-06 | xml: ntp: remove indent | Christian Poessinger | |
| 2021-12-06 | xml: vrf: use "txt" in valueHelp | Christian Poessinger | |
| 2021-12-06 | Merge pull request #1077 from sever-sever/T3829 | Christian Poessinger | |
| netns: T3829: Ability to configure network namespaces | |||
| 2021-12-04 | bgp: T4042: bugfix route-distinguisher value range | Christian Poessinger | |
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/marekm72/vyos-1x.git) |
| summaryrefslogtreecommitdiff |