Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-04-03 | isis: T3156: add segment routing local-block for ISIS | Christian Poessinger | |
2022-04-03 | xml: isis: T3236: create common high-low label value include block | Christian Poessinger | |
2022-04-03 | isis: T4336: add support for MD5 authentication password on a circuit | Christian Poessinger | |
2022-03-31 | bgp: T4326: Add bgp parameter no-suppress-duplicates | Viacheslav Hletenko | |
Add new bgp parameter 'no-suppress-duplicates' set protocols bgp parameters no-suppress-duplicates | |||
2022-03-25 | xml: T4319: use common building block for table-size CLI option | Christian Poessinger | |
2022-03-24 | ipsec: T4288: bump config version 8 -> 9 | Christian Poessinger | |
2022-03-21 | qos: T4284: initial XML interface definitions for rewrite | Christian Poessinger | |
2022-03-17 | OSPF : T4304: Set import/export filter inter-area prefix | fett0 | |
2022-03-07 | ipsec prefix: T4275: Fix for prefix val_help of remote-access and s2s vpn | srividya0208 | |
It accepts network as the input value but the completion help is showing ip address, continuation of previous commit | |||
2022-03-03 | static: T4283: support "reject" routes - emit an ICMP unreachable when matched | Christian Poessinger | |
2022-03-03 | static: T4283: create re-usable XML interface definitions for blackhole | Christian Poessinger | |
2022-03-03 | static: T4283: fix help string for route/route6 | Christian Poessinger | |
2022-02-25 | nat: T1083: use defaultValue from XML when handling translations | Christian Poessinger | |
2022-02-25 | vpn: ipsec: T3093: add missing defaultValue entries | Christian Poessinger | |
2022-02-24 | scripts: T4269: node.def generator should automatically add default values | Christian Poessinger | |
Since introducing the XML <defaultValue> node it was common, but redundant, practice to also add a help string indicating which value would be used as default if the node is unset. This makes no sense b/c it's duplicated code/value/characters and prone to error. The node.def scripts should be extended to automatically render the appropriate default value into the CLI help string. For e.g. SSH the current PoC renders: $ cat templates-cfg/service/ssh/port/node.def multi: type: txt help: Port for SSH service (default: 22) val_help: u32:1-65535; Numeric IP port ... Not all subsystems are already migrated to get_config_dict() and make use of the defaults() call - those subsystems need to be migrated, first before the new default is added to the CLI help. | |||
2022-02-20 | vxlan: T4120: rename tunnel-remotes.xml.i -> tunnel-remote-multi.xml.i | Christian Poessinger | |
2022-02-20 | vxlan: T4120: add ability to set multiple remotes (PR #1127) | Andreas | |
VXLAN does support using multiple remotes but VyOS does not. Add the ability to set multiple remotes and add their flood lists using "bridge" command. | |||
2022-02-20 | static: T4203: obey interface dhcp default route distance | Christian Poessinger | |
Commit 05aa22dc ("protocols: static: T3680: do not delete DHCP received routes") added a bug whenever a static route is modified - the DHCP interface will always end up with metric 210 - if there was a default route over a DHCP interface. | |||
2022-02-16 | xml: T3474: add component version include files | John Estabrook | |
Add the include files containing the syntaxVersion element defining the version of the respective component; these files are included by the top level file 'xml-component-versions.xml.in'. Processing of these elements was previously added to the python xml lib in commit 40f5359d. This will replace the use of 'curver_DATA' in vyatta-cfg-system and other legacy packages. | |||
2022-02-07 | xml: ssh: T4233: sync regex for allow/deny usernames to "system login" | Christian Poessinger | |
2022-02-04 | firewall: T4209: Fix support for rule `recent` matches | sarthurdev | |
2022-01-30 | policy: T4219: add local-route(6) incoming-interface | Henning Surmeier | |
2022-01-25 | nat: T4138: Add port-range validation for NAT | Viacheslav Hletenko | |
Add port-validators for NAT rules that prevent to set incorrect port-ranges (21-5) and incorrect ports (70000) | |||
2022-01-21 | Firewall: T4186: Adding icmpv6 corrections, in corcondancy of what was done ↵ | Nicolas Fort | |
for icmp | |||
2022-01-21 | Firewall: T4186: typo correction on address-mask-reply description | Nicolas Fort | |
2022-01-21 | Firewall: T4186: Correct icmp type-name options for firewall rules | Nicolas Fort | |
2022-01-19 | Merge pull request #1177 from sarthurdev/mac_groups | Christian Poessinger | |
firewall: T3560: Add support for MAC address groups | |||
2022-01-19 | OSPF : T4195: ability to set maximum paths for OSPF | fett0 | |
2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
* Add support for ECN and CWR flags | |||
2022-01-14 | firewall: T4178: Use lowercase for TCP flags and add an validator | sarthurdev | |
2022-01-11 | policy: T2199: Refactor policy route script for better error handling | sarthurdev | |
* Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6` | |||
2022-01-10 | Merge pull request #1152 from sarthurdev/firewall_validators | Christian Poessinger | |
firewall: validators: T4148: Improve validators and firewall validator usage | |||
2022-01-10 | conntrack: T3579: make the timeout tree re-usable as XML include | Christian Poessinger | |
2022-01-10 | conntrack: T3579: migrate "conntrack ignore" tree to vyos-1x and nftables | Christian Poessinger | |
2022-01-10 | firewall: validators: T2199: Improve port validation | sarthurdev | |
2022-01-07 | xml: nat: use generic bulding block for rule description | Christian Poessinger | |
2022-01-07 | xml: firewall: T4130: add protocol completion helper all and tcp_udp | Christian Poessinger | |
2022-01-04 | firewall: T4134: Fix completion help for protocols | Viacheslav | |
2022-01-03 | Merge pull request #1124 from sever-sever/T4110 | Christian Poessinger | |
listen-address: T4110: Ability to set IPv6 link-local addresses | |||
2022-01-03 | listen-address: T4110: Ability to set IPv6 link-local addresses | Viacheslav | |
Some services allows to set link-local IPv6 addresses as listen-address. Allow it and add a validator 'ipv6-link-local' and extend listen-address.xml.i to this validator | |||
2021-12-31 | Merge branch 'firewall' of https://github.com/sarthurdev/vyos-1x into current | Christian Poessinger | |
* 'firewall' of https://github.com/sarthurdev/vyos-1x: zone_policy: T3873: Implement intra-zone-filtering policy: T2199: Migrate policy route op-mode to XML/Python policy: T2199: Migrate policy route to XML/Python zone-policy: T2199: Migrate zone-policy op-mode to XML/Python zone-policy: T2199: Migrate zone-policy to XML/Python firewall: T2199: Migrate firewall op-mode to XML/Python firewall: T2199: Migrate firewall to XML/Python | |||
2021-12-30 | snmp: T4124: migrate to get_config_dict() | Christian Poessinger | |
2021-12-29 | More consise consistent help strings for listen-address commands | Daniil Baturin | |
2021-12-26 | xml: ospfv3: remove leading whitespaces from ospfv3/no-summary.xml.i | Christian Poessinger | |
2021-12-26 | ospfv3: T4107: add support for "default-information originate" | Christian Poessinger | |
2021-12-26 | ospfv3: T4108: add support for auto-cost parameter | Christian Poessinger | |
2021-12-25 | ospfv3: T4102: add support for NSSA area-type | Christian Poessinger | |
2021-12-12 | bgp: T3967: add support for conditional advertisement | Christian Poessinger | |
The BGP conditional advertisement feature uses the non-exist-map or the exist-map and the advertise-map keywords of the neighbor advertise-map command in order to track routes by the route prefix. non-exist-map ============= * If a route prefix is not present in the output of non-exist-map command, then advertise the route specified by the advertise-map command. * If a route prefix is present in the output of non-exist-map command, then do not advertise the route specified by the addvertise-map command. exist-map ========= * If a route prefix is present in the output of exist-map command, then advertise the route specified by the advertise-map command. * If a route prefix is not present in the output of exist-map command, then do not advertise the route specified by the advertise-map command. This feature is useful when some prefixes are advertised to one of its peers only if the information from the other peer is not present (due to failure in peering session or partial reachability etc). The conditional BGP announcements are sent in addition to the normal announcements that a BGP router sends to its peer. CLI nodes can be found under: * set protocols bgp neighbor <ip> address-family <afi> conditional-advertisement * set protocols bgp peer-group <p> address-family <afi> conditional-advertisement | |||
2021-12-12 | xml: bgp: rename afi-common.xml.i -> neighbor-afi-ipv4-ipv6-common.xml.i | Christian Poessinger | |