Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-03-20 | sstp: T2110: use uniform RADIUS CLI syntax | Christian Poessinger | |
- migrate RADIUS configuration to a more uniform syntax accross the system - authentication radius-server x.x.x.x to authentication radius server x.x.x.x - authentication radius-settings to authentication radius | |||
2020-03-20 | sstp: T2008: dns: unwind configuration | Christian Poessinger | |
2020-03-20 | sstp: T2008: move to vpn node | Christian Poessinger | |
2020-03-20 | sstp: T2007: fix MTU boundaries | Christian Poessinger | |
2020-03-19 | Merge pull request #247 from DmitriyEshenko/mpls-impl | Christian Poessinger | |
mpls: T915: Basic MPLS implementation | |||
2020-03-18 | mpls: T915: Basic MPLS implementation | DmitriyEshenko | |
2020-03-16 | syslog: T2131: improve valueHelp | Christian Poessinger | |
2020-03-16 | syslog: T2131: add generic fqdn validator | Christian Poessinger | |
2020-03-08 | radius: T2110: move timeout back to system-login | Christian Poessinger | |
... as e.g. wireless interfaces can not have a timeout specified. | |||
2020-03-08 | wireless: radius: T2110: migrate to XML include | Christian Poessinger | |
2020-03-08 | radius: T2110: provide uniform XML include file for server configuration | Christian Poessinger | |
2020-03-08 | vrf: T31: enable vrf support for wireless interface | Christian Poessinger | |
2020-03-08 | vrf: T31: enable vrf support for pseudo-ethernet/macvlan interface | Christian Poessinger | |
2020-03-08 | vrf: T31: support VRF usage on VLAN/VIF interfaces | Christian Poessinger | |
2020-03-07 | vrf: T31: enable vrf support for pppoe interface | Christian Poessinger | |
2020-03-06 | vrf: T31: enable vrf support for bridge interface | Christian Poessinger | |
2020-03-06 | vrf: T31: enable vrf support for bonding interface | Christian Poessinger | |
2020-03-06 | vrf: T31: enable vrf support for ethernet interface | Christian Poessinger | |
2020-03-04 | vrf: T31: enable vrf support for dummy interface | Christian Poessinger | |
2020-03-04 | vrf: T31: rename 'vrf disable-bind-to-all ipv4' to 'vrf bind-to-all' | Christian Poessinger | |
By default the scope of the port bindings for unbound sockets is limited to the default VRF. That is, it will not be matched by packets arriving on interfaces enslaved to an l3mdev and processes may bind to the same port if they bind to an l3mdev. TCP & UDP services running in the default VRF context (ie., not bound to any VRF device) can work across all VRF domains by enabling the 'vrf bind-to-all' option. | |||
2020-03-04 | vrf: T31: support add/remove of interfaces from vrf | Christian Poessinger | |
2020-03-04 | xml: include: description: adjust help message | Christian Poessinger | |
2020-03-04 | vrf: T31: improve help for routing table | Christian Poessinger | |
2020-03-04 | vrf: T31: reuse interface-description.xml.i for instance description | Christian Poessinger | |
2020-03-04 | vrf: T31: use embedded regex on 'vrf name' instead of python script | Christian Poessinger | |
2020-03-04 | vrf: T31: initial support for a VRF backend in XML/Python | Thomas Mangin | |
This is a work in progress to complete T31 whoever thought it was less than 1 hour of work was ..... optimistic. Only VRF vreation and show is supported right now. No interface can be bound to any one VRF. | |||
2020-02-27 | openvpn: T2075: add support for OpenVPN tls-crypt file option | Christian Poessinger | |
Encrypt and authenticate all control channel packets with the key from keyfile. Encrypting (and authenticating) control channel packets: * provides more privacy by hiding the certificate used for the TLS connection * makes it harder to identify OpenVPN traffic as such * provides "poor-man's" post-quantum security, against attackers who will never know the pre-shared key (i.e. no forward secrecy) | |||
2020-02-25 | login: T1948: sync banner and login node.def file | Christian Poessinger | |
2020-02-25 | Revert "login: T1948: also set properties for banner" | Christian Poessinger | |
This reverts commit 998361ed0ac972a6856f373f1fc86e8a73cf141b. | |||
2020-02-25 | login: T1948: also set properties for banner | Christian Poessinger | |
2020-02-25 | login: T1948: migrade local and radius configurations | Christian Poessinger | |
Splitting was not a good idea. By combining both we can create a RADIUS server XML include file which can be reused by multiple implementations to get a uniformed CLI for the users. | |||
2020-02-25 | login: radius: T2071: support disabling individual server | Christian Poessinger | |
2020-02-25 | login: user: radius: T1948: only allow IPv4 server address | Christian Poessinger | |
2020-02-23 | service-pppoe: T2067: Allow setting multiple service-names | hagbard | |
2020-02-23 | pppoe: T1318: declutter name-server CLI nodes | Christian Poessinger | |
Instead of letting the user choose between auto and none where auto is default, it makes more sesne to just offer an option to disable the default behavior. | |||
2020-02-23 | pppoe: T1318: migrate user-id and password nodes under an authentication node | Christian Poessinger | |
2020-02-23 | pppoe: T1318: rename link to source-interface | Christian Poessinger | |
2020-02-23 | pppoe: T1318: use include files for disable and descriptionx | Christian Poessinger | |
2020-02-23 | pppoe: T1318: rephrase help text on default-route | Christian Poessinger | |
2020-02-23 | interface-definitions: include: disable: rephrase help text | Christian Poessinger | |
2020-02-23 | pppoe: T1318: increase priority so PPPoE is run after bond interfaces | Christian Poessinger | |
2020-02-23 | pppoe: T1318: support interface description | Christian Poessinger | |
2020-02-23 | pppoe: T1318: add first version of new XML/Python implementation | Christian Poessinger | |
vyos@vyos# show interfaces pppoe pppoe pppoe0 { default-route force link eth2.7 mtu 400 name-server auto password 12345678 user-id vyos@vyos.io } | |||
2020-02-13 | macvlan: T1635: migrate pseudo-ethernet interface definition to XML/Python | Christian Poessinger | |
2020-02-13 | ddclient: T1908: CloudFlares zone option can now also be specified manually | Christian Poessinger | |
If there is no zone option given it will be "guessed" as in the past. This means (hostname -> resulting zone entry) domain.com -> com foo.domain.com -> domain.com bar.foo.domain.com -> foo.domain.com I have zero experience in the CloudFlare zone option what it is and what it does. SO maybe we still have a chance to auto render this setting. | |||
2020-02-10 | banner: T2024: fix type on pre-login node | Christian Poessinger | |
2020-02-10 | banner: T2024: migrate "system login banner" to XML/Python representation | Christian Poessinger | |
2020-02-09 | user: remove ssh-key completionHelper | Christian Poessinger | |
2020-02-09 | user: T2020: bugfix on wrong regex preventing ssh-ed25519 public keys | Christian Poessinger | |
2020-02-05 | Merge branch 't1948-system-login' of github.com:c-po/vyos-1x into current | Christian Poessinger | |
* 't1948-system-login' of github.com:c-po/vyos-1x: radius: T1948: add libnss-mapname support radius: T1948: rename server dictionary radius: T1948: supply PAM configuration template user: T1948: fix system user creation ogin: user: radius: T1948: use discrete configuration for each system login: T1948: remove obsolete config nodes "group" and "level" login: T1948: SSH keys can only be added after user has been created login: T1948: initial support for RADIUS configuration login: T1948: support for SSH keys login: T1948: add/remove local users login: T1948: initial rewrite in XML/Python options: T1919: remove broken comment |