Age | Commit message (Collapse) | Author |
|
After hardning the regex validator to be preceeded with ^ and ending with $
it was no longer possible to have a comma separated list as SSH ciphers. The
migrations cript is altered to migrate the previous comma separated list
to individual multi node entries - cipher and key-exchange always had been
multinodes - so this just re-arranges some values and does not break CLI
compatibility
(cherry picked from commit 61fa1c95164e4222e79b078b1a796f41397e0ee3)
|
|
(cherry picked from commit 0ec8927476e7d654d52df4c803a6694be0b1e9e2)
|
|
(cherry picked from commit be60d39332b753f5fe35101efe3463eebea2cb9d)
|
|
(cherry picked from commit faa63999ca1fe11cc25e8a241e75a451a53ffa26)
|
|
This reverts commit e11a7ff1b2817cc8f4b595171fe82a43a209ebc2.
|
|
This reverts commit 72d7152f794cfe48821797d62865024c1843096e.
|
|
(cherry picked from commit d418cd36027aef5993122ec62419e8c66fe7a1ed)
|
|
VXLAN does support using multiple remotes but VyOS does not. Add the ability
to set multiple remotes and add their flood lists using "bridge" command.
(cherry picked from commit 0ecddff7cffa8900d351d5c15e32420f9d780c0b)
|
|
(cherry picked from commit 529af7898d062b42ac33e15bfdc62c14184e098f)
|
|
backport: T4515: T4219: policy local-route6 and inbound-interface support
|
|
|
|
Ability to set virtual_address on not vrrp-listen interface
Add ability don't track primary vrrp interface "exclude-vrrp-interface"
Add ability to set tracking (state UP/Down) on desired interfaces
For example eth0 is used for vrrp and we want to track another eth1
interface that not belong to any vrrp-group
set high-avail vrrp group WAN interface 'eth0'
set high-avail vrrp group WAN virtual-address 192.0.2.222/24 interface 'eth2'
set high-avail vrrp group WAN track exclude-vrrp-interface
set high-avail vrrp group WAN track interface 'eth1'
|
|
Adds support for `ip -6 rule` policy based routing.
Also, extends the existing ipv4 implemenation with a
`destination` key, which is translated as
`ip rule add to x.x.x.x/x` rules.
https://phabricator.vyos.net/T4151
|
|
(cherry picked from commit d96bab4e6da517f07133667834cd6f8bcfb5160f)
|
|
|
|
There is spelling mistake in "advertisement" of hello-time option's
completion help
(cherry picked from commit b10baca3c8663e7e56eb9abfb3c03ce576c34f1f)
|
|
Add ability to set for services like "SSH/NTP" listen IPv6 link-local
addresses
|
|
Allow setting ipv6-link-local addresses as peer address for
wireguard interfaces
Add validator "ipv6-link-local"
|
|
|
|
|
|
(cherry picked from commit d93b1203bd2e07f8c08c0be88505e8e94f950c53)
|
|
There is typo in the completion help when this command "set sys login banner"
executed, Changed the completion help to a proper one.
(cherry picked from commit b47e54a84ad96a2fe64d3fa2bbdbfe9c058090b3)
|
|
"any" was missing from the interface list which will be useful to indicate any
interface.
(cherry picked from commit bd53db9eb63b907a83336ccf8d179b46bf5d42d4)
|
|
(cherry picked from commit 55f8ede2d09a9ad095f9ec5c2a729f8c5fb6aafa)
|
|
|
|
(cherry picked from commit 0e3c35e6517f5cfebb4206c735a2ea976a7fd383)
|
|
(cherry picked from commit 955f260ce682d64d27b3b11e618b1ae0176e4b91)
|
|
(cherry picked from commit bb77dd269bfb9522f5b56ac027598ac20e101f13)
|
|
|
|
|
|
filesystem: T3946: root partition auto resize as a service
|
|
conf-mode: NAT interface definition typo fix (Equuleus)
|
|
|
|
|
|
|
|
(cherry picked from commit 3d00140453b3967370c77ddd9dac4af223a7ddce)
|
|
This reverts a part of commit ac682795b7d69f11076ddf022c3452e411a0fdc5.
(cherry picked from commit 1353757247c027f6352000a9450b502c25c460c8)
|
|
(cherry picked from commit c45e4beadf30accb1838b3bad1f21c2146469bf8)
|
|
(cherry picked from commit a4cf71912d52de4398273405b5682d8da5e1dbe3)
|
|
(cherry picked from commit b8f702bc7b6e92b8841271b4a2355d2b65ccb247)
|
|
|
|
To allow IPv6 only for vpn sstp sessions we have to add
'ppp-options' which can disable IPv4 allocation explicity.
Additional IPv6 ppp-options and fix template for it.
|
|
(cherry picked from commit f227987ccf41e01d4ddafb6db7b36ecf13148c78)
|
|
|
|
(cherry picked from commit 0191c089f94455f53f3f234c094891353583f64c)
(cherry picked from commit 8fcff3112b235307b78eb23833c1d646f0e7f9f4)
|
|
(cherry picked from commit 4218a5bcb1093108e25d4e07fa07050b4f79d3d5)
|
|
Do not create rfc3768-compatibility interfaces by default because of wrong
Jinja2 syntax. Backporting the entire system makes it easier in the future to
additional bugfixes.
|
|
The group CLI node takes a multicast IPv4 or IPv6 address - this must be input
validated to not case any OS exception
cpo@LR1.wue3# show interfaces vxlan
vxlan vxlan0 {
+ group 254.0.0.1
source-address 172.18.254.201
+ source-interface dum0
vni 10
}
Results in OSError beeing rasied with the following context:
Error: argument "254.0.0.1" is wrong: invalid group address
(cherry picked from commit 0d7cd4ed5725d3e79faad5abc0801631c2ffc813)
|
|
This reverts commit 38e02c12a50de685c6d70954cd94a224e8083f0b.
|
|
(cherry picked from commit 6541bdbe792a3cc420f0367e673f27763528376c)
|