summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2021-12-19T4070: natv4: Add "any" for inbound-interface listsrividya0208
"any" was missing from the interface list which will be useful to indicate any interface. (cherry picked from commit bd53db9eb63b907a83336ccf8d179b46bf5d42d4)
2021-12-16http-api: T4076: allow setting CORS option 'Access-Control-Allow-Origin'John Estabrook
(cherry picked from commit 55f8ede2d09a9ad095f9ec5c2a729f8c5fb6aafa)
2021-12-15pppoe-server: T3006: Add range to regex generatorDmitriyEshenko
2021-12-14http-api: T4071: allow API to bind to unix domain socketJohn Estabrook
(cherry picked from commit 0e3c35e6517f5cfebb4206c735a2ea976a7fd383)
2021-12-09https: T4055: add vrf supportChristian Poessinger
(cherry picked from commit 955f260ce682d64d27b3b11e618b1ae0176e4b91)
2021-12-06sflow: T4046: Add source-address for sflowViacheslav
(cherry picked from commit bb77dd269bfb9522f5b56ac027598ac20e101f13)
2021-12-04webproxy: T563: bugfix append-domain regexChristian Poessinger
2021-12-03tftp: T4012: Add TFTP VRF supportDmitriyEshenko
2021-11-27Merge pull request #1085 from andriiandrieiev/equuleusChristian Poessinger
filesystem: T3946: root partition auto resize as a service
2021-11-26Merge pull request #1079 from erkin/equuleusChristian Poessinger
conf-mode: NAT interface definition typo fix (Equuleus)
2021-11-25filesystem: T3946: partition resize as a serviceAndrii
2021-11-24openconnect: T3695: Fix certificate files validationDmitriyEshenko
2021-11-24conf-mode: NAT interface definition typo fixerkin
2021-11-15l2tp: T3724: allow setting accel-ppp l2tp host-nameMarek Isalski
(cherry picked from commit 3d00140453b3967370c77ddd9dac4af223a7ddce)
2021-11-14dhcp-server: T3982: dot (.) is an allowed static-mapping characterChristian Poessinger
This reverts a part of commit ac682795b7d69f11076ddf022c3452e411a0fdc5. (cherry picked from commit 1353757247c027f6352000a9450b502c25c460c8)
2021-11-10dhcp-server: T3982: remove support for invalid characters . and +Christian Poessinger
(cherry picked from commit c45e4beadf30accb1838b3bad1f21c2146469bf8)
2021-11-07bonding: T1614: add constraint on member interface names to be usedChristian Poessinger
(cherry picked from commit a4cf71912d52de4398273405b5682d8da5e1dbe3)
2021-11-04sstp: accel-ppp: T3964: add missing input validator for static-ip assignmentChristian Poessinger
(cherry picked from commit b8f702bc7b6e92b8841271b4a2355d2b65ccb247)
2021-11-03sstp: T2566: use XML defaultValue over Jinja2 hardcoded valueChristian Poessinger
2021-11-02sstp: T2566: Fix to allow IPv6 only poolsViacheslav
To allow IPv6 only for vpn sstp sessions we have to add 'ppp-options' which can disable IPv4 allocation explicity. Additional IPv6 ppp-options and fix template for it.
2021-10-31console: T3954: bugfix RuntimeError: dictionary keys changed during iterationChristian Poessinger
(cherry picked from commit f227987ccf41e01d4ddafb6db7b36ecf13148c78)
2021-10-21tunnel: T3925: dhcp-interface was of no use - use source-interface insteadChristian Poessinger
2021-10-13dns: T3277: DNS Forwarding - reverse zones for RFC1918 addressesHard7Rock
(cherry picked from commit 0191c089f94455f53f3f234c094891353583f64c) (cherry picked from commit 8fcff3112b235307b78eb23833c1d646f0e7f9f4)
2021-10-10lcd: T2564: add support for hd44780 displaysChristian Poessinger
(cherry picked from commit 4218a5bcb1093108e25d4e07fa07050b4f79d3d5)
2021-09-30vrrp: T3877: backport handlers to solve "default rfc3768-compatibility" issueJohn Estabrook
Do not create rfc3768-compatibility interfaces by default because of wrong Jinja2 syntax. Backporting the entire system makes it easier in the future to additional bugfixes.
2021-09-26vxlan: T3867: add multicast validator for group addressChristian Poessinger
The group CLI node takes a multicast IPv4 or IPv6 address - this must be input validated to not case any OS exception cpo@LR1.wue3# show interfaces vxlan vxlan vxlan0 { + group 254.0.0.1 source-address 172.18.254.201 + source-interface dum0 vni 10 } Results in OSError beeing rasied with the following context: Error: argument "254.0.0.1" is wrong: invalid group address (cherry picked from commit 0d7cd4ed5725d3e79faad5abc0801631c2ffc813)
2021-09-23T3850: Revert "login: T1948: add missing ssh-public key name regex"Christian Poessinger
This reverts commit 38e02c12a50de685c6d70954cd94a224e8083f0b.
2021-09-21xml: vrrp: T616: add missing valueHelp for "authentication type"Christian Poessinger
(cherry picked from commit 6541bdbe792a3cc420f0367e673f27763528376c)
2021-09-21dhcp-server: T3839: support domain-search and ntp-server config per ↵Christian Poessinger
shared-network (cherry picked from commit 689d1824d251ea9fbd81bf0c941dbd36e33ef420)
2021-09-19xml: dhcp-server: move building blocks to dhcp subdirectoryChristian Poessinger
(cherry picked from commit 59e5b5eb4c0507f9d3831483152a748b58560bfd)
2021-09-19dhcp-server: T3839: support name-servers and domain config per shared-networkChristian Poessinger
DHCP servers "shared-network" level only makes sense if one can specify configuration items that can be inherited by individual subnets. This is now possible for name-servers and the domain-name. set service dhcp-server shared-network-name LAN domain-name 'vyos.net' set service dhcp-server shared-network-name LAN name-server '192.0.2.1' (cherry picked from commit d411a40a3598c55fae7abd8bc5f1876007aa704b)
2021-09-19dhcpv6-server: xml: add description CLI nodeChristian Poessinger
(cherry picked from commit 90dffcb3c14ec976fecae32d19a979f05a40d9c8)
2021-09-19dhcp-server: xml: use description building blockChristian Poessinger
(cherry picked from commit 564f05614b6e8650185c46b9625f6a0cd9661639)
2021-09-19dhcp-server: T3841: add option to perform ICMP check before address assignmentChristian Poessinger
(cherry picked from commit 83ea0cb273e29db22062cc133b6eabd4ba2761c7)
2021-09-19dhcp-server: T3672: re-add missing "name" CLI optionChristian Poessinger
This option is mandatory and must be user configurable as it needs to match on both sides. (cherry picked from commit 2985035bcb2f3732e15a41e3c2ee6c6c93a6836e)
2021-09-19dhcp-server: T3672: only one failover peer is supportedChristian Poessinger
(cherry picked from commit a8ccf72c222caad8cd7aaca9bca773be39e87f5c)
2021-09-19dhcp-server: T3838: rename dns-server to name-server nodeChristian Poessinger
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given pool. In order to use the same CLI syntax this should be renamed to name-server, which is already the case for DHCPv6. (cherry picked from commit e2f9f4f4e8b2e961a58d935d09798ddb4e1e0460)
2021-09-19dhcp-server: T1968: allow multiple static-routes to be configuredChristian Poessinger
vyos@vyos# show service dhcp-server shared-network-name LAN { subnet 10.0.0.0/24 { default-router 10.0.0.1 dns-server 194.145.150.1 lease 88 range 0 { start 10.0.0.100 stop 10.0.0.200 } static-route 192.168.10.0/24 { next-hop 10.0.0.2 } static-route 192.168.20.0/24 { router 10.0.0.2 } } } (cherry picked from commit a4440bd589db645eb99f343a8163e188a700774c)
2021-09-19T3840: Allow larger DNS forwarding cache sizesLucas Christian
(cherry picked from commit 60f34805d72973e510d1381e4b67a73d0a0952f4)
2021-09-18OpenConnect: Fix typo in help propertyMarcel Gisselmann
2021-09-15typo: remove unnecessary 'i' from helpJavinator9889
(cherry picked from commit ec9503a9ec487ec7aa3524cb9847357f0631ca25)
2021-09-11Merge pull request #1001 from erkin/equuleusDaniil Baturin
T3275: conntrack: Backport XML/Python implementation of conntrack CLI
2021-09-10T3275: conntrack: Backport XML/Python implementation of conntrack CLIerkin
2021-09-05name-server: T3804: merge "system name-servers-dhcp" into "system name-server"Christian Poessinger
We have "set system name-server <ipv4|ipv6>" to specify a name-server IP address we wan't to use. We also have "set system name-servers-dhcp <interface>" which does the same, but the name-server in question is retrieved via DHCP. Both CLI nodes are combined under "set system name-server <ipv4|ipv6|interface>" to keep things as they are in real life - we need a name-server.
2021-09-04T3697: do not try to restart charon if it's not requiredDaniil Baturin
The root cause is that the ipsec-settings.py script is run _twice_: first from "vpn ipsec options", then from the top level "vpn" node. The case when it's not required is when: * "vpn ipsec" configuration doesn't exist yet * user configured it with "vpn ipsec options" * the ipsec-settings.py script is run first time, from "vpn ipsec options" Trying to restart charon at that stage leads to a deadlock.
2021-09-03openvpn: T690: Add metric for pushed routesViacheslav
2021-09-02nipsec: T3093: Delete temporarily generated codeViacheslav
This code was generated before to rewrite IPSec to XML style And this was rewriten/fixed and used in the next 1.4 releases So we realy don't need it in 1.3 as we use old nodes for it.
2021-09-01login: T1948: add missing ssh-public key name regexChristian Poessinger
(cherry picked from commit 514da738173696c70440c959b9d7ec9afd77fbae)
2021-09-01login: T1948: fix username regex - add missing start ^ and end $Christian Poessinger
(cherry picked from commit bbe0deda9bfcfd4116c44b42156a628de8400b48)
2021-08-31ssh: T3789: add custom validator for base64 encoded CLI dataChristian Poessinger
SSH keys used for remote login are supplied as base64 encoded data on the CLI. The key is not validated, thus an invalid copy/pasted key will render the login useless. This commit adds a custom and re-usable validator which check if the data is properly base64 encoded. (cherry picked from commit 00efce716912680354d47a2dca9769cd8c5c89ae)