Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-09-30 | wireguard: T1700 - Wireguard FQDN endpoint doesn't work after reboot | hagbard | |
2019-09-30 | [OpenVPN]: T1688: Added aes-gcm encryptions | vindenesen | |
2019-09-25 | T1685 Adding ethernet valueHelp for vif,vif-s,vif-c | DmitriyEshenko | |
2019-09-21 | Merge pull request #134 from c-po/t1637-ethernet | Christian Poessinger | |
T1637 - Rewrite ethernet interface in new style XML syntax | |||
2019-09-20 | ethernet: T1637: add support for 25G, 40G, 50G and 100G link speeds | Christian Poessinger | |
2019-09-20 | Revert "ethernet: T1637: only list supported link speeds for completion helper" | Christian Poessinger | |
This reverts commit d6a6daaf1d7ed0f1ff2e53490972e0cf11fff000. | |||
2019-09-20 | ethernet: T1637: only list supported link speeds for completion helper | Christian Poessinger | |
2019-09-20 | ethernet: T1637: initial rewrite in XML/Python style | Christian Poessinger | |
2019-09-20 | Merge pull request #133 from vindenesen/openvpn-minimum-tls-version | Daniil Baturin | |
[OpenVPN] T1675: Added setting for minimum tls version | |||
2019-09-20 | OpenVPN - changed tls-minimum-version to tls-version-min | vindenesen | |
2019-09-20 | openvpn: T1548: add validator for TLS cert files | Christian Poessinger | |
2019-09-19 | OpenVPN - Added setting for minimum tls version | vindenesen | |
2019-09-19 | Added setting for tls-auth. Added check for if tls_cert and tls_key was defined. | vindenesen | |
2019-09-16 | [IPoE] - T1664: Ipoe with bond per vlan don't work | hagbard | |
2019-09-12 | [l2tp] T834 Implementation advanced ppp-options/lcp. | DmitriyEshenko | |
2019-09-10 | [wireguard]: T1572 - Wireguard keyPair per interface | hagbard | |
- param key location added in op-mode script - param delkey and listkey implemented in op-mode script - param delkey implemented in op-mode script - generate and store named keys - interface implementation tu use cli option 'private-key' | |||
2019-09-06 | vxlan: T1636: initial rewrite with XML and Python | Christian Poessinger | |
Tested using: Site 1 (VyOS 1.2.2) ------------------- set interfaces vxlan vxlan100 address '10.10.10.2/24' set interfaces vxlan vxlan100 remote '172.18.201.10' set interfaces vxlan vxlan100 vni '100' Site 2 (rewrite) ---------------- set interfaces vxlan vxlan100 address '10.10.10.1/24' set interfaces vxlan vxlan100 description 'VyOS VXLAN' set interfaces vxlan vxlan100 remote '172.18.202.10' set interfaces vxlan vxlan100 vni '100' | |||
2019-09-06 | Python/ifconfig: T1557: vxlan: initial support via VXLANIf | Christian Poessinger | |
2019-09-06 | openvpn: T1548: use long syntax on list_interfaces.py '--type' instead of '-t' | Christian Poessinger | |
2019-09-06 | bridge: T1556: make ARP cache constraint error message more generic | Christian Poessinger | |
2019-09-06 | bonding: T1614: make ARP cache constraint error message more generic | Christian Poessinger | |
2019-09-04 | [service https] T1443: rename "server-names" option to "server-name". | Daniil Baturin | |
2019-09-04 | [service https] T1443: use "listen-address" option instead of "listen-addresses" | Daniil Baturin | |
to follow the established convention. | |||
2019-09-04 | bonding: T1614: Initial version in new style XML/Python interface | Christian Poessinger | |
The node 'interfaces ethernet eth0 bond-group' has been changed and de-nested. Bond members are now configured in the bond interface itself. set interfaces bonding bond0 member interface eth0 | |||
2019-09-01 | Revert "bridge: T1556: increase max-age range to 1200 (30 minutes)" | Christian Poessinger | |
This reverts commit 3b119c91ca70c51aab24d4ef8b3913f47281321a. | |||
2019-09-01 | bridge: T1556: change 'aging' help text | Christian Poessinger | |
2019-08-31 | bridge: T1556: increase max-age range to 1200 (30 minutes) | Christian Poessinger | |
2019-08-27 | [service https] T1443: Correct the use of listen/server_name directives | John Estabrook | |
2019-08-26 | bridge: T1556: bugfix: aging range validator | Christian Poessinger | |
2019-08-26 | bridge: T1556: bugfix: disable node must be valueless | Christian Poessinger | |
2019-08-23 | [dummy] T1609 migrate to vyos.interfaceconfig, adding check ip-cidr, adding ↵ | DmitriyEshenko | |
vyos.interfaceconfig common ipv4/ipv6 functions | |||
2019-08-23 | [dummy] T1609 Fixing dummy interface state | DmitriyEshenko | |
2019-08-21 | loopback: T1601: rewrite using XML/Python definitions | Christian Poessinger | |
2019-08-20 | powerdns: T1595: remove 'listen-on' CLI option | Christian Poessinger | |
2019-08-20 | powerdns: T1524: support setting allow-from network | Christian Poessinger | |
Netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from RFC 1918 private IP addresses. Due to the aggressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer. https://docs.powerdns.com/recursor/settings.html#allow-from Imagine an ISP network with non RFC1918 IP adresses - they can't make use of PowerDNS recursor. As of now VyOS hat allow-from set to 0.0.0.0/0 and ::/0 which created an open resolver. If there is no allow-from statement a config-migrator will add the appropriate nodes to the configuration, resulting in: service { dns { forwarding { allow-from 0.0.0.0/0 allow-from ::/0 cache-size 0 ignore-hosts-file listen-address 192.0.2.1 } } } | |||
2019-08-19 | dummy: T1580: rewrite in new style XML/Python | Christian Poessinger | |
2019-08-19 | openvpn: T1548: remove authy 2fa provider | Christian Poessinger | |
According to https://github.com/twilio/authy-openvpn commit 3e5dc73: > This plugin is no longer actively maintained. If you're interested in becoming a maintainer, we welcome forks of this project. In addition this plugin was always missing in the current branch ov VyOS and did not make it into VyOS 1.2 (crux) If 2FA for OpenVPN is required we should probably opt for Google Authenticator or if possible a U2F device. | |||
2019-08-18 | [bridge] T1156: increase bridge priority - bridge interfaces after all ↵ | Christian Poessinger | |
member interfaces are configured | |||
2019-08-17 | openvpn: T1548: 'disabled' leafNode must be valueless | Christian Poessinger | |
2019-08-17 | Merge pull request #107 from c-po/t1548-openvpn | Christian Poessinger | |
T1548 openvpn | |||
2019-08-16 | openvpn: T1548: initial rewrite with XML and Python | Christian Poessinger | |
2019-08-14 | [bfd] T1183: Added validations and fixing bugs in BFD: | zsdc | |
* added validations for "source address IP" and "bfd peer IP" * added check for configuring multihop together with an interface name * fixed "show protocols bfd peer X" for peers with custom options | |||
2019-08-14 | [service https] T1443: add self-signed TLS certificate | John Estabrook | |
2019-08-09 | [bfd] T1183: Added some new functionality and fixed bugs in BFD: | zsdc | |
* added option "echo-mode" and "echo-interval" for BFD peers * added configuration check for usage "multihop" and "echo-mode" * added configuration check for denying deletion BFD peers, which are used in BGP configuration * fixed deleting/changing BFD peers with custom parameters (for example multihop, local-address, etc.) * deleted wrong skipping of configuration check for "shutdown" BFD peers | |||
2019-08-07 | [l2tp] T1566 ipv6 implementation | DmitriyEshenko | |
2019-08-07 | XML: WireGuard: run interfacedefinition through XML lint | Christian Poessinger | |
2019-08-07 | Validator: rename cidr -> ip-cidr to match existing patterns | Christian Poessinger | |
2019-08-05 | [bridge] T1156: add XML completion helpers for interface address (dhcp and ↵ | Christian Poessinger | |
dhcpv6) | |||
2019-08-05 | [bridge] T1156: add XML address constraints | Christian Poessinger | |
2019-08-05 | [bridge] T1156: remove priority of address node | Christian Poessinger | |