summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2022-11-24Merge pull request #1641 from Rain/T4612-arbitrary-netmasksChristian Poessinger
firewall: T4612: Support arbitrary netmasks
2022-11-24veth: T4825: minor improvements on XML peer-name handlingChristian Poessinger
2022-11-24Merge branch 'T4825' of https://github.com/sever-sever/vyos-1x into t4825-vethChristian Poessinger
* 'T4825' of https://github.com/sever-sever/vyos-1x: T4825: Add basic smoketest for veth interfaces T4825: Add interface type veth
2022-11-24T4825: Add interface type vethViacheslav Hletenko
Add interface type veth (Virtual ethernet) One of the usecases it's interconnect different vrf's and default vrf via bridge set interfaces virtual-ethernet veth0 peer-name 'veth1010' set interfaces virtual-ethernet veth1010 address '10.0.0.10/24' set interfaces virtual-ethernet veth1010 peer-name 'veth0' set interfaces virtual-ethernet veth1010 vrf 'foo' set interfaces bridge br0 address '10.0.0.1/24' set interfaces bridge br0 member interface veth0
2022-11-22container: T4834: Limit network names to 11 characters (15 char max ↵sarthurdev
including "cni-" prefix) * Error: unable to start container "<id>": plugin type="bridge" failed (add): cni plugin bridge failed: failed to create bridge "cni-thisismorethan15chars": could not add "cni-thisismorethan15chars": numerical result out of range
2022-11-18T4826: Fix login pubkey key type ed25519-sk ecdsa-skViacheslav Hletenko
Requires full key type name like sk-ecdsa-sha2-nistp256@openssh.com and sk-ssh-ed25519@openssh.com
2022-11-17Merge pull request #1654 from sarthurdev/pbr_refactorChristian Poessinger
policy: T2199: T4605: Migrate policy route interface node
2022-11-13T4813: add l3vpn over gre option from route-mapfett0
2022-11-13l3VPN : T4182: add l3vpn over gre option from route-mapfett0
2022-11-11policy: T2199: T4605: Migrate policy route interface to `policy route|route6 ↵sarthurdev
<name> interface <ifname>` * Include refactor to policy route to allow for deletion of mangle table instead of complex cleanup * T4605: Rename mangle table to vyos_mangle
2022-11-10dns: T738: add CLI option for PowerDNS local-portZen3515
2022-11-05container: T4802: support per container shared-memory size configurationChristian Poessinger
Size of /dev/shm within a container can be defined via --shm-size when invoking the container. Add corresponding CLI node.
2022-11-03Merge pull request #1633 from sarthurdev/fqdnChristian Poessinger
firewall: T970: T1877: Add source/destination fqdn, refactor domain resolver, firewall groups in NAT
2022-11-03nat: T1877: T970: Add firewall groups to NATsarthurdev
2022-11-03firewall: T970: Refactor domain resolver, add firewall source/destination ↵sarthurdev
`fqdn` node
2022-11-03validators: T4795: migrate mac-address python validator to validate-valueChristian Poessinger
Instead of spawning the Python interpreter for every mac-address to validate, rather use the base validate-value OCaml implementation which is much faster. This removes redundant code and also makes the CLI more responsive. Validator is moved out to a dedicated file instead of using XML inlined <regex> for the reason of re-usability. So if that regex needs to be touched again - it can all happen in one single file.
2022-11-03xml: T4795: superseed allowed-vlan validator by numeric range validatorChristian Poessinger
Reduce CPU time when spawning the python interpreter. Same can be done by the numeric validator.
2022-11-03xml: T4795: provide common and re-usable XML definitions for policyChristian Poessinger
Remove duplicated code and move to single-source of truth.
2022-11-01login: T4750: add ecdsa-sk and ed25519-sk as supported public key typeChristian Poessinger
2022-10-31ipsec: T4787: add support for road-warrior/remote-access RADIUS timeoutChristian Poessinger
This enabled users to also use 2FA/MFA authentication with a radius backend as there is enough time to enter the second factor.
2022-10-30snmp: T4785: allow @, * and # in SNMP community nameChristian Poessinger
2022-10-29snmp: T4785: allow ! in community nameChristian Poessinger
2022-10-29static: T4784: add description node for static route/route6 tagNodesChristian Poessinger
2022-10-25graphql: T4574: add interface definitions for authentication settingsJohn Estabrook
2022-10-21graphql: T4768: change name of api child node from 'gql' to 'graphql'John Estabrook
2022-10-17ssh: T4720: Ability to configure SSH-server HostKeyAlgorithmsViacheslav Hletenko
Ability to configure SSH-server HostKeyAlgorithms. Specifies the host key signature algorithms that the server offers. Can accept multiple values.
2022-10-14login: 2fa: T874: fix Google authenticator issuesChristian Poessinger
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos'
2022-10-13T4739: OSPF segment routing being refactoredCheeze_It
2022-10-13T4739: ISIS segment routing being refactoredCheeze_It
2022-10-13monitoring: T4312: Ability to set IP address in the URLViacheslav Hletenko
Use common "url.xml" which allow URL as domain name or IP entrie
2022-10-12Merge pull request #1555 from goodNETnick/ssh_otpChristian Poessinger
system login: T874: add 2FA support for local and ssh authentication
2022-10-11system login: T874: add 2FA support for local and ssh authenticationgoodNETnick
2022-10-11xml: ospf: isis: T4739: merge include files for MPLS segment-routingChristian Poessinger
2022-10-11Merge pull request #1574 from Cheeze-It/currentChristian Poessinger
isis: T4739: ISIS segment routing being refactored
2022-10-11Merge pull request #1547 from initramfs/current-limiter-actionsChristian Poessinger
qos: T4688: add xml template for limiter actions
2022-10-11isis: T4739: ISIS segment routing being refactoredCheeze_It
This is to refactor ISIS segment routing to match up with OSPF segment routing.
2022-10-10Merge pull request #1577 from sarthurdev/T4741Christian Poessinger
firewall: policy: T4741: T4742: Verify zone `from` is defined, autocomplete policy route tables
2022-10-10Merge pull request #1563 from sever-sever/T4716Christian Poessinger
ssh: T4716: Ability to configure RekeyLimit data and time
2022-10-10policy: T4742: Add policy route table auto-completesarthurdev
2022-10-10ssh: T4716: Ablity to configure RekeyLimit data and timeViacheslav Hletenko
Ability to configure SSH RekeyLimit data (in Megabytes) and time (in Minutes) set service ssh rekey data 1024 set service ssh rekey time 60
2022-10-09firewall: T3907: Fix firewall state-policy loggingsarthurdev
When log-level was introduced node `state-policy x log` was removed without migrator. This commit adds it back and improves log handling.
2022-10-08firewall: T4612: Support arbitrary netmasksRain
Add support for arbitrary netmasks on source/destination addresses in firewall rules. This is particularly useful with DHCPv6-PD when the delegated prefix changes periodically.
2022-10-07Merge pull request #1572 from Cheeze-It/currentChristian Poessinger
ospf: T4707: Add OSPF segment routing for FRR
2022-10-07Merge branch 'current' into radius-rate-limit-compChristian Poessinger
2022-10-06ospf: T4707: Add OSPF segment routing for FRRCheeze_It
In this commit we add OSPF segment routing, smoke tests, handlers, FRR template changes, and CLI commands.
2022-10-06xml: T4722: radius: remove superfluous "default" help stringChristian Poessinger
vyos-1x automatically adds a "(default: ...)" hint to the CLI help if the <defaultValue> XML tag is used. No need to specify this manually.
2022-10-06Merge pull request #1567 from aapostoliuk/T4660-sagittaChristian Poessinger
policy: T4660: Changed CLI syntax in route-map set community
2022-10-06T4727: add support for RADIUS rate limiting to PPTP (#1570)Daniil Baturin
2022-10-03T4726: add completion help and validation for accel-ppp vendor optionDaniil Baturin
2022-10-03policy: T4660: Changed CLI syntax in route-map set communityaapostoliuk
Changed CLI syntax in route-map set community, set large-community, set extcommunity Allows to add multiple communities, large-communities and extcommunities in clear view. Added new well-known communities. Added non-transitive feature in extcommunities. Fixed community's validators.