summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2019-11-11[OpenVPN]: T1704: Changed the description of ncp-ciphers in configvindenesen
2019-11-11[OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it.vindenesen
[OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers. [OpenVPN]: T1704: Added migration scripts for interface 2-to-3
2019-11-08QAT: T1788: Intel QAT implementationDmitriyEshenko
2019-11-02bonding: T1777: change priority to be after ethernet interfacesChristian Poessinger
On system reboots (mainly) the bond has been created and configured a MAC address on the physical ports. Later ethernet interfaces have been configured overwriting the bond MAC address.
2019-10-28Merge pull request #154 from zdc/T1772Christian Poessinger
[XML templates] T1772: Add escaping of `\` symbol in `<regex>`
2019-10-28[XML templates] T1772: Changed old hacks to proper regex, according to the fixzsdc
2019-10-27snmp: T1769: remove TSM (Transport Security Mode) supportChristian Poessinger
The SNMPv3 TSM is very complex and I know 0 users of it. Also this is untested and I know no way how it could be tested. Instead of carrying on dead and unused code we should favour a drop of it using a proper config migration script.
2019-10-27snmp: T818: T1738: remove per user/trap engine idChristian Poessinger
As of the SNMP specification an SNMP engine ID should be unique per device. To not make it more complicated for users - only use the global SNMP engine ID.
2019-10-18system-proxy: T1741 - Add system wide proxy setting CLI implementationhagbard
2019-10-17snmp: T1737: add missing completion helpersChristian Poessinger
2019-10-13Sync XML interface description source file pattern and conf script nameChristian Poessinger
renamed: interface-bonding.py -> interfaces-bonding.py renamed: interface-bridge.py -> interfaces-bridge.py renamed: interface-dummy.py -> interfaces-dummy.py renamed: interface-ethernet.py -> interfaces-ethernet.py renamed: interface-loopback.py -> interfaces-loopback.py renamed: interface-openvpn.py -> interfaces-openvpn.py renamed: interface-vxlan.py -> interfaces-vxlan.py renamed: interface-wireguard.py -> interfaces-wireguard.py
2019-10-09T1430: add dhcp vendor-class-id client optionChristian Poessinger
2019-10-06ipoe-server: XML: run through XMLlintChristian Poessinger
2019-10-06ipoe-server: optimize port completion helper to match all othersChristian Poessinger
2019-10-01Revert "wireguard: T1700 - Wireguard FQDN endpoint doesn't work after reboot"hagbard
This reverts commit daf2e29e3693a7eb2d8b6fc378d984b9a17d2aa3. It had unknown side effects, undiscovered during testing
2019-09-30wireguard: T1700 - Wireguard FQDN endpoint doesn't work after reboothagbard
2019-09-30[OpenVPN]: T1688: Added aes-gcm encryptionsvindenesen
2019-09-25T1685 Adding ethernet valueHelp for vif,vif-s,vif-cDmitriyEshenko
2019-09-21Merge pull request #134 from c-po/t1637-ethernetChristian Poessinger
T1637 - Rewrite ethernet interface in new style XML syntax
2019-09-20ethernet: T1637: add support for 25G, 40G, 50G and 100G link speedsChristian Poessinger
2019-09-20Revert "ethernet: T1637: only list supported link speeds for completion helper"Christian Poessinger
This reverts commit d6a6daaf1d7ed0f1ff2e53490972e0cf11fff000.
2019-09-20ethernet: T1637: only list supported link speeds for completion helperChristian Poessinger
2019-09-20ethernet: T1637: initial rewrite in XML/Python styleChristian Poessinger
2019-09-20Merge pull request #133 from vindenesen/openvpn-minimum-tls-versionDaniil Baturin
[OpenVPN] T1675: Added setting for minimum tls version
2019-09-20OpenVPN - changed tls-minimum-version to tls-version-minvindenesen
2019-09-20openvpn: T1548: add validator for TLS cert filesChristian Poessinger
2019-09-19OpenVPN - Added setting for minimum tls versionvindenesen
2019-09-19Added setting for tls-auth. Added check for if tls_cert and tls_key was defined.vindenesen
2019-09-16[IPoE] - T1664: Ipoe with bond per vlan don't workhagbard
2019-09-12[l2tp] T834 Implementation advanced ppp-options/lcp.DmitriyEshenko
2019-09-10[wireguard]: T1572 - Wireguard keyPair per interfacehagbard
- param key location added in op-mode script - param delkey and listkey implemented in op-mode script - param delkey implemented in op-mode script - generate and store named keys - interface implementation tu use cli option 'private-key'
2019-09-06vxlan: T1636: initial rewrite with XML and PythonChristian Poessinger
Tested using: Site 1 (VyOS 1.2.2) ------------------- set interfaces vxlan vxlan100 address '10.10.10.2/24' set interfaces vxlan vxlan100 remote '172.18.201.10' set interfaces vxlan vxlan100 vni '100' Site 2 (rewrite) ---------------- set interfaces vxlan vxlan100 address '10.10.10.1/24' set interfaces vxlan vxlan100 description 'VyOS VXLAN' set interfaces vxlan vxlan100 remote '172.18.202.10' set interfaces vxlan vxlan100 vni '100'
2019-09-06Python/ifconfig: T1557: vxlan: initial support via VXLANIfChristian Poessinger
2019-09-06openvpn: T1548: use long syntax on list_interfaces.py '--type' instead of '-t'Christian Poessinger
2019-09-06bridge: T1556: make ARP cache constraint error message more genericChristian Poessinger
2019-09-06bonding: T1614: make ARP cache constraint error message more genericChristian Poessinger
2019-09-04[service https] T1443: rename "server-names" option to "server-name".Daniil Baturin
2019-09-04[service https] T1443: use "listen-address" option instead of "listen-addresses"Daniil Baturin
to follow the established convention.
2019-09-04bonding: T1614: Initial version in new style XML/Python interfaceChristian Poessinger
The node 'interfaces ethernet eth0 bond-group' has been changed and de-nested. Bond members are now configured in the bond interface itself. set interfaces bonding bond0 member interface eth0
2019-09-01Revert "bridge: T1556: increase max-age range to 1200 (30 minutes)"Christian Poessinger
This reverts commit 3b119c91ca70c51aab24d4ef8b3913f47281321a.
2019-09-01bridge: T1556: change 'aging' help textChristian Poessinger
2019-08-31bridge: T1556: increase max-age range to 1200 (30 minutes)Christian Poessinger
2019-08-27[service https] T1443: Correct the use of listen/server_name directivesJohn Estabrook
2019-08-26bridge: T1556: bugfix: aging range validatorChristian Poessinger
2019-08-26bridge: T1556: bugfix: disable node must be valuelessChristian Poessinger
2019-08-23[dummy] T1609 migrate to vyos.interfaceconfig, adding check ip-cidr, adding ↵DmitriyEshenko
vyos.interfaceconfig common ipv4/ipv6 functions
2019-08-23[dummy] T1609 Fixing dummy interface stateDmitriyEshenko
2019-08-21loopback: T1601: rewrite using XML/Python definitionsChristian Poessinger
2019-08-20powerdns: T1595: remove 'listen-on' CLI optionChristian Poessinger
2019-08-20powerdns: T1524: support setting allow-from networkChristian Poessinger
Netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from RFC 1918 private IP addresses. Due to the aggressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer. https://docs.powerdns.com/recursor/settings.html#allow-from Imagine an ISP network with non RFC1918 IP adresses - they can't make use of PowerDNS recursor. As of now VyOS hat allow-from set to 0.0.0.0/0 and ::/0 which created an open resolver. If there is no allow-from statement a config-migrator will add the appropriate nodes to the configuration, resulting in: service { dns { forwarding { allow-from 0.0.0.0/0 allow-from ::/0 cache-size 0 ignore-hosts-file listen-address 192.0.2.1 } } }