| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-02-02 | Merge pull request #2927 from ishioni/T5955 | Christian Breunig | |
| container: T5955: add uid/gid settings | |||
| 2024-02-02 | container: T5955: allow setting uid/gid | Piotr Maksymiuk | |
| 2024-02-02 | Merge pull request #2891 from aapostoliuk/T5971-circinus | Viacheslav Hletenko | |
| T5971: Rewritten ppp options in accel-ppp services | |||
| 2024-02-01 | upnp: T5989: add ipv4-prefix as a valid option for UPnP ACLs | Chris Buechler | |
| 2024-02-01 | Merge pull request #2756 from nicolas-fort/T4839 | Christian Breunig | |
| T4839: firewall: Add dynamic address group in firewall configuration | |||
| 2024-02-01 | Merge pull request #2860 from indrajitr/ddclient-update-20240119 | Christian Breunig | |
| ddclient: T5966: Adjust dynamic dns config address subpath | |||
| 2024-02-01 | Merge pull request #2903 from HollyGurza/T5687 | Christian Breunig | |
| dns forwarding: T5687: Implement ECS settings for PowerDNS recursor | |||
| 2024-02-01 | dns forwarding: T5687: add missing constraints on ecs-add-for CLI node | Christian Breunig | |
| Completion help suggests only IPv4 and IPv6 prefixes are supported, thus add a proper constraint enforcing this. | |||
| 2024-02-01 | Merge pull request #2914 from aapostoliuk/T5930-circinus | Christian Breunig | |
| bgp: T5930: Denied using rt vpn 'export/import' with 'both' together | |||
| 2024-02-01 | bgp: T5930: Denied using rt vpn 'export/import' with 'both' together | aapostoliuk | |
| Denied using command 'route-target vpn export/import' with 'both' together in bgp configuration. | |||
| 2024-02-01 | Merge pull request #2887 from nicolas-fort/T5977 | Christian Breunig | |
| T5977: firewall: remove ipsec options in output chain rule definition… | |||
| 2024-01-31 | dns forwarding: T5687: Implement ECS settings for PowerDNS recursor | khramshinr | |
| Fix option descriptions | |||
| 2024-01-30 | reverse-proxy: T5999: Allow root for exact match in backend rule URL | cleopold73 | |
| 2024-01-30 | dns forwarding: T5687: Implement ECS settings for PowerDNS recursor | khramshinr | |
| 2024-01-29 | T5971: Rewritten ppp options in accel-ppp services | aapostoliuk | |
| Rewritten 'ppp-options' to the same view in all accel-ppp services. Adding IPv6 support to PPTP. | |||
| 2024-01-25 | T4839: firewall: Add dynamic address group in firewall configuration, and ↵ | Nicolas Fort | |
| appropiate commands to populate such groups using source and destination address of the packet. | |||
| 2024-01-23 | T5977: firewall: remove ipsec options in output chain rule definitions, ↵ | Nicolas Fort | |
| since it's not supported. | |||
| 2024-01-23 | T5979: add configurable kernel boot option 'disable-mitigations' | Christian Breunig | |
| 2024-01-23 | bfd: T5967: add minimum-ttl option | Christian Breunig | |
| * set protocols bfd peer <x.x.x.x> minimum-ttl <1-254> * set protocols bfd profile <name> minimum-ttl <1-254> | |||
| 2024-01-22 | sflow: T5968: add VRF support | Christian Breunig | |
| Add support to run hsflowd in a dedicated (e.g. management) VRF. Command will be "set system sflow vrf <name>" like with any other service | |||
| 2024-01-21 | ddclient: T5966: Migration script for dynamic dns config subpath change | Indrajit Raychaudhuri | |
| 2024-01-21 | ddclient: T5966: Adjust dynamic dns config address subpath | Indrajit Raychaudhuri | |
| Modify the dynamic dns configuration 'address' subpath for better clarity on how the address is obtained. Additionally, remove `web-options` and fold those options under the path `address web`. | |||
| 2024-01-21 | Merge pull request #2863 from c-po/ntp-T5692 | Christian Breunig | |
| ntp: T5692: add support to configure leap second behavior | |||
| 2024-01-21 | Merge pull request #2852 from sever-sever/T5958 | Viacheslav Hletenko | |
| T5958: QoS add basic implementation of policy shaper-hfsc | |||
| 2024-01-21 | ntp: T5692: add support to configure leap second behavior | Christian Breunig | |
| * set service ntp leap-second [ignore|smear|system|timezone] Where timezone is the new and old default resulting in adding "leapsectz right/UTC" to chrony.conf. The most prominent new option is "smear" which will add leapsecmode slew maxslewrate 1000 smoothtime 400 0.001 leaponly to chrony. See https://chrony-project.org/doc/4.3/chrony.conf.html leapsecmode for additional information | |||
| 2024-01-18 | T5779: conntrack: bump version number | Christian Breunig | |
| 2024-01-18 | T5958: QoS add basic implementation of policy shaper-hfsc | Viacheslav Hletenko | |
| QoS policy shaper-hfsc was not implemented after rewriting the traffic-policy to qos policy. We had CLI but it does not use the correct class. Add a basic implementation of policy shaper-hfsc. Write the class `TrafficShaperHFS` | |||
| 2024-01-18 | Merge pull request #2848 from c-po/T5738-config-management | Christian Breunig | |
| xml: T5738: re-use source-address-ipv4-ipv6 building block for config-management | |||
| 2024-01-18 | xml: T5738: re-use source-address-ipv4-ipv6 building block for config-management | Christian Breunig | |
| 2024-01-18 | Merge pull request #2846 from c-po/t863 | Daniil Baturin | |
| ndp-proxy: T5863: add missing priority to honor interface dependencies | |||
| 2024-01-18 | ndp-proxy: T5863: add missing priority to honor interface dependencies | Christian Breunig | |
| 2024-01-17 | T5953: Changed values of 'close-action' to Strongswan values | aapostoliuk | |
| Changed the value from 'hold' to 'trap' in the 'close-action' option in the IKE group. Changed the value from 'restart' to 'start' in the 'close-action' option in the IKE group. | |||
| 2024-01-17 | Merge pull request #2832 from aapostoliuk/T5865-circinus | Christian Breunig | |
| T5865: Moved ipv6 pools to named ipv6 pools in accel-ppp | |||
| 2024-01-16 | T4658: Renamed DPD action value from 'hold' to 'trap' | aapostoliuk | |
| Renamed DPD action value from 'hold' to 'trap' | |||
| 2024-01-16 | T5865: Moved ipv6 pools to named ipv6 pools in accel-ppp | aapostoliuk | |
| Moved ipv6 pools to named ipv6 pools in accel-ppp services | |||
| 2024-01-14 | bgp: T591: add VPN nexthop support per address-family | Christian Breunig | |
| set protocols bgp address-family ipv4-unicast nexthop vpn export <ipv4-address|ipv6-address> set protocols bgp address-family ipv6-unicast nexthop vpn export <ipv4-address|ipv6-address> | |||
| 2024-01-14 | bgp: T591: add SRv6 per address-family SID support | Christian Breunig | |
| set protocols bgp address-family ipv4-unicast sid vpn export <auto|1-1048575> set protocols bgp address-family ipv6-unicast sid vpn export <auto|1-1048575> | |||
| 2024-01-13 | dhcpv6: T3316: Add `listen-interface` as supported by Kea | sarthurdev | |
| 2024-01-13 | dhcpv6: T3316: Move options to separate node and extend scopes | sarthurdev | |
| * Also migrate `address-range` to `range` tag node for consistency with dhcpv4 server syntax | |||
| 2024-01-11 | dhcp: dhcpv6: T3316: Add `subnet-id` so leases remain mapped to entries in ↵ | Simon | |
| the lease file (#2796) | |||
| 2024-01-10 | Merge pull request #2777 from aapostoliuk/T5688-multirange | Christian Breunig | |
| T5688: Changed 'range' to multi in 'client-ip-pool' for accell-ppp | |||
| 2024-01-10 | Merge pull request #2787 from c-po/bgp-5913 | Viacheslav Hletenko | |
| bgp: T5913: allow peer-group support for ipv4|6-labeled-unicast SAFI | |||
| 2024-01-10 | bgp: T5913: allow peer-group support for ipv4|6-labeled-unicast SAFI | Christian Breunig | |
| 2024-01-10 | Merge pull request #2785 from sarthurdev/kea-options | Christian Breunig | |
| dhcp: T3316: T5787: T5912: Extend scope of DHCP options, bugfixes | |||
| 2024-01-10 | dhcp: T3316: Fix `listen-address` handling and add `listen-interface` as ↵ | sarthurdev | |
| supported by Kea | |||
| 2024-01-10 | dhcp: T3316: Move options to separate node and extend scopes | sarthurdev | |
| 2024-01-09 | T5688: Changed 'range' to multi in 'client-ip-pool' for accell-ppp | aapostoliuk | |
| Changed node 'range' to multi in 'client-ip-pool' for accell-ppp services. Added completionHelp to default-pool and next-pool. Fixed verification in vpn l2tp config script. | |||
| 2024-01-09 | https: T5902: remove virtual-host configuration | Christian Breunig | |
| We have not seen the adoption of the https virtual-host CLI option. What it did? * Create multiple webservers each listening on a different IP/port (but in the same VRF) * All webservers shared one common document root * All webservers shared the same SSL certificates * All webservers could have had individual allow-client configurations * API could be enabled for a particular virtual-host but was always enabled on the default host This configuration tried to provide a full webserver via the CLI but VyOS is a router and the Webserver is there for an API or to serve files for a local-ui. Changes Remove support for virtual-hosts as it's an incomplete and thus mostly useless "thing". Migrate all allow-client statements to one top-level allow statement. | |||
| 2024-01-07 | Merge pull request #2758 from c-po/certbot-T5886 | Christian Breunig | |
| pki: T5886: add support for ACME protocol (LetsEncrypt) | |||
| 2024-01-06 | dns: T5900: add dont-throttle-netmasks and serve-stale-extensions powerdns ↵ | fvlaicu | |
| features | |||
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/marekm72/vyos-1x.git) |
| summaryrefslogtreecommitdiff |
path: root/interface-definitions