Age | Commit message (Collapse) | Author |
|
dns: T4509: Add dns64-prefix option
|
|
rfc6147: DNS Extensions for Network Address Translation
from IPv6 Clients to IPv4 Servers
set service dns forwarding dns64-prefix 2001:db8:aabb::/96
|
|
firewall: T4299: Add ability to inverse match country-codes
|
|
|
|
When clients only use DHCP for interface addressing we can not bind NTPd to
an address - as it will fail if the address changes. This commit adds support
to bind ntpd to a given interface in addition to a given address.
set system ntp interface <name>
|
|
|
|
dns: T4378: Allow wildcard A AAAA record with option all
|
|
Ability to set wildcard record for authoritative-domain
set authoritative-domain example.com records a any address 192.0.2.11
cat /run/powerdns/zone.example.com.conf
* 300 A 192.0.2.11
|
|
Add rate-limit options: attribute, muptiplier and vendor
set service ipoe-server auth radius rate-limit attribute 'Mikrotik-Rate-Limit'
set service ipoe-server auth radius rate-limit enable
set service ipoe-server auth radius rate-limit multiplier '0.001'
set service ipoe-server auth radius rate-limit vendor 'Miktorik'
|
|
openvpn: T4485: Accept multiple tls ca-certificate values
|
|
|
|
|
|
|
|
|
|
set service router-advert interface eth0 name-server-lifetime <value>
|
|
Some files that described the CLI used underscores to split CLI levels, some
others did not. This commit removes all underscores from the filename and only
makes use of a hyphen.
|
|
This PR adds an config option to enable/disable IGMP/MLD snooping.
```
set interfaces bridge brN igmp snooping
```
|
|
|
|
Fix worng behavior with priority with using tunnel interfaces
MPLS configuration must be applied after tunnel interfaces
as we use an addition sysctl option 'net.mpls.conf.tun0.input = 1'
which doesn't exist without tunnel interface
Change priority:
299 protocols/mpls
380 interfaces/tunnel
To:
380 interfaces/tunnel
400 protocols/mpls
|
|
Policy: T4475: add support for matching ipv6 addresses on peer option…
|
|
route-map
|
|
Commit a6f82bb484 ("T1748: vbash: beautify tab completion output/line breaks")
added a method to split the help string and insert newlines and leading tabs
in a deterministic way.
This commit cleans up the legacy implementations where leading whitespaces got
counted and added by humans in a try/error method.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
firewall: T478: Add support for nesting groups
|
|
|
|
Firewall:T4458: Add ttl match option in firewall
|
|
If a parameter is required is determined from the Python string on commit.
This "indicator" is not used consistently and sometimes missing, or added where
it is not required anymore due to Python script improvement/rewrite.
|
|
|
|
|
|
Protocols: T4460: Add input checks for cisco-authentication in nhrp
|
|
It can be more then 5 symbols in top-level-domain address
for example '.photography' and '.accountants'
Firewall group can be added without address:
* set firewall group domain-group DOMAIN
Check if 'address' exists in group_config
|
|
nhrp protocol
|
|
Firewall: T3907: add log-level options in firewall
|
|
|
|
* 'sstp_port' of https://github.com/goodNETnick/vyos-1x:
sstp: T4444. Port number changing support
|
|
firewall: T970: Add firewall group domain-group
|
|
event-handler: T3083: Add simple event-handler
|
|
Before:
set service event-handler Foo
After:
set service event-handler event Foo
|
|
* Added the ability to filter by a syslog identifier
* Added the ability to pass arguments to a script
* Added the ability to pass preconfigured environment variables to a script
* A message that triggered a script is now passed in the `message` variable and
can be used in a script
* Replaced `call()` to `run()`, since stdout are not need to be printed
|
|
Edit regex to check firewall-group
|
|
|
|
Move 'system event-handler' to 'service event-handler'
|
|
Event-handler allows executing a custom script when in logs it
detects configured "pattern"
A simple implemenation
set system event-handler first pattern '.*ssh2.*'
set system event-handler first script '/config/scripts/hello.sh'
|
|
for ipv4
|
|
OWAMP is a command line client application and a policy daemon used
to determine one way latencies between hosts.
OWAMP session control uses traditional client-server communication
between a control-client and a server,
TWAMP (two-way active measurement protocol)
Add configuration and operation modes
set service sla owamp-server
set service sla twamp-server
run force owping 192.0.2.120
run force twping 192.0.2.190
|