summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2024-11-07T6807: allow a trailing slash character in system loginsagittamarekm72
Backport fix from current
2024-10-06T6759: add support for italian keymapChristian Breunig
set system option keyboard-layout it (cherry picked from commit 1c83b39f30880b7e5297db3fffc3afd2cd699f55)
2024-09-30Merge pull request #4116 from vyos/mergify/bp/sagitta/pr-4112Christian Breunig
policy: T6751: add missing completion helpers for community-list (backport #4112)
2024-09-30policy: T6751: add missing completion helpers for community-listChristian Breunig
Add all missing, well-known values for the community-list regex. (cherry picked from commit 3e94e5e318b852dfca36e64d078728d4f5d5304c)
2024-09-30syslog: T5367: add format option to include timezone in messageChristian Breunig
Add CLI option to include the systems timezone in the syslog message sent to a collector. This can be enabled using: set system syslog host <hostname> format include-timezone (cherry picked from commit 042be39ccabb43a766e04a447207610ff017bd7d)
2024-09-21lldp: T6727: add missing input validation for interface namesChristian Breunig
There is no input CLI validation on the interface name passed to the LLDP service. (cherry picked from commit 82ba669c2632ae554528b13efd6489ced3e39964)
2024-09-13container: T6701: add support to disable container network DNS support (#4052)mergify[bot]
Add ability to set the container network with a disable-dns setting to disable the DNS plugin that is on be default. set container network <network> no-name-server (cherry picked from commit 1d5625d572cc25a9d53247b7c41177f17845b052) Co-authored-by: Dave Vogel <dave.vogel@fullpower.com>
2024-09-11T6693: wireless: Enable WiFi-6 (802.11ax) for 2.4GHz AccessPointsAlain Lamar
(cherry picked from commit 194a14e958ad336d590ba8f076e163f6908dcddc)
2024-09-09OPENVPN: T6555: fix name to bridgefett0
(cherry picked from commit d5ae708581d453e2205ad4cf8576503f42e262b6)
2024-09-09OPENVPN: T6555: add server-bridge options in mode serverfett0
(cherry picked from commit 4acad3eb8d9be173b76fecafc32b0c70eae9b192)
2024-09-02T6681: Add option for SLAAC to support suppress Interval Advertisement in RAsHikari Kongou
(cherry picked from commit eec95109981140f1b4323bcf4526c10c6364d9ae)
2024-08-16T5794: change firewall priority in oder to be loaded after all interfaces.nicolas
(cherry picked from commit b3ae35987a860a5d2cf64dfbc156a7ee7cc799a2)
2024-07-30T6539: add logging options to load-balancer reverse-proxyJonathan Voss
(cherry picked from commit dd5908eac390294ea178953fc0e6821d803d62f6)
2024-07-26vxlan: T6505: Support VXLAN VLAN-VNI range mapping in CLI (#3756)Nataliia S
(cherry picked from commit 115e99630a317cab62c6f99e0461f6ce2c1edaf3)
2024-07-25Merge pull request #3843 from vyos/mergify/bp/sagitta/pr-3841Christian Breunig
T6599: ipsec: support disabling rekey of CHILD_SA, converge and fix defaults (backport #3841)
2024-07-23wireless: T6320: add 802.11ax at 6GHzAlain Lamar
Authored-By: Alain Lamar <alain_lamar@yahoo.de> (cherry picked from commit d5e988ba2d0fa0189feff22374c9b46eb49e2e79)
2024-07-22T6599: ipsec: support disabling rekey of CHILD_SA.Lucas Christian
Also adds support for life_bytes, life_packets, and DPD for remote-access connections. Changes behavior of remote-access esp-group lifetime setting to have parity with site-to-site connections. (cherry picked from commit fd5d7ff0b4fd69b248ecb29c6ec1f3cf844c41cf)
2024-07-03ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms optionkhramshinr
(cherry picked from commit 06e6e011cdf12e8d10cf1f6d4d848fd5db51720d)
2024-07-03T6538: Add the ability to set GENEVE interfaces to VRFViacheslav Hletenko
(cherry picked from commit 5748db4ebb4f4023f8e33d45121ff24267941cc7)
2024-06-28T6477: Add telegraf loki output pluginViacheslav Hletenko
Add Loki plugin to telegraf set service monitoring telegraf loki url xxx (cherry picked from commit 3365eb7ab99fa9a259fe440eb51e82fc0a0a4dc6)
2024-06-24T3202: Enable wireguard debug messagesNataliia Solomko
(cherry picked from commit d818788932e3c57d020cca9236df7275da452fce)
2024-06-24Merge pull request #3709 from vyos/mergify/bp/sagitta/pr-3677Christian Breunig
T5949: Add option to disable USB autosuspend (backport #3677)
2024-06-22T5949: Add option to disable USB autosuspendkhramshinr
(cherry picked from commit c0b2693cebc3429e1974a9cec5946fa88ffc0205)
2024-06-20openconnect: T6500: add support for multiple ca-certificatesChristian Breunig
Add possibility to provide a full CA chain to the openconnect server. * Support multiple CA certificates * For every CA certificate specified, always determine the full certificate chain in the background and add the necessary SSL certificates (cherry picked from commit 973f06c00b902c43dfea34bdf01bdec7c599c452)
2024-06-12bgp: T6473: missing completion helper for peer-groups inside a VRFChristian Breunig
Using BGP peer-groups inside a VRF instance will make use if the global VRFs peer-group list during tab-completion and not the peer-groups defined within the BGP instance of the given VRF. (cherry picked from commit 80ea3d53b2224676d3e9287bce80df4407fe6c01)
2024-06-11T6219: Add support for container sysctl parameter (backport #3614) (#3629)mergify[bot]
* container: T6219: Add support for container sysctl / kernel parameters (cherry picked from commit 717ea64e4c54a8be619ffc29c16c6203b29319dd) * T6219: align with system sysctl and limit parameters to supported (cherry picked from commit f030464952168b553b5b3e29b461d437c2642a9b) --------- Co-authored-by: Ben Pilgrim <ben@pilgrim.me.uk> Co-authored-by: Nicolas Vollmar <nvollmar@gmail.com>
2024-06-09Merge pull request #3605 from vyos/mergify/bp/sagitta/pr-3598Christian Breunig
reverse-proxy: T6454: Set default value of http for haproxy mode (backport #3598)
2024-06-09reverse-proxy: T6454: Set default value of http for haproxy modeAlex W
(cherry picked from commit 60d7c0ecaff49ec62f4600a460f5fbe7b26a0d9c)
2024-06-09xml: T6423: enforce priority on nodes having an ownerNataliia Solomko
(cherry picked from commit 61f8250184e927de9ab6bddc207b917bef7da42b)
2024-06-03reverse-proxy: T6434: Support additional healthcheck options (#3574) (#3577)mergify[bot]
(cherry picked from commit 3e5cc0b7fb8ae4a0f8b7c9270d9db0a0f252c448) Co-authored-by: Alex W <embezzle.dev@proton.me>
2024-05-31dns: T6422: allow multiple redundant NS recordsHaim Gelfenbeyn
NS is unlike CNAME or PTR, multiple NS records are perfectly valid and is a common use case: multiple redundant DNS servers is a common configuration and should be supported. (cherry picked from commit 19d8415512dcf87dc3a87feabf128652ffc74594)
2024-05-31conntrack: T6396: correction to helper message for custom timeout ruleGiggum
(cherry picked from commit 0c75e2470f8db900ffcac4e3c84669b6aa4580dd)
2024-05-30Merge pull request #3559 from vyos/mergify/bp/sagitta/pr-3531Christian Breunig
reverse-proxy: T6409: Remove unused backend parameters (backport #3531)
2024-05-30reverse-proxy: T6409: Remove unused backend parametersAlex W
(cherry picked from commit fb6602f431f5595b97ea3726467ec782fa50ceb8)
2024-05-30T4576: Accel-ppp logging level configurationkhramshinr
add ability to change logging level config for: * VPN L2TP * VPN PPTP * VPN SSTP * IPoE Server * PPPoE Serve (cherry picked from commit 4d84f786f64d2b80046100ead5d0e8c1eef7418c)
2024-05-30hostname: T6421: enforce explicit CLI priority for host-name and domain-nameChristian Breunig
To prevent any possible races in the future the host-name and domain-name nodes should be set with explicit priorities! (cherry picked from commit 96d0e23a32a0e1b990ce022546ed7225956a0494)
2024-05-29ISIS: T6332: Fix isis not working only ipv6fett0
(cherry picked from commit 03fd368ed263ca28c9b1b5e29f486217784d15ef)
2024-05-28T6406: rename cpus to cpuNicolas Vollmar
(cherry picked from commit 74910564f82e2837cd7eb35ea21f07601e5f8f0d)
2024-05-28T6406: add container cpu limit optionNicolas Vollmar
(cherry picked from commit 81dea053e7178b8fea836a85aacde2a38ffb9e09)
2024-05-27dhcpv6-server: T3493: add constraintGroup for prefix-delegation start/stop ↵Christian Breunig
address In addition for testing that the supplied IPv6 address ends with ::, we also verify that it's a proper IPv6 address, just in case.
2024-05-26dhcpv6-server: T3493: add proper validation for prefix-delegation start/stop ↵Christian Breunig
address ISC DHCP server expects a string: "prefix6 2001:db8:290:: 2001:db8:29f:: /64;" where the IPv6 prefix/range must be :: terminaated with a delegated prefix length at the end. This commit changes the validator that the IPv6 address defined on the CLI must always end with ::. In addition a verify() step is added to check that the stop address is greater than start address.
2024-05-24load-balancing haproxy: T6391: fix typo in timeout help (#3513) (#3514)mergify[bot]
Co-authored-by: Gregor Michels <hirnpfirsich@brainpeach.de> (cherry picked from commit 609563d6acfeafbed46b1ac5e6bd497ce097e3bc) Co-authored-by: Gregor Michels <gregor.michels@web.de>
2024-05-23reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responsesAlex W
(cherry picked from commit e1450096b4c667a4c33a3fcd8f67ebf6a39d441d)
2024-05-23nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel ↵Christian Breunig
>=5.0 random - In kernel 5.0 and newer this is the same as fully-random. In earlier kernels the port mapping will be randomized using a seeded MD5 hash mix using source and destination address and destination port. https://git.netfilter.org/nftables/commit/?id=fbe27464dee4588d906492749251454 (cherry picked from commit 7fe568ca1672f1dfbd2b56ee3ef7a6ab48b03070)
2024-05-21T6375: Fix/Update NAT loggingl0crian1
Fixed broken logging for "show log nat" Added the following commands: show log nat source show log nat source rule <ruleNum> show log nat destination nat show log nat destination nat rule <ruleNum> show log nat static show log nat static rule <ruleNum> (cherry picked from commit 5cb9b84bd9ce909460d8da7f039d9371143ede6c)
2024-05-17T6358: Add config option for host process namespaceNicolas Vollmar
(cherry picked from commit f5051de4fc034bd95677ef142423e59eae47cd2f)
2024-05-16T5756: L2TP RADIUS backup and weight settingskhramshinr
(cherry picked from commit 75d553932504c55e710265776e4865a238223e1f)
2024-05-12ethernet: T6306: add support for EVPN MH uplink/core trackingChristian Breunig
When all the underlay links go down the PE no longer has access to the VxLAN +overlay. To prevent blackholing of traffic the server/ES links are protodowned on the PE. A link can be setup for uplink tracking via the following configuration: set interfaces ethernet eth0 evpn uplink (cherry picked from commit 5565f27d15c5e7378e94aae8db8a894a12e25d7b)
2024-05-10bond: T6303: add system mac address on bondfett0
(cherry picked from commit 234f35d8bae71b5d33ad97cdabc236ec6b13c3a2)
2024-05-09sstp: T4393: Add support to configure host-name (SNI)Nataliia Solomko
(cherry picked from commit 92b468b9a0d5eee8484601568227f7c56e71b119)