summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2022-10-17ssh: T4720: Ability to configure SSH-server HostKeyAlgorithmsViacheslav Hletenko
Ability to configure SSH-server HostKeyAlgorithms. Specifies the host key signature algorithms that the server offers. Can accept multiple values.
2022-10-14login: 2fa: T874: fix Google authenticator issuesChristian Poessinger
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos'
2022-10-13T4739: OSPF segment routing being refactoredCheeze_It
2022-10-13T4739: ISIS segment routing being refactoredCheeze_It
2022-10-13monitoring: T4312: Ability to set IP address in the URLViacheslav Hletenko
Use common "url.xml" which allow URL as domain name or IP entrie
2022-10-12Merge pull request #1555 from goodNETnick/ssh_otpChristian Poessinger
system login: T874: add 2FA support for local and ssh authentication
2022-10-11system login: T874: add 2FA support for local and ssh authenticationgoodNETnick
2022-10-11xml: ospf: isis: T4739: merge include files for MPLS segment-routingChristian Poessinger
2022-10-11Merge pull request #1574 from Cheeze-It/currentChristian Poessinger
isis: T4739: ISIS segment routing being refactored
2022-10-11Merge pull request #1547 from initramfs/current-limiter-actionsChristian Poessinger
qos: T4688: add xml template for limiter actions
2022-10-11isis: T4739: ISIS segment routing being refactoredCheeze_It
This is to refactor ISIS segment routing to match up with OSPF segment routing.
2022-10-10Merge pull request #1577 from sarthurdev/T4741Christian Poessinger
firewall: policy: T4741: T4742: Verify zone `from` is defined, autocomplete policy route tables
2022-10-10Merge pull request #1563 from sever-sever/T4716Christian Poessinger
ssh: T4716: Ability to configure RekeyLimit data and time
2022-10-10policy: T4742: Add policy route table auto-completesarthurdev
2022-10-10ssh: T4716: Ablity to configure RekeyLimit data and timeViacheslav Hletenko
Ability to configure SSH RekeyLimit data (in Megabytes) and time (in Minutes) set service ssh rekey data 1024 set service ssh rekey time 60
2022-10-09firewall: T3907: Fix firewall state-policy loggingsarthurdev
When log-level was introduced node `state-policy x log` was removed without migrator. This commit adds it back and improves log handling.
2022-10-08firewall: T4612: Support arbitrary netmasksRain
Add support for arbitrary netmasks on source/destination addresses in firewall rules. This is particularly useful with DHCPv6-PD when the delegated prefix changes periodically.
2022-10-07Merge pull request #1572 from Cheeze-It/currentChristian Poessinger
ospf: T4707: Add OSPF segment routing for FRR
2022-10-07Merge branch 'current' into radius-rate-limit-compChristian Poessinger
2022-10-06ospf: T4707: Add OSPF segment routing for FRRCheeze_It
In this commit we add OSPF segment routing, smoke tests, handlers, FRR template changes, and CLI commands.
2022-10-06xml: T4722: radius: remove superfluous "default" help stringChristian Poessinger
vyos-1x automatically adds a "(default: ...)" hint to the CLI help if the <defaultValue> XML tag is used. No need to specify this manually.
2022-10-06Merge pull request #1567 from aapostoliuk/T4660-sagittaChristian Poessinger
policy: T4660: Changed CLI syntax in route-map set community
2022-10-06T4727: add support for RADIUS rate limiting to PPTP (#1570)Daniil Baturin
2022-10-03T4726: add completion help and validation for accel-ppp vendor optionDaniil Baturin
2022-10-03policy: T4660: Changed CLI syntax in route-map set communityaapostoliuk
Changed CLI syntax in route-map set community, set large-community, set extcommunity Allows to add multiple communities, large-communities and extcommunities in clear view. Added new well-known communities. Added non-transitive feature in extcommunities. Fixed community's validators.
2022-10-01T4722: consistently use the "RADIUS" spelling for the RADIUS protocolDaniil Baturin
2022-09-30bgp: evpn: T1315: add route-target CLI node <multi/> propertyChristian Poessinger
FRR supports multiple route-targets to be used for import/export: address-family l2vpn evpn route-target import 20:10 route-target import 20:11 route-target import 20:12 route-target import 40:40 route-target export 1:2 route-target export 1:3 route-target export 40:40 exit-address-family Thus the <multi/> property is added to the relevant CLI nodes.
2022-09-28Merge pull request #1561 from sever-sever/T4715Christian Poessinger
login: T4715: Auto logout user after inactivity
2022-09-28ids: T4557: Update xml-component-versionViacheslav Hletenko
2022-09-28login: T4715: Auto logout user after inactivityViacheslav Hletenko
Ability to terminate interactive sessions (TTY/PTS) after a period of inactivity. set system login timeout '300'
2022-09-28conserver: T4717: Support for setting a name for console-server devicesWilliam Hughes
This adds a new 'alias' property to the console-server device definition to allow users to connect to a console using a human-readable name rather than just the device name. For a configuration like: service { console-server { device ttyUSB0 { speed 115200 alias my-server } } } Users can connect either by doing `connect console ttyUSB0`, or `connect console my-server`. Names: * Must be unique * Are limited to 128 characters * Are optional - if not specified, only the `connect console ttyX` form can be used
2022-09-27Merge pull request #1560 from nicolas-fort/T4700Christian Poessinger
T4700: Firewall: add interface matching criteria
2022-09-26Merge pull request #1545 from sever-sever/T4557Christian Poessinger
ids: T4557: Migrate threshold and add new threshold types
2022-09-26ids: T4557: Migrate threshold and add new threshold typesViacheslav Hletenko
Migrate "service ids ddos-protection threshold xxx" to "service ids ddos-protection general threshold xxx" Add new threshold types: set service ids ddos-protection threshold tcp xxx set service ids ddos-protection threshold udp xxx set service ids ddos-protection threshold icmp xxx
2022-09-26T4700: Firewall: add interface matching criteriaNicolas Fort
2022-09-25interfaces: T4709: raise minimum TCP MSS clamping valueinitramfs
This commit raises the minimum TCP MSS clamping range to the MSS value corresponding to the minimum packet size that must be accepted for IPv4.
2022-09-22xml: T4698: validating a range must be explicitly enabled in the validatorChristian Poessinger
This extends commit 28573ffe4f ("xml: T4698: drop validator name="range" and replace it with numeric"). The first version allowed both a range and discrete numbers to be validated by the numeric validator. This had a flaw as both 22 and 22-30 were valid at the same time. The generic "port-number.xml.i" building block only allows a discrete number. Now if a user set port 22-30 for e.g. SSH the daemon did no longer start. This is why range validation must be explicitly enabled.
2022-09-22Merge pull request #1521 from sever-sever/T3476Christian Poessinger
update-check: T3476: Allow update-check for VyOS images
2022-09-22telegraf: T4680: fix prometheus client listen-address invalid formatKyleM
2022-09-21Merge pull request #1553 from nicolas-fort/return-actionChristian Poessinger
T4699: Firewall: Add return action
2022-09-21T4699: Firewall: Add return action, since jump action was added recentlyNicolas Fort
2022-09-21ipoe: T4678: T4703: rewrite to get_config_dict()Christian Poessinger
In addition to the rewrite to make use of get_config_dict() the CLI is slightly adjusted as specified in T4703. * Rename vlan-id and vlan-range to simply vlan * Rename network-mode to simply mode * Re-use existing common Jinja2 template for Accel-PPP which are shared with PPPoE and SSTP server. * Retrieve default values via defaultValue XML node
2022-09-20xml: firewall: T2199: improve interface help stringChristian Poessinger
2022-09-20xml: ipsec: T1210: add valueHelp and constraint for remote-access connection ↵Christian Poessinger
name
2022-09-20xml: ipsec: T3093: add valueHelp and constraint for profile nameChristian Poessinger
2022-09-17Merge pull request #1546 from nicolas-fort/fwall-jumpChristian Poessinger
T4699: Firewall: Add jump action in firewall ruleset
2022-09-17qos: T4688: add xml template for limiter actionsinitramfs
2022-09-17pppoe-server: T4703: combine vlan-id and vlan-range into single CLI nodeChristian Poessinger
The initial Accel-PPP PPPoE implementation used: set service pppoe-server interface <name> vlan-id <id> set service pppoe-server interface <name> vlan-range <start-stop> This is actually a duplicated CLI node.
2022-09-16Merge pull request #1463 from sever-sever/T4118Daniil Baturin
ipsec: T4118: Change vpn ipsec syntax for IKE ESP and peer
2022-09-16T4699: Firewall: Add jump action in firewall rulestNicolas Fort