Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-01-19 | nat: T2947: add many-many translation | Christian Poessinger | |
Support a 1:1 or 1:n prefix translation. The following configuration will NAT source addresses from the 10.2.0.0/16 range to an address from 192.0.2.0/29. For this feature to work a Linux Kernel 5.8 or higher is required! vyos@vyos# show nat source { rule 100 { outbound-interface eth1 source { address 10.2.0.0/16 } translation { address 192.0.2.0/29 } } } This results in the nftables configuration: chain POSTROUTING { type nat hook postrouting priority srcnat; policy accept; oifname "eth1" counter packets 0 bytes 0 snat ip prefix to ip saddr map { 10.2.0.0/16 : 192.0.2.0/29 } comment "SRC-NAT-100" } | |||
2021-01-17 | smoketest: bridge: T3226: Repair bridge smoke test damage | jack9603301 | |
2021-01-17 | bridge: T3137: Fix variable errors in VLAN sensor bridge configuration program | jack9603301 | |
2021-01-16 | vyos.configdict: node_changed() now accepts key mangling parameter | Christian Poessinger | |
2021-01-16 | bridge: T3137: Support disable native VLAN | jack9603301 | |
2021-01-16 | Merge pull request #677 from jack9603301/T3137 | Christian Poessinger | |
bridge: T3137: Let VLAN aware bridge approach the behavior of professional equipment | |||
2021-01-15 | tunnel: T3173: path MTU discovery option should be valueless | Christian Poessinger | |
2021-01-15 | bridge: T3137: Delete blank lines | jack9603301 | |
2021-01-15 | bridge: T3137: Better implementation of VLAN aware Bridge | jack9603301 | |
2021-01-15 | bridge: T3137: Let VLAN aware bridge approach the behavior of professional ↵ | jack9603301 | |
equipment According to the consensus, the specific behavior of a VLAN aware bridge should conform to the behavior of professional equipment. This commit makes a significant change to the behavior of VLAN aware bridge, and has the following behaviors: 1. Disable `vif 1` configuration 2. When the VLAN aware bridge is enabled, the parent interface is always VLAN 1 3. When `native-vlan` is not configured, the default behavior of the device is `native-vlan 1` 4. The VLAN ids forwarded by the bridge are determined by `vif` 5. It has an `enable-vlan` node to enable VLAN awareness 6. VLAN configuration is allowed only when VLAN aware bridge is activated | |||
2021-01-13 | ifconfig: T2653: return empty string when there is no interface description | Christian Poessinger | |
After switching to iproute2 in commit 92f36735 ("ifconfig: T2653: use iproute2 commands for alias, mac and mtu set()/get()" it is necessary to return an empty string as iproute2 returns None. | |||
2021-01-12 | ifconfig: T2653: use iproute2 commands for alias, mac and mtu set()/get() | Christian Poessinger | |
2021-01-12 | tunnel: T3205: bugfix gre-bridge interfaces | Christian Poessinger | |
2021-01-07 | vyos.configverify: provide generic helper to check for interface existence | Christian Poessinger | |
2021-01-07 | login: radius: T3192: migrate to get_config_dict() | Christian Poessinger | |
2021-01-06 | dhcpv6-pd: verify: T3193: detect conflict between auto-assigned and ↵ | Brandon Stepler | |
configured SLA-IDs "data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on lines 39, 46, and 52. | |||
2021-01-06 | dhcpv6-pd: verify: T3193: allow multiple auto-assigned SLA-IDs | Brandon Stepler | |
"data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on lines 39, 46, and 52. | |||
2021-01-06 | dhcpv6-pd: verify: T3193: allow more than one VLAN interface | Brandon Stepler | |
VLAN interfaces contain periods, which make them incompatible with dict_search(). | |||
2021-01-06 | ifconfig.interface: use Python3 f-ormat string | Christian Poessinger | |
2021-01-05 | vyos.validate: import cleanup | Christian Poessinger | |
2021-01-04 | mirror: T3089: bugfix is_mirror_intf code path | Christian Poessinger | |
2021-01-03 | mirror: add verify() check so we can not mirror back to our self | Christian Poessinger | |
2021-01-03 | mirror: T3089: remove redundant code paths | Christian Poessinger | |
- remove redundant code paths apply_mirror() / apply_mirror_of_monitor() - have single source available | |||
2021-01-02 | ethernet: T3171: always use full CPU enable bitmask over computational mask | Christian Poessinger | |
The Linux Kernel supports enabling more cores for RPS then we actually have. It does internal clipping/validation so there is no need for us to calculate the specifc enable mask we can simply throw "all -1" at the Kernel. | |||
2021-01-02 | ifconfig: ethernet: fixup line breaks | Christian Poessinger | |
2021-01-01 | ethernet: T3171: add CLI option to enable RPS (Receive Packet Steering) | Christian Poessinger | |
set interfaces ethernet <interface> offload rps | |||
2020-12-29 | ethernet: T1466: add EAPoL support | Christian Poessinger | |
2020-12-28 | webproxy: T563: squidguard: support default ruleset | Christian Poessinger | |
2020-12-26 | mirror: T3150: When configuring QOS, the setting procedure of port mirroring ↵ | jack9603301 | |
is wrong In e8957b5, we used json to parse the `tc qdisc` filter to determine whether it needs to be deleted (reduction of exception mechanism), but now we find that the json output by this command will output unparsed json in some cases, so We have to go back to the processing of the exception mechanism | |||
2020-12-23 | xdp: T2666: move CLI node to "interfaces ethernet <eth> xdp" | Christian Poessinger | |
2020-12-20 | ethernet: T3140: remove debug code | Christian Poessinger | |
2020-12-20 | Revert "dhcpv6: T3134: add missing duid support" | Christian Poessinger | |
This reverts commit 9541355433e202fade4692851bffa33ba9d48f44. | |||
2020-12-20 | ethernet: T3140: relax "ethernet offload-options" CLI definition | Christian Poessinger | |
Migrate from ethernet eth1 { offload-options { generic-receive on generic-segmentation on scatter-gather on tcp-segmentation on udp-fragmentation on } } to ethernet eth1 { offload { ufo tso sg gso gro } } | |||
2020-12-20 | wifi: T2875: support bridging of wireless AP interface | Christian Poessinger | |
2020-12-20 | dhcpv6: T3134: add missing duid support | Christian Poessinger | |
2020-12-19 | xdp: T2666: switch to example code provided by xdp-tutorial | Christian Poessinger | |
2020-12-17 | ifconfig: T2653: switch to Python3 f(ormatted) strings | Christian Poessinger | |
2020-12-17 | xdp: T2666: use generic "xdp" option when loading | Christian Poessinger | |
Using 'xdp' will automatically decide if the driver supports 'xdpdrv' or only 'xdpgeneric'. A user later sees which driver is actually in use by calling 'ip a' or 'show interfaces ethernet'. | |||
2020-12-17 | xdp: T2666: initial XDP (generic mode) forwarding support | Christian Poessinger | |
The CLI command 'set interfaces ethernet <interface> offload-options xdp" enables the XDP generic mode on the given interface. vyos@vyos:~$ show interfaces ethernet eth1 eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 xdpgeneric/id:151 qdisc mq state DOWN group default qlen 1000 link/ether 00:50:56:bf:ef:aa brd ff:ff:ff:ff:ff:ff inet6 fe80::250:56ff:febf:efaa/64 scope link tentative valid_lft forever preferred_lft forever Description: fooa XDP code is thankfully copied from [1], thank you for this nice tutorial. NOTE: this is an experimental feature which might break your forwarding/filtering. [1]: https://medium.com/swlh/building-a-xdp-express-data-path-based-peering-router-20db4995da66 | |||
2020-12-14 | interface: mirror: T3089: Improve logic to reduce unnecessary lines of code | jack9603301 | |
2020-12-13 | interfaces: mirror: T3089: Fix the dependency problem between interfaces | jack9603301 | |
Since the dependency problem has not been solved before, if the monitoring interface does not exist when the mirror rule is created, the execution will be abnormal | |||
2020-12-13 | interfaces: T3114: Modify the logic of the second addition to complete the ↵ | jack9603301 | |
setting and streamline the code | |||
2020-12-13 | interfaces: T3114: Improve VLAN ID setting logic in `bridge` | jack9603301 | |
2020-12-13 | interfaces: T3114: When the VLAN aware option is not detected, the setting ↵ | jack9603301 | |
of `bridge` should not be overwritten | |||
2020-12-13 | interfaces: T3114: Improve the processing of enabling logic for ↵ | jack9603301 | |
`vlan_filter` to avoid redundant paths | |||
2020-12-13 | interfaces: T3114: Remove some redundant code | jack9603301 | |
2020-12-13 | interfaces: T3114: Fix VLAN-aware bridge setting failure | jack9603301 | |
2020-12-08 | Merge pull request #633 from jack9603301/T3089 | Christian Poessinger | |
mirror: T3089: support two-way traffic mirroring | |||
2020-12-08 | mirror: T3089: support two-way traffic mirroring | jack9603301 | |
2020-12-07 | vyos.ifconfig: T1579: keep IPv6 link-local address on reconfiguration #2 | Christian Poessinger | |
This is the second attempt after commit d247736f ("vyos.ifconfig: T1579: do not remove IPv6 link-local address on reconfiguration"). We only clean out link-local IPv6 addresses left over after an interface MAC change. |