Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-09-28 | firewall: T5614: Add support for matching on conntrack helper | sarthurdev | |
(cherry picked from commit 81dee963a9ca3224ddbd54767a36efae5851a001) | |||
2023-09-27 | conf-mode: T5412: add support for supplemental dependency definitions | John Estabrook | |
Add support for defining config-mode dependencies in add-on packages. (cherry picked from commit d9ad551816e34f38280534ad75d267697e4f096f) | |||
2023-09-22 | op-mode: raid: T5608: define add/delete raid member | John Estabrook | |
(cherry picked from commit 2d3f3297b575f88662495e14a7c7324ff73b6bfc) | |||
2023-09-22 | vyos.utils: T5609: get disk device by partial id | John Estabrook | |
(cherry picked from commit ede0b5b1a19c37547c19d875743e78b0278628d4) | |||
2023-09-19 | utils: T5239: add low-level read from config.boot | John Estabrook | |
(cherry picked from commit 56d3f75de487c1dcfd075cf7b65cb16b6501d0ca) | |||
2023-09-19 | T5594: vrrp: extend function is_ipv6_tentative to analysis all type of ipv6 ↵ | Nicolas Fort | |
address, and not only global ipv6 address. This allows to configure ipv6 link local address on vrrp hello-source-address parameter. (cherry picked from commit b6ae59354b5d69751cc7ea75e0aa4ac0070afa47) | |||
2023-09-11 | Merge pull request #2215 from jestabro/T5353-sagitta | John Estabrook | |
config-mgmt: T5353: normalize archive updates and commit log entries | |||
2023-09-11 | vxlan: T3700: Revert change to `vyos.utils.process.cmd` | sarthurdev | |
(cherry picked from commit e46afa2c58eea2d81df84e2630a6f346f1f51c2a) | |||
2023-09-09 | vxlan: T3700: support VLAN tunnel mapping of VLAN aware bridges | Christian Breunig | |
FRR supports a new way of configuring VLAN-to-VNI mappings for EVPN-VXLAN, when working with the Linux kernel. In this new way, the mapping of a VLAN to a VNI is configured against a container VXLAN interface which is referred to as a 'Single VXLAN device (SVD)'. Multiple VLAN to VNI mappings can be configured against the same SVD. This allows for a significant scaling of the number of VNIs since a separate VXLAN interface is no longer required for each VNI. Sample configuration of SVD with VLAN to VNI mappings is shown below. set interfaces bridge br0 member interface vxlan0 set interfaces vxlan vxlan0 external set interfaces vxlan vxlan0 source-interface 'dum0' set interfaces vxlan vxlan0 vlan-to-vni 10 vni '10010' set interfaces vxlan vxlan0 vlan-to-vni 11 vni '10011' set interfaces vxlan vxlan0 vlan-to-vni 30 vni '10030' set interfaces vxlan vxlan0 vlan-to-vni 31 vni '10031' (cherry picked from commit 7f6624f5a6f8bd1749b54103ea5ec9f010adf778) | |||
2023-09-08 | config-mgmt: T5556: fix bug in revision to archive update | John Estabrook | |
(cherry picked from commit fd5517b38191f5bb5897912ef62f5a8d1156b7b3) | |||
2023-09-08 | config-mgmt: T5353: after updated save-config, one can include init rev | John Estabrook | |
The legacy config-mgmt/save-config tools had an abiding bug that would raise an error if comparing/reading the init archive; this is no longer an issue. (cherry picked from commit 52e4b4431ef440f0cffb570ca61c428c78699ee6) | |||
2023-09-08 | config-mgmt: T5353: correct update check during boot | John Estabrook | |
(cherry picked from commit 730e744931e4ccc1f214d3e5bff0e6a2e589fd50) | |||
2023-09-08 | config-mgmt: T5353: only add log entry if archiving | John Estabrook | |
(cherry picked from commit 73e317bee57c03b719019daabd578842d912b761) | |||
2023-09-06 | interface: T5550: Interface source-validation priority over global value | sarthurdev | |
- Migrate IPv4 source-validation to nftables - Interface source-validation value takes priority, fallback to global value | |||
2023-09-04 | T5533: Fix VRRP IPv6 group enters in FAULT state | Viacheslav Hletenko | |
Checks if an IPv6 address on a specific network interface is in the tentative state. IPv6 tentative addresses are not fully configured and are undergoing Duplicate Address Detection (DAD) to ensure they are unique on the network. inet6 2001:db8::3/125 scope global tentative It tentative state the group enters in FAULT state. Fix it | |||
2023-08-31 | Merge pull request #2190 from sarthurdev/T4782 | Christian Breunig | |
eapol: T4782: Support multiple CA chains | |||
2023-08-31 | eapol: T4782: Support multiple CA chains | sarthurdev | |
2023-08-28 | T5519: Fix `vyos.utils.process.call` hangs | Yuxiang Zhu | |
See https://vyos.dev/T5519 for more information. | |||
2023-08-25 | interface: T3509: Add per-interface IPv6 source validation | sarthurdev | |
2023-08-23 | save-config: T4292: rewrite vyatta-save-config.pl to Python | John Estabrook | |
2023-08-23 | Merge pull request #2162 from nicolas-fort/T5472 | Christian Breunig | |
T5472: nat redirect: allow redirection without defining redirected port | |||
2023-08-23 | vrf: T5428: move helpers to common vyos.utils.network module | Christian Breunig | |
Helper functions can and will be re-use din different code places. | |||
2023-08-23 | Merge pull request #2142 from nicolas-fort/T5450 | Christian Breunig | |
T5450: allow inverted matcher for interface and interface-group | |||
2023-08-23 | T5472: nat redirect: allow redirection without defining redirected port | Nicolas Fort | |
2023-08-23 | T5450: update smoketest and interface definition in order to work with new ↵ | Nicolas Fort | |
firewall cli | |||
2023-08-23 | Merge pull request #2156 from giga1699/T5447 | Christian Breunig | |
T5447: Initial support for MACsec static keys | |||
2023-08-20 | T5447: Remove redundant self.set_admin_state | Giga Murphy | |
2023-08-20 | T5447: Update copyright years | Giga Murphy | |
2023-08-20 | T5447: Corrected comment in _create header | Giga Murphy | |
2023-08-20 | T5447: Corrected comment for interface down | Giga Murphy | |
2023-08-20 | T5447: Implement maintainer feedback | Giga Murphy | |
2023-08-18 | T5447: Initial support for MACsec static keys | Giga Murphy | |
2023-08-17 | Merge pull request #2130 from aapostoliuk/T5409-sagitta | Christian Breunig | |
wireguard: T5409: Added 'set interfaces wireguard wgX threaded' | |||
2023-08-17 | wireguard: T5409: rename threaded CLI not to per-client-thread | Christian Breunig | |
Using threaded as CLI node is a very deep term used by kernel threads. To make this more understandable to users, rename the node to per-client-thread. It's also not necessary to test if any one peer is configured and probing if the option is set. There is a base test which requires at least one peer to be configured. | |||
2023-08-12 | Merge pull request #2117 from zdc/T5410-sagitta | Daniil Baturin | |
utils: T5410: Extended supported types in `convert_data()` | |||
2023-08-11 | ipv6: T5464: add support for per-interface dad (duplicate address detection) ↵ | Christian Breunig | |
setting | |||
2023-08-11 | ipv6: T5464: use proper XML default for DAD transmits | Christian Breunig | |
This is only a cosmetic change so that the default value is properly retrieved from the defaultValue XML node. | |||
2023-08-11 | T5160: firewall refactor: move <set firewall ipv6 ipv6-name ...> to <set ↵ | Nicolas Fort | |
firewall ipv6 name ...> . Also fix some unexpected behaviour with geoip. | |||
2023-08-11 | T5160: firewal refactor: fix tabulation for geo-ip parsing code. Typo fix in ↵ | Nicolas Fort | |
firewall smoketest | |||
2023-08-11 | T5160: firewall refactor: change firewall ip to firewall ipv4 | Nicolas Fort | |
2023-08-11 | T5160: firewall refactor: re-add missing code in template.py which was ↵ | Nicolas Fort | |
accidentaly removed. Update smokestest: remove zone test and fix test_sysfs test | |||
2023-08-11 | T5160: firewall refactor: new cli structure. Update jinja templates, python ↵ | Nicolas Fort | |
scripts and src firewall | |||
2023-08-10 | T5434: use get_defaults instead of defaults | John Estabrook | |
2023-08-10 | T5434: remove unneeded import | John Estabrook | |
2023-08-10 | T5434: replace import of component_version | John Estabrook | |
2023-08-10 | xml: T5218: fix typo in component_version | John Estabrook | |
2023-08-09 | pki: T5273: add a certificate fingerprint command | Daniil Baturin | |
2023-08-09 | xml: T5452: catch lib errors in generate_cache | John Estabrook | |
2023-08-09 | T5453: nat66: exclude checks for nat load-balance when using ipv6 while ↵ | Nicolas Fort | |
parsing nat rules. | |||
2023-08-09 | Merge pull request #2136 from jestabro/with-defaults | Christian Breunig | |
T5319: remove workarounds for incorrect defaults in config-mode scripts |