Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-05-17 | T5169: Add smoketest for CGNAT | Viacheslav Hletenko | |
2024-05-16 | Merge pull request #3450 from HollyGurza/T5756 | Christian Breunig | |
T5756: L2TP RADIUS backup and weight settings | |||
2024-05-15 | T3900: add support for raw table in firewall. | Nicolas Fort | |
2024-05-15 | T5756: L2TP RADIUS backup and weight settings | khramshinr | |
2024-05-14 | smoketest: ospf: T4739: add timeout in ldp test | Christian Breunig | |
2024-05-14 | T3420: Remove service upnp | Viacheslav Hletenko | |
Remove `service upnp` as it never worked as expected, nft rules do not integrated and custom patches do not seem like a suitable solution for now. Security: UPnP has been historically associated with security risks due to its automatic and potentially unauthenticated nature. UPnP devices might be vulnerable to unauthorized access or exploitation. | |||
2024-05-12 | Merge pull request #3447 from c-po/evpn-uplink-t6306 | Daniil Baturin | |
ethernet: T6306: add support for EVPN MH uplink/core tracking | |||
2024-05-11 | ethernet: T6306: add support for EVPN MH uplink/core tracking | Christian Breunig | |
When all the underlay links go down the PE no longer has access to the VxLAN +overlay. To prevent blackholing of traffic the server/ES links are protodowned on the PE. A link can be setup for uplink tracking via the following configuration: set interfaces ethernet eth0 evpn uplink | |||
2024-05-10 | Merge pull request #3410 from fett0/T6303 | Christian Breunig | |
Bond: T6303: add system mac address on interfaces bond | |||
2024-05-10 | bond: T6303: must reset system-mac to 00:00:00:00:00:00 on deletion | Christian Breunig | |
2024-05-10 | bond: T6303: add system mac address on bond | fett0 | |
2024-05-10 | Merge pull request #3430 from c-po/bridge-T6317 | Christian Breunig | |
bridge: T6317: add dependency call for wireless interfaces | |||
2024-05-09 | sstp: T4393: Add support to configure host-name (SNI) | Nataliia Solomko | |
2024-05-08 | bridge: T6317: add dependency call for wireless interfaces | Christian Breunig | |
2024-05-07 | bgp: T6082: Allow the same local-as and remote-as in one peer group | khramshinr | |
2024-05-04 | smoketest: T6283: T6250: add testcases | Christian Breunig | |
2024-05-02 | qos: T6225: Fix qos random-detect policy | khramshinr | |
Fix default values for random-detect Remove dsmakr qdisc from gred cofig because dsmark was deleted from kernel | |||
2024-05-01 | Merge pull request #3392 from c-po/bgp-evpn-T6189 | Christian Breunig | |
bgp: T6189: L3VPN connectivity is broken after re-enabling VRF | |||
2024-05-01 | Merge pull request #3390 from c-po/kernel-smoketest | Christian Breunig | |
smoketest: T6199: remove redundant code when unpacking Kernel GZ config | |||
2024-05-01 | smoketest: T6199: remove redundant code when unpacking Kernel GZ config | Christian Breunig | |
2024-05-01 | vrf: T6189: render FRR L3VNI configuration when creating VRF instance | Christian Breunig | |
When adding and removing VRF instances on the fly it was noticed that the vni statement under the VRF instance in FRR vanishes. This was caused by a race condition which was previously designed to fix another bug. The wierd design of a Python helper below the VRF tree to only generate the VNI configuration nodes is now gone and all is rendered in the proper place. | |||
2024-05-01 | Merge pull request #3364 from natali-rs1985/T6234-current | Daniil Baturin | |
pppoe-server: T6234: PPPoE-server pado-delay refactoring | |||
2024-04-30 | haproxy: T6179: fix rule generation | Nicolas Vollmar | |
2024-04-29 | openconnect: T4982: Support defining minimum TLS version in openconnect VPN | Alex W | |
2024-04-25 | Merge pull request #3316 from HollyGurza/T4248 | Daniil Baturin | |
qos: T4248: Allow to remove the only rule from the qos class | |||
2024-04-25 | pppoe-server: T6234: PPPoE-server pado-delay refactoring | Nataliia Solomko | |
2024-04-23 | T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy ↵ | Windom WU | |
config | |||
2024-04-22 | Merge pull request #3337 from Embezzle/T6237 | Christian Breunig | |
T6237: IPSec remote access VPN: ability to set EAP ID of clients | |||
2024-04-21 | T6237: IPSec remote access VPN: ability to set EAP ID of clients | Alex W | |
2024-04-21 | smoketest: support dynamic enable of smoketest debugging | Christian Breunig | |
$ touch /tmp/vyos.smoketest.debug will enable dynamic debugging of the smoketests - showing the appropriate CLI commands on stdout | |||
2024-04-21 | T6246: improve haproxy http check configuration | Nicolas Vollmar | |
2024-04-17 | T6246: adds basic haproxy http-check configuration | Nicolas Vollmar | |
2024-04-16 | qos: T4248: Allow to remove the only rule from the qos class | khramshinr | |
2024-04-15 | T6242: load-balancing reverse-proxy: Ability for ssl backends to not verify ↵ | Alex W | |
server certificates | |||
2024-04-15 | T5535: firewall: migrate command <set system ip disable-directed-broadcast> ↵ | Nicolas Fort | |
to firewall global-optinos | |||
2024-04-13 | Merge pull request #3297 from HollyGurza/T6035 | Daniil Baturin | |
qos: T6035: QoS policy shaper queue-type random-detect requires limit avpkt | |||
2024-04-12 | qos: T6035: QoS policy shaper queue-type random-detect requires limit avpkt | khramshinr | |
Added params for configuration red on the shaper policy | |||
2024-04-12 | pppoe-server: T6141: T5364: PPPoE-server add pado-delay without sessions ↵ | Nataliia Solomko | |
fails (#3296) | |||
2024-04-11 | T5871: ipsec remote access VPN: specify "cacerts" for client auth. | Lucas Christian | |
2024-04-07 | Merge pull request #3265 from c-po/ethernet-mtu-T5862 | Daniil Baturin | |
ethernet: T5862: default MTU is not acceptable in some environments | |||
2024-04-06 | T6199: start validating smoketests against real CLI defaultValues | Christian Breunig | |
Use vyos.xml_ref.default_value to query XML default values and take them into account when validating properly applied defaults in individual smoketests instead of using hardcoded values like 443 for https port. | |||
2024-04-06 | ethernet: T5862: default MTU is not acceptable in some environments | Christian Breunig | |
There are cloud environments available where the maximum supported ethernet MTU is e.g. 1450 bytes, thus we clamp this to the adapters maximum MTU value or 1500 bytes - whatever is lower. | |||
2024-04-04 | Merge pull request #3238 from HollyGurza/T5943 | Daniil Baturin | |
bgp: T5943: BGP Peer-group members must be all internal or all external | |||
2024-04-04 | Merge pull request #3214 from nicolas-fort/T6068-kea | Daniil Baturin | |
T6068: dhcp-server: add command <set service dhcp-server high-availability mode> | |||
2024-04-04 | bgp: T5943: BGP Peer-group members must be all internal or all external | khramshinr | |
2024-04-03 | T6068: dhcp-server: add command <set service dhcp-server high-availability ↵ | Nicolas Fort | |
mode> so user can define what type of ha use: active-active or active-passive | |||
2024-04-03 | T6199: drop unused Python imports | Christian Breunig | |
found using "git ls-files *.py | xargs pylint | grep W0611" | |||
2024-04-02 | Merge pull request #3236 from c-po/pki-verify | Christian Breunig | |
configverify: T6198: add common helper for PKI certificate validation | |||
2024-04-02 | configverify: T6198: add common helper for PKI certificate validation | Christian Breunig | |
The next evolutional step after adding get_config_dict(..., with_pki=True) is to add a common verification function for the recurring task of validating SSL certificate existance in e.g. EAPoL, OpenConnect, SSTP or HTTPS. | |||
2024-04-02 | Merge pull request #3229 from c-po/multi-vrf | Christian Breunig | |
T6192: allow binding SSH to multiple VRF instances |