Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-06-24 | smoketest: T6510: ensure one cannot delete the current user in "system login" | Christian Breunig | |
(cherry picked from commit 4c7719efa27d9d2966b70b924c90aa2c90022388) | |||
2024-06-19 | macsec: T5447: fix error message syntax - there is no tx and rx key, only key | Christian Breunig | |
(cherry picked from commit f29caa824c02c833a3978b9236391e4277c1a6ba) | |||
2024-06-13 | Merge pull request #3639 from natali-rs1985/T5487-current | Daniil Baturin | |
openvpn: T5487: Remove deprecated option --cipher for server and client mode | |||
2024-06-11 | openvpn: T5487: Remove eprecated option --cipher for server and client mode | Nataliia Solomko | |
2024-06-11 | firewall: T3900: fix migration and smoketests | Christian Breunig | |
Commit 770edf016838523 ("T3900: T6394: extend functionalities in firewall") changed the position in the CLI for conntrack timeout. This lead to failing smoketests because of a regression in the migrator. | |||
2024-06-10 | Merge pull request #3606 from c-po/utils-cpu-T5195 | Christian Breunig | |
vyos.utils: T5195: import vyos.cpu to this package | |||
2024-06-10 | T6219: align with system sysctl and limit parameters to supported | Nicolas Vollmar | |
2024-06-10 | container: T6219: Add support for container sysctl / kernel parameters | Ben Pilgrim | |
2024-06-10 | vyos.utils: T5195: import vyos.cpu to this package | Christian Breunig | |
The intention of vyos.utils package is to have a common ground for repeating actions/helpers. This is also true for number of CPUs and their respective core count. Move vyos.cpu to vyos.utils.cpu | |||
2024-06-06 | Merge pull request #3578 from nicolas-fort/raw-hook | Daniil Baturin | |
T3900: Add support for raw tables in firewall | |||
2024-06-05 | Merge pull request #3571 from fett0/T6429 | Daniil Baturin | |
isis: T6429: fix isis metric-style configuration missing | |||
2024-06-04 | ISIS: T6332: add smoketest option | fett0 | |
2024-06-04 | T3900: T6394: extend functionalities in firewall; move netfilter sysctl ↵ | Nicolas Fort | |
timeout parameters defined in conntrack to firewall global-opton section. | |||
2024-06-03 | reverse-proxy: T6434: Support additional healthcheck options (#3574) | Alex W | |
2024-05-31 | Merge pull request #3557 from haimgel/T6422/allow-multiple-ns-records | Christian Breunig | |
dns: T6422: allow multiple redundant NS records | |||
2024-05-31 | T5307: QoS - traffic-class-map services (#3492) | Roman Khramshin | |
added new syntax to work with class match filters in QoS policy | |||
2024-05-30 | T6422: Smoke test for NS record configration in authoritative DNS, typo & ↵ | Haim Gelfenbeyn | |
style fixes | |||
2024-05-30 | Merge pull request #3510 from HollyGurza/T4576 | Daniil Baturin | |
T4576: Accel-ppp logging level configuration | |||
2024-05-30 | Merge pull request #3546 from c-po/haproxy | Christian Breunig | |
reverse-proxy: T6419: build full CA chain when verifying backend server | |||
2024-05-29 | reverse-proxy: T5231: better mark v4v6 listen any address | Christian Breunig | |
haproxy supports both ":::80 v4v6" and "[::]:80 v4v6" as listen statement, where the later one is more humand readable. Both act in the same way. | |||
2024-05-29 | Merge pull request #3534 from sever-sever/T6411 | Daniil Baturin | |
T6411: CGNAT fix sequences for external address ranges | |||
2024-05-29 | Merge pull request #3537 from fett0/T6332 | Christian Breunig | |
ISIS: T6332: Fix isis not working only ipv6 | |||
2024-05-29 | ISIS: T6332: Fix isis not working only ipv6 | fett0 | |
2024-05-28 | Merge pull request #3529 from HollyGurza/T5786 | Christian Breunig | |
T5786: Add set/show system image to /image endpoint | |||
2024-05-28 | T6411: CGNAT fix sequences for external address ranges | Viacheslav Hletenko | |
Fix the bug where address external alocation was not rely on sequences of the external IP addresses (if set) | |||
2024-05-28 | T6406: rename cpus to cpu | Nicolas Vollmar | |
2024-05-28 | T6406: add container cpu limit option | Nicolas Vollmar | |
2024-05-27 | T6406: check for required kernel config | Nicolas Vollmar | |
2024-05-27 | T5786: Add set/show system image to /image endpoint | khramshinr | |
2024-05-27 | T4576: Accel-ppp logging level configuration | khramshinr | |
add ability to change logging level config for: * VPN L2TP * VPN PPTP * VPN SSTP * IPoE Server * PPPoE Serve | |||
2024-05-26 | smoketest: T6395: check for VFIO options to be present | Christian Breunig | |
2024-05-23 | Merge pull request #3487 from Embezzle/T6370 | Christian Breunig | |
reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses | |||
2024-05-22 | nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel ↵ | Christian Breunig | |
>=5.0 random - In kernel 5.0 and newer this is the same as fully-random. In earlier kernels the port mapping will be randomized using a seeded MD5 hash mix using source and destination address and destination port. https://git.netfilter.org/nftables/commit/?id=fbe27464dee4588d906492749251454 | |||
2024-05-21 | reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses | Alex W | |
2024-05-21 | T6373: QoS Policy Limiter - classes for marked traffic do not work | khramshinr | |
2024-05-18 | Merge pull request #3479 from sever-sever/T5169 | Daniil Baturin | |
T5169: Add smoketest for CGNAT | |||
2024-05-17 | T5169: Add smoketest for CGNAT | Viacheslav Hletenko | |
2024-05-17 | T6358: Add config option for host process namespace | Nicolas Vollmar | |
2024-05-16 | Merge pull request #3450 from HollyGurza/T5756 | Christian Breunig | |
T5756: L2TP RADIUS backup and weight settings | |||
2024-05-15 | T3900: add support for raw table in firewall. | Nicolas Fort | |
2024-05-15 | T5756: L2TP RADIUS backup and weight settings | khramshinr | |
2024-05-14 | smoketest: ospf: T4739: add timeout in ldp test | Christian Breunig | |
2024-05-14 | T3420: Remove service upnp | Viacheslav Hletenko | |
Remove `service upnp` as it never worked as expected, nft rules do not integrated and custom patches do not seem like a suitable solution for now. Security: UPnP has been historically associated with security risks due to its automatic and potentially unauthenticated nature. UPnP devices might be vulnerable to unauthorized access or exploitation. | |||
2024-05-12 | Merge pull request #3447 from c-po/evpn-uplink-t6306 | Daniil Baturin | |
ethernet: T6306: add support for EVPN MH uplink/core tracking | |||
2024-05-11 | ethernet: T6306: add support for EVPN MH uplink/core tracking | Christian Breunig | |
When all the underlay links go down the PE no longer has access to the VxLAN +overlay. To prevent blackholing of traffic the server/ES links are protodowned on the PE. A link can be setup for uplink tracking via the following configuration: set interfaces ethernet eth0 evpn uplink | |||
2024-05-10 | Merge pull request #3410 from fett0/T6303 | Christian Breunig | |
Bond: T6303: add system mac address on interfaces bond | |||
2024-05-10 | bond: T6303: must reset system-mac to 00:00:00:00:00:00 on deletion | Christian Breunig | |
2024-05-10 | bond: T6303: add system mac address on bond | fett0 | |
2024-05-10 | Merge pull request #3430 from c-po/bridge-T6317 | Christian Breunig | |
bridge: T6317: add dependency call for wireless interfaces | |||
2024-05-09 | sstp: T4393: Add support to configure host-name (SNI) | Nataliia Solomko | |