Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-08-31 | [l2tp ipsec] T1605: Changed ipsec marking only for inbound policy, all ↵ | DmitriyEshenko | |
functionality must saved | |||
2019-08-30 | Python/ifconfig: rename interfaceconfig.py -> ifconfig.py | Christian Poessinger | |
2019-08-28 | bridge: T1615: add missing support for DHCP/DHCPv6 interface address | Christian Poessinger | |
This feature is not well supported by pyroute2 and thus uses the proof-of-concept vyos.interfaceconfig library. Maybe it's a better idea to write our own library from scratch. | |||
2019-08-27 | openvpn: T1617: bugfix for server push-route | Christian Poessinger | |
2019-08-27 | Merge branch 't1614-bonding' into current | Christian Poessinger | |
* t1614-bonding: Python/VyOS validate: add is_ip() to check for IPv4 or IPv4 address bridge: T1556: remove unused function freeze() list-interfaces: T1614: support listing interfaces which can be bonded | |||
2019-08-27 | [service https] T1443: Correct the use of listen/server_name directives | John Estabrook | |
2019-08-27 | bridge: T1556: remove unused function freeze() | Christian Poessinger | |
2019-08-27 | dummy: T1580: migrate implementation to pyroute2 | Christian Poessinger | |
2019-08-26 | Merge pull request #118 from c-po/pyroute2 | Christian Poessinger | |
loopback: T1601: migrate to pyroute2 | |||
2019-08-26 | loopback: T1601: migrate to pyroute2 | Christian Poessinger | |
2019-08-26 | bridge: T1556: fix comment | Christian Poessinger | |
2019-08-26 | Merge pull request #117 from c-po/pyroute2 | Christian Poessinger | |
bridge: T1556: migrate to pyroute2 | |||
2019-08-26 | bridge: T1556: migrate interface configuration to pyroute2 | Christian Poessinger | |
Tested with: set interfaces bridge br0 address '192.0.2.1/24' set interfaces bridge br0 aging '500' set interfaces bridge br0 disable-link-detect set interfaces bridge br0 forwarding-delay '11' set interfaces bridge br0 hello-time '5' set interfaces bridge br0 igmp querier set interfaces bridge br0 max-age '11' set interfaces bridge br0 member interface eth1 cost '1000' set interfaces bridge br0 member interface eth1 priority '4' set interfaces bridge br0 member interface eth2 cost '1001' set interfaces bridge br0 member interface eth2 priority '56' | |||
2019-08-26 | T1598: make dns_forwarding.py retrieve name servers from vyos-hostsd. | Daniil Baturin | |
2019-08-26 | bridge: T1608: deny adding non existing interfaces to bridge config | Christian Poessinger | |
2019-08-26 | bridge: T1556: reword exception error when beeing member of multiple bridges | Christian Poessinger | |
2019-08-23 | [dummy] T1609 migrate to vyos.interfaceconfig, adding check ip-cidr, adding ↵ | DmitriyEshenko | |
vyos.interfaceconfig common ipv4/ipv6 functions | |||
2019-08-23 | [dummy] T1609 Fixing dummy interface state | DmitriyEshenko | |
2019-08-21 | dummy: T1580: remove superfluous if statements | Christian Poessinger | |
2019-08-21 | bridge: T1556: remove superfluous if statements | Christian Poessinger | |
2019-08-21 | loopback: T1601: rewrite using XML/Python definitions | Christian Poessinger | |
2019-08-21 | T1598: redo host_name.py to use vyos-hostsd. | Daniil Baturin | |
2019-08-20 | powerdns: T1595: remove 'listen-on' CLI option | Christian Poessinger | |
2019-08-20 | powerdns: T1524: support setting allow-from network | Christian Poessinger | |
Netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from RFC 1918 private IP addresses. Due to the aggressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer. https://docs.powerdns.com/recursor/settings.html#allow-from Imagine an ISP network with non RFC1918 IP adresses - they can't make use of PowerDNS recursor. As of now VyOS hat allow-from set to 0.0.0.0/0 and ::/0 which created an open resolver. If there is no allow-from statement a config-migrator will add the appropriate nodes to the configuration, resulting in: service { dns { forwarding { allow-from 0.0.0.0/0 allow-from ::/0 cache-size 0 ignore-hosts-file listen-address 192.0.2.1 } } } | |||
2019-08-19 | dummy: T1580: rewrite in new style XML/Python | Christian Poessinger | |
2019-08-19 | openvpn: T1548: remove authy 2fa provider | Christian Poessinger | |
According to https://github.com/twilio/authy-openvpn commit 3e5dc73: > This plugin is no longer actively maintained. If you're interested in becoming a maintainer, we welcome forks of this project. In addition this plugin was always missing in the current branch ov VyOS and did not make it into VyOS 1.2 (crux) If 2FA for OpenVPN is required we should probably opt for Google Authenticator or if possible a U2F device. | |||
2019-08-18 | openvpn: T1548: support creating L2 bridges | Christian Poessinger | |
2019-08-17 | openvpn: T1548: fix generated topology statement for 'server point-to-point' | Christian Poessinger | |
2019-08-17 | openvpn: T1548: don't generate config if instance is disabled | Christian Poessinger | |
2019-08-17 | openvpn: T1548: fix generated client subnet mask for topology 'server' | Christian Poessinger | |
2019-08-17 | openvpn: T1548: widen generated folder permission to 755 | Christian Poessinger | |
2019-08-17 | openvpn: T1548: add description to generated config file | Christian Poessinger | |
2019-08-17 | openvpn: T1548: fix enable/disable of entire interface | Christian Poessinger | |
2019-08-17 | Merge pull request #107 from c-po/t1548-openvpn | Christian Poessinger | |
T1548 openvpn | |||
2019-08-17 | openvpn: T1548: remove debug output | Christian Poessinger | |
2019-08-17 | Merge pull request #102 from zdc/T1531 | Christian Poessinger | |
[hostname] T1531: Added hostname alias to 127.0.1.1 (Debian way) | |||
2019-08-17 | openvpn: T1548: fix file ownership of client configuration file | Christian Poessinger | |
2019-08-16 | openvpn: T1548: initial rewrite with XML and Python | Christian Poessinger | |
2019-08-14 | [bfd] T1183: Added validations and fixing bugs in BFD: | zsdc | |
* added validations for "source address IP" and "bfd peer IP" * added check for configuring multihop together with an interface name * fixed "show protocols bfd peer X" for peers with custom options | |||
2019-08-14 | [service https] T1443: add self-signed TLS certificate | John Estabrook | |
2019-08-14 | [service https] T1443: move https and api default data to vyos.defaults | John Estabrook | |
2019-08-13 | [hostname] T1531: Added hostname alias to 127.0.1.1 (Debian way) | zsdc | |
This change makes "dnsdomainname" and "hostname -f" operable | |||
2019-08-09 | [bfd] T1183: Added some new functionality and fixed bugs in BFD: | zsdc | |
* added option "echo-mode" and "echo-interval" for BFD peers * added configuration check for usage "multihop" and "echo-mode" * added configuration check for denying deletion BFD peers, which are used in BGP configuration * fixed deleting/changing BFD peers with custom parameters (for example multihop, local-address, etc.) * deleted wrong skipping of configuration check for "shutdown" BFD peers | |||
2019-08-07 | [l2tp] T1566 ipv6 implementation | DmitriyEshenko | |
2019-08-07 | [service https] T1443: reset defaults on 'delete service https api' | John Estabrook | |
2019-08-07 | [bridge] T1156: rename 'br_name' to 'intf' for indexing python dictionary ↵ | Christian Poessinger | |
interface name | |||
2019-08-05 | [bridge] T1156: support adding interface addresses | Christian Poessinger | |
2019-08-04 | [bridge] T1156: remove helper script bridge_has_members.py | Christian Poessinger | |
Bridge member interface is now handled completely inside the bridge node and no longer spread accross different interface definitions. | |||
2019-08-04 | [bridge] T1156: rename igmp-snooping node to igmp | Christian Poessinger | |
2019-08-03 | [bridge] T1156: interfaces can be assigned to any one bridge only | Christian Poessinger | |