Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-04-20 | openvpn: T2339: fix for IPv4 local-host addresses | Jernej Jakob | |
Commit bb9f998 introduced a bug where openvpn fails to start if 'local-host' is an IPv4 address due to 'proto' wanting a IPv6 socket. This adds a conditional check and uses normal proto if it's IPv4. | |||
2020-04-20 | bridge: T2320: add to tunnel | Thomas Mangin | |
2020-04-19 | l2tpv3: fix missing "," within default_config_data | Christian Poessinger | |
Commit 0e19d622a0410 ("bridge: T2232: move helper to vyos.validate") added a new key to the dictionary but missed out the required "," at the end. | |||
2020-04-19 | openvpn: T2336: delete auth-user-pass file when interface is unused #2 | Christian Poessinger | |
2020-04-19 | Revert "openvpn: T2336: delete auth-user-pass file when interface is unused" | Christian Poessinger | |
This reverts commit 26adfd6d0d03af44a03f327478199f3009f2ad3c. | |||
2020-04-19 | openvpn: T2336: delete auth-user-pass file when interface is unused | Christian Poessinger | |
Unused means disabled or even deleted - there should be no secrets left-over. | |||
2020-04-19 | openvpn: T2336: fix auth-user-pass file generation | Christian Poessinger | |
Bug introduced in commit b36e6e6 ("openvpn: T2273: migrate from SysVinit to systemd") as not all relevant configuration files have been re-rendered into /run/openvpn | |||
2020-04-19 | bridge: T2232: bugfix - remove double colon (:) | Christian Poessinger | |
2020-04-19 | bridge: T2232: move helper to vyos.validate | Christian Poessinger | |
2020-04-19 | {pppoe,ipoe}-server: T2324: T2314: migrate CoA server | Christian Poessinger | |
2020-04-19 | pppoe-server: T2314: add common accel-radius-additions XML file | Christian Poessinger | |
2020-04-18 | ipoe-server: T2324: move template files to common accel-ppp template directory | Christian Poessinger | |
2020-04-18 | ipoe-server: T2324: migrate IPv6 client IP pool to common CLI nodes | Christian Poessinger | |
2020-04-18 | ipoe-server: T2324: migrate RADIUS configuration to common CLI syntax | Christian Poessinger | |
2020-04-18 | ipoe-server: T2324: migrate IPv4/IPv6 name-servers to common node | Christian Poessinger | |
2020-04-18 | ipoe-server: T2324: remove boilerplate code and adjust to other accel ↵ | Christian Poessinger | |
implementations | |||
2020-04-18 | router-advert: rename XML/Python files for a common pattern | Christian Poessinger | |
2020-04-18 | ipoe-server: rename XML/Python files for a common pattern | Christian Poessinger | |
2020-04-18 | Merge branch 'pppoe-server-update' of github.com:c-po/vyos-1x into current | Christian Poessinger | |
* 'pppoe-server-update' of github.com:c-po/vyos-1x: accel-ppp: T2314: use common tempplate for chap-secrets pppoe-server: T2314: migrate IPv6 to common CLI nodes with embeeded validation pppoe-server: T2313: bugfix Floating Point Exception pppoe-server: T2314: migrate RADIUS configuration to common CLI syntax vpn: l2tp: pptp: sstp: rename files to common pattern pppoe-server: T2314: migrate IPv4/IPv6 name-servers to common node vpn: l2tp: sstp: ease unlinking of configuration files pppoe-server: T2314: remove boilerplate code and adjust pppoe-server: T2185: migrate from SysVinit to systemd | |||
2020-04-18 | accel-ppp: T2314: use common tempplate for chap-secrets | Christian Poessinger | |
2020-04-18 | pppoe-server: T2314: migrate IPv6 to common CLI nodes with embeeded validation | Christian Poessinger | |
2020-04-18 | ipsec: T2317: Fix typo with delimiter | DmitriyEshenko | |
2020-04-18 | pppoe-server: T2314: migrate RADIUS configuration to common CLI syntax | Christian Poessinger | |
2020-04-18 | vpn: l2tp: pptp: sstp: rename files to common pattern | Christian Poessinger | |
2020-04-18 | pppoe-server: T2314: migrate IPv4/IPv6 name-servers to common node | Christian Poessinger | |
Instead of having "dns-server server-1|server-2" nodes and the same for IPv6 all DNS nameservers are migrated to a common name-servers node. | |||
2020-04-18 | vpn: l2tp: sstp: ease unlinking of configuration files | Christian Poessinger | |
2020-04-18 | pppoe-server: T2314: remove boilerplate code and adjust | Christian Poessinger | |
2020-04-18 | pppoe-server: T2185: migrate from SysVinit to systemd | Christian Poessinger | |
2020-04-18 | ipsec: T2317: Fix adding params to ipsec configuration files | DmitriyEshenko | |
2020-04-17 | wireless: T2306: Add new cipher suites to the WiFi configuration | Alain Lamar | |
Yet, VyOS knows these two encryption schemes for WiFi: 1. CCMP = AES in Counter mode with CBC-MAC (CCMP-128) 2. TKIP = Temporal Key Integrity Protocol These encryption schemes are new and especially the Galois counter mode cipher suites are very desirable! 1. CCMP-256 = AES in Counter mode with CBC-MAC with 256-bit key 2. GCMP = Galois/counter mode protocol (GCMP-128) 3. GCMP-256 = Galois/counter mode protocol with 256-bit key CCMP is supported by all WPA2 compatible NICs, so this remains the default cipher for bidirectional and group packets while using WPA2. Use 'iw list' to figure out which cipher suites your cards support prior to configuring other cipher suites than CCMP. AP NICs and STA NICs must both support at least one common cipher in a given list in order to associate successfully. | |||
2020-04-17 | flow-accounting: T2275: fix NameError: name 'stdout' is not defined | Christian Poessinger | |
2020-04-17 | flow-accounting: T2275: import render template from correct library | Christian Poessinger | |
2020-04-17 | Merge pull request #341 from thomas-mangin/T2223 | Christian Poessinger | |
op_mode: T2223: convert vyatta-show-interfaces.pl to show_interfaces.py | |||
2020-04-16 | Merge pull request #342 from jjakob/openvpn-ipv6 | Christian Poessinger | |
openvpn: T149: IPv6 support | |||
2020-04-16 | Merge pull request #347 from DmitriyEshenko/fix-ipoe | Christian Poessinger | |
ipoe: T2294: Fix templates and migrate to systemd | |||
2020-04-16 | ipoe: T2294: Migrate to systemd | DmitriyEshenko | |
2020-04-16 | openvpn: T149: IPv6 support | Jernej Jakob | |
- allow configuring IPv6 server addresses and push options - add IPv6 server client IP pool - add IPv6 push dhcp-option DNS6 - allow configuring IPv6 server client addresses - allow configuring IPv6 site-to-site addresses - validate all IPv6 options and addresses - use protos that explicitely open an IPv6 listening socket (tcp6-server, tcp6-client, udp6) as the default on Linux listens on IPv4 only (https://community.openvpn.net/openvpn/ticket/360) - add validator for any IPv6 address, host or network (used by pool) | |||
2020-04-15 | Merge pull request #349 from jjakob/openvpn-pool | Christian Poessinger | |
openvpn: T2335: allow disabling client-ip-pool | |||
2020-04-15 | login: T2295: move from calling an os binary to Python crypt() function | Christian Poessinger | |
2020-04-15 | dns-forwarding: T2298: remove wrongly added number | Christian Poessinger | |
Commit 16b2fc8 ("dns-forwarding: T2298: fix path to control file") added a wrong prefix to the line before executing 'systemctl restart snmpd.service'. | |||
2020-04-15 | dns-forwarding: T2298: fix path to control file | Christian Poessinger | |
After migrating PowerDNS to systemd and also its configuration files to a volatile directory in commit 77d725f ("dns-forwarding: T2185: move configuration files to volatile /run directory") the path for the control file has not been altered and pushed to the client rec_control binary" | |||
2020-04-15 | openvpn: T2335: allow disabling client-ip-pool | Jernej Jakob | |
2020-04-15 | Merge pull request #346 from thomas-mangin/T31-vrf-exists | Christian Poessinger | |
tunnel: T31: check that the assigned VRF exists | |||
2020-04-15 | openvpn: T2293: fix UnboundLocalError if server subnet is unset | Jernej Jakob | |
2nd part of this fix, first commit 9b6a369 didn't fix it. | |||
2020-04-15 | tunnel: T31: check that the assigned VRF exists | Thomas Mangin | |
2020-04-14 | openvpn: T2293: fix UnboundLocalError if server subnet is unset | Jernej Jakob | |
Commit bb36bde introduced a bug when server subnet is unset, this fixes it. | |||
2020-04-14 | vrrp: T2223: move VRRP within ifconfig | Thomas Mangin | |
Tidied up the code and moved it under VRRP in view to use with show-interface (which has VRRP filtering) No change in functionality | |||
2020-04-13 | service https: T1585: call to sudo can be omitted | Christian Poessinger | |
2020-04-13 | service https: T1585: bugfix typo in systemd name | Christian Poessinger | |
2020-04-13 | syslog: T2185: explicitly specify systemd service | Christian Poessinger | |