Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-09-30 | Merge pull request #4024 from nicolas-fort/T6687 | Daniil Baturin | |
T6687: add fqdn support to nat rules. | |||
2024-09-24 | syslog: T6719: fix the behavior of "syslog global preserve-fqdn" | Nicolas Vollmar | |
2024-09-24 | Merge pull request #4086 from natali-rs1985/T6675-current | Christian Breunig | |
bridge: T6675: VXLAN Interface configuration lost due to improper bridge detachment | |||
2024-09-21 | T6630: ntp: rename ptp-transport to ptp and use defaultValue for port | Christian Breunig | |
2024-09-21 | T6630: ntp: add chrony "ntp over ptp" transport | Lucas Christian | |
2024-09-20 | bridge: T6675: VXLAN Interface configuration lost due to improper bridge ↵ | Nataliia Solomko | |
detachment | |||
2024-09-19 | Merge pull request #4061 from c-po/syslog-T5367 | Daniil Baturin | |
syslog: T5367: add format option to include timezone in message | |||
2024-09-16 | T6687: add fqdn support to nat rules. | Nicolas Fort | |
2024-09-15 | bond: T6709: add EAPoL support | Christian Breunig | |
2024-09-14 | ethernet: T6709: move EAPoL support to common framework | Christian Breunig | |
Instead of having EAPoL (Extensible Authentication Protocol over Local Area Network) support only available for ethernet interfaces, move this to common ground at vyos.ifconfig.interface making it available for all sorts of interfaces by simply including the XML portion #include <include/interface/eapol.xml.i> | |||
2024-09-12 | syslog: T5367: add format option to include timezone in message | Christian Breunig | |
Add CLI option to include the systems timezone in the syslog message sent to a collector. This can be enabled using: set system syslog host <hostname> format include-timezone | |||
2024-09-12 | Merge pull request #4047 from natali-rs1985/T6676-current | Christian Breunig | |
policy: T6676: Invalid route-map caused bgpd to crash | |||
2024-09-12 | Merge pull request #4046 from nvollmar/T6703 | Christian Breunig | |
T6703: Adds option to configure AMD pstate driver | |||
2024-09-12 | Merge pull request #4021 from natali-rs1985/T6652-current | Daniil Baturin | |
openfabric: T6652: Add support for OpenFabric protocol | |||
2024-09-12 | Merge pull request #4032 from dvlogic/Allow_Container_DNS_Disable | Christian Breunig | |
T6701: Added ability to disable the container DNS plugin | |||
2024-09-11 | policy: T6676: Invalid route-map caused bgpd to crash | Nataliia Solomko | |
2024-09-11 | T6703: fix unrelated lint issues | Nicolas Vollmar | |
2024-09-11 | T6703: Adds option to configure AMD pstate driver | Nicolas Vollmar | |
2024-09-11 | T6294: Service dns forwarding add the ability to configure ZonetoCache | khramshinr | |
2024-09-11 | container: T6701: add support to disable container network DNS support | Dave Vogel | |
Add ability to set the container network with a disable-dns setting to disable the DNS plugin that is on be default. set container network <network> no-name-server | |||
2024-09-04 | openfabric: T6652: Add support for OpenFabric protocol | Nataliia Solomko | |
OpenFabric is a routing protocol providing link-state routing with efficient flooding for topologies like spine-leaf networks. FRR implements OpenFabric in a daemon called fabricd | |||
2024-09-02 | T6679: add destination groups | Nicolas Vollmar | |
2024-08-21 | T6672: Fix system option ssh-client source-interface | Viacheslav Hletenko | |
Fix for system option ssh-client source-interface For the `verify_source_interface` the key `ifname` if required | |||
2024-08-20 | Merge pull request #3975 from lucasec/t6183 | Christian Breunig | |
T6183: interfaces openvpn: suppport specifying IP protocol version | |||
2024-08-15 | T6649: Accel-ppp separate vlan-mon from listen interfaces | Nataliia Solomko | |
2024-08-13 | T6183: interfaces openvpn: suppport specifying IP protocol version | Lucas Christian | |
2024-08-12 | suricata: T6624: Fix for service suricata address-groups cannot be used in ↵ | Nataliia Solomko | |
each other | |||
2024-08-12 | configverify: T6642: verify_interface_exists requires config_dict arg | John Estabrook | |
The function verify_interface_exists requires a reference to the ambient config_dict rather than creating an instance. As access is required to the 'interfaces' path, provide as attribute of class ConfigDict, so as not to confuse path searches of script-specific config_dict instances. | |||
2024-08-08 | qos: T6638: require interface state existence in verify conditional | John Estabrook | |
2024-08-05 | sysctl: T3204: restore sysctl setttings overwritten by tuned | Christian Breunig | |
2024-08-05 | Merge branch 'current' into feature/T4694/gre-match-fields | Christian Breunig | |
2024-08-05 | Merge pull request #3920 from fett0/T6555 | Christian Breunig | |
OPENVPN: T6555: add server-bridge options in mode server | |||
2024-08-05 | Merge pull request #3939 from c-po/unused-imports | Christian Breunig | |
T5873: T6619: remove unused imports | |||
2024-08-04 | firewall: T4694: Adding GRE flags & fields matches to firewall rules | Andrew Topp | |
* Only matching flags and fields used by modern RFC2890 "extended GRE" - this is backwards-compatible, but does not match all possible flags. * There are no nftables helpers for the GRE key field, which is critical to match individual tunnel sessions (more detail in the forum post) * nft expression syntax is not flexible enough for multiple field matches in a single rule and the key offset changes depending on flags. * Thus, clumsy compromise in requiring an explicit match on the "checksum" flag if a key is present, so we know where key will be. In most cases, nobody uses the checksum, but assuming it to be off or automatically adding a "not checksum" match unless told otherwise would be confusing * The automatic "flags key" check when specifying a key doesn't have similar validation, I added it first and it makes sense. I would still like to find a workaround to the "checksum" offset problem. * If we could add 2 rules from 1 config definition, we could match both cases with appropriate offsets, but this would break existing FW generation logic, logging, etc. * Added a "test_gre_match" smoketest | |||
2024-08-04 | Merge pull request #3901 from nicolas-fort/T4072-extend-bridge-fwall | Christian Breunig | |
T4072: firewall extend bridge firewall | |||
2024-08-04 | ipsec: T5873: remove unused imports | Christian Breunig | |
2024-08-04 | multicast: T6619: remove unused imports | Christian Breunig | |
2024-08-02 | Merge pull request #3933 from jestabro/add-missing-standard-func | Daniil Baturin | |
T6632: add missing standard functions to config scripts | |||
2024-08-02 | Merge pull request #3932 from jestabro/check-kmod-under-configd | Daniil Baturin | |
T6629: call check_kmod within a standard config function | |||
2024-08-02 | T6619: Remove the remaining uses of per-protocol FRR configs (#3916) | Roman Khramshin | |
2024-08-02 | OPENVPN: T6555: fix name to bridge | fett0 | |
2024-08-02 | T6632: add missing standard functions to config scripts | John Estabrook | |
2024-08-02 | OPENVPN: T6555: fix name to bridge | fett0 | |
2024-08-02 | T6629: call check_kmod within a standard config function | John Estabrook | |
Move the remaining calls to check_kmod within a standard function, with placement determined by the needs of the config script. | |||
2024-08-02 | Merge pull request #3927 from jestabro/nat64-check-kmod | Daniil Baturin | |
nat64: T6627: call check_kmod within standard config function | |||
2024-08-02 | nat64: T6627: call check_kmod within standard config function | John Estabrook | |
Functions called from config scripts outside of the standard functions get_config/verify/generate/apply will not be called when run under configd. Move as appropriate for the general config script structure and the specific script requirements. | |||
2024-08-02 | T4072: change same helpers in xml definitions; add notrack action for ↵ | Nicolas Fort | |
prerouting chain; re introduce <set vrf> in policy; change global options for passing traffic to IPvX firewall; update smoketest | |||
2024-08-01 | Merge pull request #3923 from c-po/console-T3334 | Christian Breunig | |
console: T3334: remove unused directories imported from vyos.defaults | |||
2024-08-01 | T4072: firewall: improve error handling when firewall configuration is ↵ | Nicolas Fort | |
wrong. Use nft -c option to check temporary file, and use output provided by nftables to parse the error if possible, or print it as it is if it's an unknown error | |||
2024-08-01 | Merge pull request #3221 from lucasec/t5873 | Christian Breunig | |
T5873: ipsec remote access VPN: support VTI interfaces. |