Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-09-01 | bridge: T1615: remove is_ip import from vyos.validate | Christian Poessinger | |
2019-09-01 | bridge: T1615: support deleting interface description | Christian Poessinger | |
2019-08-31 | [boot-config-loader] T1622: Add failsafe and back trace | John Estabrook | |
2019-08-31 | loopback: T1601: support deleting interface description | Christian Poessinger | |
2019-08-31 | dummy: T1580: support deleting interface description | Christian Poessinger | |
2019-08-31 | Merge pull request #121 from c-po/t1557-ifconfig | Christian Poessinger | |
T1557 Create generic abstraction for configuring interfaces e.g. IP address | |||
2019-08-31 | loopback: T1601: migrate from pyroute2 -> vyos.ifconfig | Christian Poessinger | |
2019-08-31 | dummy: T1580: migrate from pyroute2 -> vyos.ifconfig | Christian Poessinger | |
2019-08-31 | bridge: T1615: replace pyroute2 by vyos.ifconfig | Christian Poessinger | |
2019-08-31 | [l2tp ipsec] T1605: Changed ipsec marking only for inbound policy, all ↵ | DmitriyEshenko | |
functionality must saved | |||
2019-08-30 | T1598: fix vyos-hostsd unit dependencies. | Daniil Baturin | |
2019-08-30 | Python/ifconfig: rename interfaceconfig.py -> ifconfig.py | Christian Poessinger | |
2019-08-28 | bridge: T1615: add missing support for DHCP/DHCPv6 interface address | Christian Poessinger | |
This feature is not well supported by pyroute2 and thus uses the proof-of-concept vyos.interfaceconfig library. Maybe it's a better idea to write our own library from scratch. | |||
2019-08-27 | openvpn: T1617: bugfix for server push-route | Christian Poessinger | |
2019-08-27 | Merge branch 't1614-bonding' into current | Christian Poessinger | |
* t1614-bonding: Python/VyOS validate: add is_ip() to check for IPv4 or IPv4 address bridge: T1556: remove unused function freeze() list-interfaces: T1614: support listing interfaces which can be bonded | |||
2019-08-27 | [service https] T1443: Correct the use of listen/server_name directives | John Estabrook | |
2019-08-27 | bridge: T1556: remove unused function freeze() | Christian Poessinger | |
2019-08-27 | list-interfaces: T1614: support listing interfaces which can be bonded | Christian Poessinger | |
2019-08-27 | dummy: T1580: migrate implementation to pyroute2 | Christian Poessinger | |
2019-08-26 | Merge pull request #118 from c-po/pyroute2 | Christian Poessinger | |
loopback: T1601: migrate to pyroute2 | |||
2019-08-26 | loopback: T1601: migrate to pyroute2 | Christian Poessinger | |
2019-08-26 | bridge: T1556: fix comment | Christian Poessinger | |
2019-08-26 | Merge pull request #117 from c-po/pyroute2 | Christian Poessinger | |
bridge: T1556: migrate to pyroute2 | |||
2019-08-26 | bridge: T1556: migrate interface configuration to pyroute2 | Christian Poessinger | |
Tested with: set interfaces bridge br0 address '192.0.2.1/24' set interfaces bridge br0 aging '500' set interfaces bridge br0 disable-link-detect set interfaces bridge br0 forwarding-delay '11' set interfaces bridge br0 hello-time '5' set interfaces bridge br0 igmp querier set interfaces bridge br0 max-age '11' set interfaces bridge br0 member interface eth1 cost '1000' set interfaces bridge br0 member interface eth1 priority '4' set interfaces bridge br0 member interface eth2 cost '1001' set interfaces bridge br0 member interface eth2 priority '56' | |||
2019-08-26 | T1598: make dns_forwarding.py retrieve name servers from vyos-hostsd. | Daniil Baturin | |
2019-08-26 | T1598: add a vyos-hostsd operation for retrieving name servers by tag. | Daniil Baturin | |
2019-08-26 | bridge: T1608: deny adding non existing interfaces to bridge config | Christian Poessinger | |
2019-08-26 | bridge: T1556: reword exception error when beeing member of multiple bridges | Christian Poessinger | |
2019-08-26 | openvpn: T1548: add missing if statement in 'show openvpn' command | Christian Poessinger | |
2019-08-26 | openvpn: T1548: add 'show openvpn' command | Christian Poessinger | |
vyos@vyos:~$ show openvpn site-to-site OpenVPN status on vtun1 Client CN Remote Host Local Host TX bytes RX bytes Connected Since --------- ----------- ---------- -------- -------- --------------- None (PSK) N/A 172.18.201.10:1195 3.3 KiB 3.3 KiB N/A vyos@vyos:~$ show openvpn server OpenVPN status on vtun10 Client CN Remote Host Local Host TX bytes RX bytes Connected Since --------- ----------- ---------- -------- -------- --------------- client1 172.18.202.10:58644 172.18.201.10:1194 63.6 KiB 63.4 KiB Mon Aug 26 11:47:56 2019 client3 172.18.204.10:52641 172.18.201.10:1194 63.1 KiB 62.7 KiB Mon Aug 26 11:47:58 2019 OpenVPN status on vtun11 Client CN Remote Host Local Host TX bytes RX bytes Connected Since --------- ----------- ---------- -------- -------- --------------- client2 172.18.203.10:39472 172.18.201.10:1200 61.2 KiB 61.5 KiB Mon Aug 26 11:50:30 2019 | |||
2019-08-25 | Merge pull request #112 from alkersan/T1607_reset_ip_conntrack_rewrite | Christian Poessinger | |
[op-mode] T1607 rewrite 'reset conntrack' and 'reset & show ip[v6]' to python/xml syntax | |||
2019-08-25 | Merge pull request #115 from DmitriyEshenko/dummy | Christian Poessinger | |
[dummy] T1609 migrate to vyos.interfaceconfig | |||
2019-08-24 | T1611: check if config node exists before getting value | Jernej Jakob | |
2019-08-23 | [dummy] T1609 migrate to vyos.interfaceconfig, adding check ip-cidr, adding ↵ | DmitriyEshenko | |
vyos.interfaceconfig common ipv4/ipv6 functions | |||
2019-08-23 | [op-mode] T1607 rewrite 'reset conntrack', 'reset & show ip[v6]' to ↵ | Dmytro Aleksandrov | |
python/xml syntax | |||
2019-08-23 | [dummy] T1609 Fixing dummy interface state | DmitriyEshenko | |
2019-08-22 | T1606: change vyos-hostsd systemd target to avoid boot problems | John Estabrook | |
2019-08-21 | dummy: T1580: remove superfluous if statements | Christian Poessinger | |
2019-08-21 | bridge: T1556: remove superfluous if statements | Christian Poessinger | |
2019-08-21 | loopback: T1601: rewrite using XML/Python definitions | Christian Poessinger | |
2019-08-21 | T1598: redo host_name.py to use vyos-hostsd. | Daniil Baturin | |
2019-08-21 | T1598: clean up vyos-hostsd state dump on clean shutdown. | Daniil Baturin | |
2019-08-21 | T1598: improve autogenerated file comments. | Daniil Baturin | |
2019-08-20 | T1598: start vyos-hostsd before everything that may need it. | Daniil Baturin | |
2019-08-20 | T1598: initial implementation of the hosts keeper daemon. | Daniil Baturin | |
2019-08-20 | powerdns: T1595: remove 'listen-on' CLI option | Christian Poessinger | |
2019-08-20 | powerdns: T1595: add config migrator to remove 'listen-on' | Christian Poessinger | |
2019-08-20 | powerdns: T1524: support setting allow-from network | Christian Poessinger | |
Netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from RFC 1918 private IP addresses. Due to the aggressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer. https://docs.powerdns.com/recursor/settings.html#allow-from Imagine an ISP network with non RFC1918 IP adresses - they can't make use of PowerDNS recursor. As of now VyOS hat allow-from set to 0.0.0.0/0 and ::/0 which created an open resolver. If there is no allow-from statement a config-migrator will add the appropriate nodes to the configuration, resulting in: service { dns { forwarding { allow-from 0.0.0.0/0 allow-from ::/0 cache-size 0 ignore-hosts-file listen-address 192.0.2.1 } } } | |||
2019-08-19 | dummy: T1580: rewrite in new style XML/Python | Christian Poessinger | |
2019-08-19 | openvpn: T1548: remove authy 2fa provider | Christian Poessinger | |
According to https://github.com/twilio/authy-openvpn commit 3e5dc73: > This plugin is no longer actively maintained. If you're interested in becoming a maintainer, we welcome forks of this project. In addition this plugin was always missing in the current branch ov VyOS and did not make it into VyOS 1.2 (crux) If 2FA for OpenVPN is required we should probably opt for Google Authenticator or if possible a U2F device. |