Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-07-09 | ip: T4517: drop forwarding from CLI "system ip ↵ | Christian Poessinger | |
disable-directed-broadcast-forwarding" | |||
2022-07-09 | ip: T4517: add option to enable directed broadcast forwarding | Yuxiang Zhu | |
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1. | |||
2022-07-09 | conntrack: T4145: Add show conntrack table ipv4 | Viacheslav Hletenko | |
After firewall rewriting, we lost the ability to show conntrack table as it used old code Rewrite and add it to XML/Python | |||
2022-07-08 | Merge pull request #1401 from sever-sever/T4411 | Christian Poessinger | |
monitoring: T4411: Migrate influxdb options to influxdb node | |||
2022-07-07 | Merge pull request #1397 from sever-sever/T4503 | Christian Poessinger | |
op-mode: T4503: Prevent restart service if commit in progress | |||
2022-07-07 | monitoring: T4411: Migrate influxdb options to influxdb node | Viacheslav Hletenko | |
As we have specific configuration for each plugin: set service monitoring telegraf xxx - azure-data-explorer - prometheus-client - splunk We should to move configuration that related to influxdb under influxdb node Replace: set service monitoring telegraf - authentication xxx - bucket xxx - port xxx - url To: set service monitoring telegraf influxdb xxx | |||
2022-07-07 | op-mode: T4503: Prevent restart service if commit in progress | Viacheslav Hletenko | |
Prevent op-mode scripts from restarting services if commit in progress | |||
2022-07-07 | dns: T4509: improve 6to4 error message | Christian Poessinger | |
2022-07-07 | syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotate | sarthurdev | |
After discussion with @zsdc this was decided the better long term fix * Removes hourly logrotate cron in favour of systemd timer override | |||
2022-07-06 | firewall: T4500: Fix logrotate size to match rsyslog default value | sarthurdev | |
2022-07-05 | firewall: T2199: Fix migration when `icmpv6 type` is an integer | sarthurdev | |
2022-07-05 | Merge pull request #1389 from sever-sever/T4509 | Christian Poessinger | |
dns: T4509: Add dns64-prefix option | |||
2022-07-05 | op-mode: bgp: T4494: re-use available building blocks for BGP resets | Christian Poessinger | |
2022-07-05 | op-mode: bgp: T4494: add "reset bgp" op-mode tree | Christian Poessinger | |
2022-07-05 | dns: T4509: Add dns64-prefix option | Viacheslav Hletenko | |
rfc6147: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers set service dns forwarding dns64-prefix 2001:db8:aabb::/96 | |||
2022-07-04 | ntp: T4456: call verify_vrf() before individual interface validation | Christian Poessinger | |
It makes no sense to test against a VRF that might not exist at all. | |||
2022-07-04 | dhclient: T2393: fix "Failed to parse boolean value, ignoring: SIGKILL" | Christian Poessinger | |
Commit 19789463 ("dhclient: T2393: introduce 20 seconds stop timeout - required for smoketesting on Qemu") assigned a string to a boolean field. This has been fixed. | |||
2022-07-04 | ntp: T4456: support listening on specified interface | Christian Poessinger | |
When clients only use DHCP for interface addressing we can not bind NTPd to an address - as it will fail if the address changes. This commit adds support to bind ntpd to a given interface in addition to a given address. set system ntp interface <name> | |||
2022-07-04 | Merge pull request #1382 from sever-sever/T4378 | Viacheslav Hletenko | |
dns: T4378: Allow wildcard A AAAA record with option all | |||
2022-07-04 | event-handler: T4508: Fixed environment variables | zsdc | |
Fixed usage of environment variables - made an individual environment variable for an event a true copy, instead of a reference to a single environ dictionary. Also, reorganized imports according to PEP8. | |||
2022-07-04 | dns: T4378: Allow wildcard A AAAA record with option any | Viacheslav Hletenko | |
Ability to set wildcard record for authoritative-domain set authoritative-domain example.com records a any address 192.0.2.11 cat /run/powerdns/zone.example.com.conf * 300 A 192.0.2.11 | |||
2022-07-02 | ipoe: T4507: Add option rate-limit for RADIUS authentication | Viacheslav Hletenko | |
Add rate-limit options: attribute, muptiplier and vendor set service ipoe-server auth radius rate-limit attribute 'Mikrotik-Rate-Limit' set service ipoe-server auth radius rate-limit enable set service ipoe-server auth radius rate-limit multiplier '0.001' set service ipoe-server auth radius rate-limit vendor 'Miktorik' | |||
2022-07-01 | Revert "op-mode: T4429: Ability to detect external IP address" | Daniil Baturin | |
2022-07-01 | event-handler: T4501: Fix for syslog-identifier | Viacheslav Hletenko | |
In dictionary we get "syslog-identifier" with dash But we try to parse option with underscore "syslog_identifier" Fix it | |||
2022-07-01 | bgp: T4490: use common vyos.base.Warning() wrapper | Christian Poessinger | |
2022-07-01 | Merge branch 'T4490' of https://github.com/sever-sever/vyos-1x into current | Christian Poessinger | |
* 'T4490' of https://github.com/sever-sever/vyos-1x: bgp: T4490: Add informational message for peer withour AFI | |||
2022-07-01 | Merge pull request #1380 from sarthurdev/ovpn-multi-ca | Christian Poessinger | |
openvpn: T4485: Accept multiple tls ca-certificate values | |||
2022-06-29 | router-advert: T4477: support RDNSS lifetime option | Christian Poessinger | |
set service router-advert interface eth0 name-server-lifetime <value> | |||
2022-06-29 | openvpn: T4485: Update PKI migrator to handle full CA chain migration | sarthurdev | |
* Also determines and maps to correct CA for migrated CRL | |||
2022-06-29 | openvpn: T4485: Accept multiple `tls ca-certificate` values | sarthurdev | |
2022-06-28 | Merge pull request #1376 from sever-sever/T4473 | Christian Poessinger | |
containers: T4473: Fix create container with not exist network | |||
2022-06-28 | containers: T4486: Fix path for removing containers | Viacheslav Hletenko | |
Fix correct path for removing containers and container networks Reduce timoute from 10 (default) to 3 seconds for stopping containers | |||
2022-06-28 | containers: T4473: Fix create container with not exist network | Viacheslav Hletenko | |
Fix for setting container without or wrong network decalaration | |||
2022-06-28 | bgp: T4490: Add informational message for peer withour AFI | Viacheslav Hletenko | |
As we don't use addresss-family ipv4-unicast by default we should to send informational message about AFI for peer is required | |||
2022-06-25 | firewall: T4484: Fix op-mode summary for address groups with ranges. | sarthurdev | |
2022-06-25 | Merge pull request #1360 from sever-sever/T1375 | Christian Poessinger | |
op-mode: T1375: Allow to clear dhcp-server lease | |||
2022-06-25 | Merge pull request #1362 from sarthurdev/T4435 | Christian Poessinger | |
firewall: T4435: Verify parent config applied successfully | |||
2022-06-16 | dhclient: T2393: introduce 20 seconds stop timeout - required for ↵ | Christian Poessinger | |
smoketesting on Qemu | |||
2022-06-16 | op-mode: T1375: Allow to clear dhcp-server lease | Viacheslav Hletenko | |
Allow to reset dhcp-leases per ip Parse file '/config/dhcpd.leases' find match section 'lease x.x.x.x {}' And remove this section clear dhcp-server lease 192.0.2.21 | |||
2022-06-15 | firewall: T4435: Verify parent config applied successfully | sarthurdev | |
2022-06-14 | firewall: T970: Use set prefix to domain groups | sarthurdev | |
2022-06-14 | firewall: T4147: Use named sets for firewall groups | sarthurdev | |
* Refactor nftables clean-up code * Adds policy route test for using firewall groups | |||
2022-06-11 | firewall: T4299: Add support for GeoIP filtering | sarthurdev | |
2022-06-10 | Merge pull request #1356 from sarthurdev/nested_groups | Christian Poessinger | |
firewall: T478: Add support for nesting groups | |||
2022-06-10 | firewall: T478: Add support for nesting groups | sarthurdev | |
2022-06-10 | Merge pull request #1326 from sever-sever/T4429 | Christian Poessinger | |
op-mode: T4429: Ability to detect external IP address | |||
2022-06-10 | Revert "dmvpn: nhrp: T4434: secret length can not exceed 8 characters" | Christian Poessinger | |
This reverts commit 6f818ee9033ee3abeedbed73eb44331dc27e7408. | |||
2022-06-10 | firewall: T970: Fix for Regex for domain and check empty group | Viacheslav Hletenko | |
It can be more then 5 symbols in top-level-domain address for example '.photography' and '.accountants' Firewall group can be added without address: * set firewall group domain-group DOMAIN Check if 'address' exists in group_config | |||
2022-06-09 | sstp: T4444: merge of defaultValue already done in get_accel_dict() | Christian Poessinger | |
2022-06-09 | Merge branch 'sstp_port' of https://github.com/goodNETnick/vyos-1x into current | Christian Poessinger | |
* 'sstp_port' of https://github.com/goodNETnick/vyos-1x: sstp: T4444. Port number changing support |