Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-05-22 | nat: T2460: fix KeyError: 'sport' | Christian Poessinger | |
2020-05-22 | nat: T2460: migrate to new Python implementation | Christian Poessinger | |
2020-05-22 | Merge branch 'T2460' of https://github.com/thomas-mangin/vyos-1x into ↵ | Christian Poessinger | |
nat-integration * 'T2460' of https://github.com/thomas-mangin/vyos-1x: nat: T2460: add src/op_mode/show_nat_translations.py | |||
2020-05-22 | login: T2492: fix flake8 warnings | Christian Poessinger | |
2020-05-22 | login: T2492: do not set encrypted user password when it is not changed | Christian Poessinger | |
2020-05-22 | pppoe: T2488: bugfix, missing not in if condition prevented startup | Christian Poessinger | |
Commit 39c53aadbf9e ("pppoe: T2488: remove logfile generation") accidently missed a not in an if statement. | |||
2020-05-22 | pppoe: T2380: drop superfluous list_pppoe_peers.sh | Christian Poessinger | |
2020-05-22 | macsec: T2491: add replay window protection | Christian Poessinger | |
2020-05-22 | macsec: T2023: flake8/autopep8 corrections | Christian Poessinger | |
2020-05-22 | macsec: T2023: fix wrong use or f-format string | Christian Poessinger | |
2020-05-22 | macsec: T2023: remove unused import | Christian Poessinger | |
2020-05-21 | nat: T2460: add src/op_mode/show_nat_translations.py | Thomas Mangin | |
2020-05-21 | pppoe: T2380: fix NameError: name 'intf' is not defined | Christian Poessinger | |
2020-05-21 | pppoe: T2380: dis-/connect should use proper systemd calls | Christian Poessinger | |
2020-05-21 | pppoe: T2488: remove logfile generation | Christian Poessinger | |
2020-05-21 | pppoe: wwan: T2488: drop individual ppp logs | Christian Poessinger | |
2020-05-21 | wireless: T1627: remove get_conf_file() | Christian Poessinger | |
2020-05-21 | macsec: T2023: delete wpa_supplicant config when interface is removed | Christian Poessinger | |
2020-05-21 | macsec: T2023: stop wpa_supplicant on interface deletion | Christian Poessinger | |
2020-05-21 | macsec: T2023: cleanup wpa_supplicant config file name | Christian Poessinger | |
2020-05-21 | macsec: T2023: improve verify() when encryption is enabled | Christian Poessinger | |
With enabled encryption keys must be configured. | |||
2020-05-21 | macsec: T2023: support MACsec Key Agreement protocol actor priority | Christian Poessinger | |
2020-05-21 | macsec: T2023: rename "security key" node to "security mka" | Christian Poessinger | |
MACsec always talks about MKA (MACsec Key Agreement protocol) thus the node should reflect that. | |||
2020-05-21 | macsec: T2023: use wpa_supplicant for key management | Christian Poessinger | |
2020-05-21 | macsec: T2023: cli: move "cipher" and "encryption" under new "secutiry" node | Christian Poessinger | |
This is best suited as a key is required, too. | |||
2020-05-21 | macsec: T2023: cipher suite is mandatory | Christian Poessinger | |
2020-05-21 | macsec: T2023: use list when working with Config() | Christian Poessinger | |
2020-05-21 | macsec: T2023: add optional encryption command | Christian Poessinger | |
By default MACsec only authenticates traffic but has support for optional encryption. Encryption can now be enabled using: set interfaces macsec <interface> encrypt | |||
2020-05-21 | macsec: T2023: add initial XML and Python interfaces | Christian Poessinger | |
2020-05-20 | Merge pull request #416 from kroy-the-rabbit/patch-5 | Daniil Baturin | |
T2465: Permissions on vyos-hostsd socket incorrect | |||
2020-05-19 | T2465: Permissions on vyos-hostsd socket incorrect | kroy-the-rabbit | |
The DHCP server is unable to apply entries to the hosts file because the permissions on the socket are getting created wrong. ``` $ ls -al /run/vyos-hostsd.sock srwxrwxrwx 1 root vyattacfg 0 May 20 01:38 /run/vyos-hostsd.sock ``` This gives it the correct permissions so that the nobody/nobody user/group can change it. | |||
2020-05-19 | Revert "T2465: vyos-hostsd-client needs sudo" | kroy-the-rabbit | |
2020-05-19 | Merge pull request #414 from thomas-mangin/T2467 | Christian Poessinger | |
util: T2467: automatically add sudo to known commands | |||
2020-05-19 | wireguard: T2481: support IPv6 based underlay | Christian Poessinger | |
2020-05-19 | util: T2467: add systemctl to autosudo | Thomas Mangin | |
2020-05-19 | nat: do not report unassigned IP address for DNAT | Christian Poessinger | |
That warning made no sense as the destination address where we forward a port to is by design not locally connected. | |||
2020-05-19 | Merge pull request #413 from kroy-the-rabbit/patch-4 | Christian Poessinger | |
T2465: vyos-hostsd-client needs sudo | |||
2020-05-19 | dhcpv6-pd: T421: support ethernet based interfaces | Christian Poessinger | |
Add support for prefix delegation when receiving the prefix via ethernet, bridge, bond, wireless. | |||
2020-05-19 | configdict: T2372: interfaces must reuse interface_default_data | Christian Poessinger | |
This is to remove the amount of duplicated entries in dictionaries. It's one more part to move to a unified interface management. | |||
2020-05-19 | T2465: vyos-hostsd-client needs sudo | kroy-the-rabbit | |
There have been a number of complaints about DHCP not getting inserted into the `/etc/hosts` file. This should correct that problem. | |||
2020-05-19 | dhcpv6-server: T815: support delegating IPv6 prefixes | Christian Poessinger | |
2020-05-18 | flake8: T2475: fix a number of issue reported by flake8 | Thomas Mangin | |
2020-05-17 | pppoe: dhcpv6-pd: T421: change system type to forking | Christian Poessinger | |
Wide dhcp client forks by itself | |||
2020-05-17 | pppoe: dhcpv6-pd: T421: stop service when config is removed | Christian Poessinger | |
2020-05-17 | pppoe: dhcpv6-pd: T421: start/stop delegation with interface status | Christian Poessinger | |
2020-05-17 | pppoe: dhcpv6-pd: T421: initial support | Christian Poessinger | |
The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0. pppoe pppoe0 { authentication { password vyos user vyos } description sadfas dhcpv6-options { delegate eth0 { interface-id 65535 sla-id 0 sla-len 8 } } ipv6 { address { autoconf } enable } source-interface eth1 } vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- eth0 2001:db8:8003:400::ffff/64 u/u | |||
2020-05-17 | dhcpv6-pd: T421: migrate from ISC dhclient to wide-dhcpv6-client | Christian Poessinger | |
ISC does not support running the client on PPP(oE) interfaces which makes it unusable for DHCPv6 Prefix Delegation tasks. Internet Systems Consortium DHCP Client 4.4.1 Copyright 2004-2018 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Unsupported device type 512 for "pppoe0" | |||
2020-05-17 | frr: combine all templates in frr directory | Christian Poessinger | |
2020-05-17 | powerdns: T2470: adjust systemd RuntimeDirectory | Christian Poessinger | |
2020-05-17 | powerdns: T2470: adjust config file permissions for recursor 4.3 | Christian Poessinger | |
PowerDNS recursor 4.3 now uns as user pdns and group pdns, thus the generated configuration file and directory need to have the appropriate permissions set. |