Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-08-15 | Merge pull request #970 from jack9603301/T3648 | Christian Poessinger | |
op-mode: nat: T3648: Modify the operation mode script implementation of NAT to fix the existing problem | |||
2021-08-15 | conntrack: T3275: migrate 'disable' syntax to 'enable' syntax for the new ↵ | Lulu Cathrinus Grimalkin | |
default behavior | |||
2021-08-14 | op-mode: ipsec: T3745: "show vpn ipse sa" improve sorting | Christian Poessinger | |
2021-08-14 | ospf: T3236: use proper daemon named template file | Christian Poessinger | |
2021-08-14 | op-mode: nat: T3648: Modify the operation mode script implementation of NAT ↵ | jack9603301 | |
to fix the existing problem | |||
2021-08-13 | vrf: T3734: T3728: vni must be configured with a higher priority then bgpd | Christian Poessinger | |
When removing bgp (vrf) instances the assigned VRF vni must be deleted from FRR prior the removal of the bgp settings (T3734). This is now done by moving the CLI command "set vrf name red vni 1000" to a dedicated Python script with a priority higher then bgp. | |||
2021-08-13 | Merge pull request #969 from sarthurdev/T3752 | Christian Poessinger | |
pki: T3752: Fix file output for certificate requests | |||
2021-08-13 | pki: T3752: Fix file output for certificate requests | sarthurdev | |
2021-08-13 | openvpn: T3738: Disable authentication option for server mode | Viacheslav | |
2021-08-13 | Merge pull request #967 from sever-sever/T3708-curr | Christian Poessinger | |
isis: T3708: Fix errors in MTU calculation | |||
2021-08-13 | isis: T3708: Fix errors in MTU calculation | Viacheslav | |
2021-08-12 | T3749: Moving some counters into the proper loop | Kroy | |
2021-08-12 | login: T3746: inform users about pending reboots | Christian Poessinger | |
2021-08-12 | Merge pull request #963 from FileGo/T3744 | Christian Poessinger | |
dns: T3744: fixed dns fwd statistics formatting | |||
2021-08-12 | dns: T3744: fixed dns fwd statistics formatting | FileGo | |
2021-08-10 | snmp: T3709: Allow enable oid ipCidrRouteTable | Viacheslav | |
2021-08-10 | pki: wireguard: T3642: strip private key | Christian Poessinger | |
Extend regex used by the "| strip-private" modifier to remove the WireGuard private key portion from stdout. | |||
2021-08-09 | ipsec: T3720: assigning vti secondary address caused interface in A/D state | Christian Poessinger | |
2021-08-08 | ipsec: l2tp: T2816: remove duplicate 3des-sha1-modp1024 proposal | Christian Poessinger | |
2021-08-08 | Merge pull request #956 from Cheeze-It/current | Christian Poessinger | |
PING: T3634: Fixing do not fragment to Ping | |||
2021-08-06 | http-api: T2768: add README.graphql | John Estabrook | |
2021-08-06 | http-api: T2768: example using GraphQL for high-level config operations | John Estabrook | |
2021-08-06 | Revert "http-api: T2768: example using GraphQL for high-level config operations" | John Estabrook | |
This reverts commit a2b959c50c96698da173b9c4720369a51442cc5c. | |||
2021-08-06 | Revert "http-api: T2768: add README.graphql" | John Estabrook | |
This reverts commit 4a9063f755b72786c3c5928b2fa74cf1aa935129. | |||
2021-08-06 | http-api: T2768: add README.graphql | John Estabrook | |
2021-08-06 | http-api: T2768: example using GraphQL for high-level config operations | John Estabrook | |
2021-08-06 | frr: T3694: temporary disable VRF VNI assignment | Christian Poessinger | |
Somehow we hit a priority inversion here as we need to remove the VRF assigned VNI before we can remove a BGP bound VRF instance. Maybe move this to an individual helper script that set's up the VNI for the given VRF after any routing protocol (in our case this was triggered by running "make testc" when building an ISO image by the bgp-rpki config). | |||
2021-08-06 | frr: T2175: remove no longer required loop when removing VRF VNI | Christian Poessinger | |
This is a completing commit to a55585a833 ("frr: T2175: remove no longer required loop when removing routing protocols") that was missed out previously. | |||
2021-08-06 | migration: T548: Rename quagga scripts for correct seq | Viacheslav | |
Rename quagga migration scripts for correct sequences between 1.3 and 1.4 branches 7-to-8 in 1.3 uses the same migration as 8-to-9 in 1.4 This PR fix it | |||
2021-08-05 | PING: T3634: Fixing do not fragment to Ping | Cheeze_It | |
In this commit we fix the do not fragment capability for ping commands. Sorry for messing it up earlier :( | |||
2021-08-04 | ipsec: T3718: fix default processing of ike dh-group proposals | Christian Poessinger | |
IKE dh-group defaults to 2 (modp1024). | |||
2021-08-03 | isis: T1316: rename Jinja2 template to match other FRR daemons | Christian Poessinger | |
2021-08-01 | ping: T3707: add UnicodeError exception when invalid IP address is passed | Christian Poessinger | |
2021-08-01 | Merge pull request #943 from Cheeze-It/current | Christian Poessinger | |
isis: T3693: Adding IPv6 redistribution to ISIS | |||
2021-07-31 | isis: T3693: Adding IPv6 redistribution to ISIS | Cheeze_It | |
In this commit we add the ability to redistribute into ISIS for IPv6 address family. | |||
2021-07-31 | bgp: vrf: T3694: cannot delete default BGP instance when VRF BGP instance exists | Christian Poessinger | |
2021-07-31 | sysctl: T3716: remove IPv4/6 routes from FIB when link goes down | Christian Poessinger | |
For more information see: * https://programmersought.com/article/62242485344/ * https://www.spinics.net/lists/netdev/msg332453.html * https://github.com/FRRouting/frr/blob/master/doc/user/Useful_Sysctl_Settings.md | |||
2021-07-31 | sysctl: T671: add missing net.ipv6.route.skip_notify_on_dev_down setting | Christian Poessinger | |
Recommended by FRR best deafults https://github.com/FRRouting/frr/blob/master/doc/user/Useful_Sysctl_Settings.md | |||
2021-07-30 | Merge pull request #947 from bstepler/T3694 | Christian Poessinger | |
configd: T3694: always set script.argv | |||
2021-07-30 | vyos.util: drop custom implementations in favor of is_systemd_service_running() | Christian Poessinger | |
Commit f520182b ("vyos.util: add is_systemd_service_running() helper function") added a new helper function that can be used to check if a systemd service is running. Drop all custom implementations in favor of this library call. | |||
2021-07-29 | configd: T3694: always set script.argv | Brandon Stepler | |
Several scripts imported by vyos-configd (including src/conf_mode/protocols_static.py) rely on argv for operating on VRFs. Always setting script.argv in src/services/vyos-configd ensures those scripts will operate on the default VRF when called with no arguments. Otherwise, a stale argv might cause those scripts to operate on the last modified VRF instead of the default VRF. | |||
2021-07-29 | ipsec: T1210: add op-mode command to print Windows connection profile | Christian Poessinger | |
2021-07-29 | dhcp-server: T2432: Run dhcpd in group vyattacfg to allow recreate lease files | DmitriyEshenko | |
2021-07-26 | ipsec: T1210: remote-access connections only work with IKEv2 | Christian Poessinger | |
2021-07-26 | ipsec: T1210: extend support for iOS profile generation | Christian Poessinger | |
$ generate ipsec mac-ios-profile <connection> remote <ip> | |||
2021-07-25 | tunnel: T3366: re-order migration scripts | Christian Poessinger | |
The migrator from 20-to-21 is required as 19-to-20 on VyOS 1.3 - thus simply rename/reorder the two migrators to not break things the hard way when upgrading from 1.3 -> 1.4. | |||
2021-07-25 | ifconfig: T2653: obey conding style | Christian Poessinger | |
2021-07-25 | ipsec: T1210: add RADIUS authentication for remote-access IKEv2 VPN | Christian Poessinger | |
set vpn ipsec remote-access connection rw authentication client-mode 'eap-radius' set vpn ipsec remote-access connection rw authentication id '192.0.2.1' set vpn ipsec remote-access connection rw authentication server-mode 'x509' set vpn ipsec remote-access connection rw authentication x509 ca-certificate 'CAcert_Class_3_Root' set vpn ipsec remote-access connection rw authentication x509 certificate 'vyos' set vpn ipsec remote-access connection rw esp-group 'ESP-RW' set vpn ipsec remote-access connection rw ike-group 'IKE-RW' set vpn ipsec remote-access connection rw local-address '192.0.2.1' set vpn ipsec remote-access connection rw pool 'ra-rw-ipv4' set vpn ipsec remote-access connection rw unique 'never' set vpn ipsec remote-access pool ra-rw-ipv4 name-server '192.0.2.2' set vpn ipsec remote-access pool ra-rw-ipv4 prefix '192.168.22.0/24' set vpn ipsec remote-access radius nas-identifier 'fooo' set vpn ipsec remote-access radius server 172.16.100.10 key 'secret' | |||
2021-07-25 | ipsec: T1210: move DHCP server configuration unter remote-access node | Christian Poessinger | |
As this is only related to remote-access, keeping it under "options" simply feels wrong. | |||
2021-07-23 | Merge pull request #939 from sarthurdev/pki_file | Christian Poessinger | |
pki: T3642: Add ability to write generated certificates/keys to files |