Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-03-09 | xml: T4952: improve interface completion helper CLI experience | Christian Breunig | |
2023-03-09 | qos: T5018: Use configdep to fix interface mirror/redirect issue | sarthurdev | |
This will check if mirror/redirect is present on a QoS interface and use `vyos.configdep` module to update the interface again after QoS is applied. | |||
2023-03-09 | T5063: IPoE-server ethX vlan must not be used with client-subnet | Viacheslav Hletenko | |
IPoE-server 'interface ethX vlan xxx' (aka vlan-mon) must not be used with 'interface ethX client-subnet' So instead of shared pool accel-ppp uses the same pool for each dynamically added VLAN eth1 client-subnet '192.0.2.0/24' eth1 vlan '2000-2021' It cause this issue: eth1.2000 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) eth2.2001 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) Only named pools with vlan option must be used. | |||
2023-03-08 | T5066: Fix GRE tunnel variable name which checks keys | Viacheslav Hletenko | |
2023-03-07 | frr: T5045: lift LimitNOFILE 1024 -> 4096 | Christian Breunig | |
Lift the amount of allowed open file descriptors for the FRR process tree. Required if there are hundreds to thousands interfaces on a system. | |||
2023-03-05 | op-mode: T5051: use typing.Literal in op-mode scripts | John Estabrook | |
2023-03-05 | op-mode: T5051: interpret Literal types as enums | John Estabrook | |
2023-03-04 | Merge pull request #1862 from jestabro/schema-generate | Christian Breunig | |
graphql: T5040: generate schema on installation, rather than dynamically | |||
2023-03-03 | graphql: T5040: use path from defaults | John Estabrook | |
2023-03-02 | Merge pull request #1865 from jbordongit/T4916-sagitta | Christian Breunig | |
ipsec: T4916: Fixed migrations script | |||
2023-03-03 | ipsec: T4916: Fixed migrations script | jbordongit | |
* removed unused `re` from imports * replaced `return_value()` to `return_values()` for `remote-address` because this is a multi-value configuration node | |||
2023-03-02 | login: T5039: catch error on 'my_set' for auth plaintext-password | John Estabrook | |
2023-03-01 | graphql: T5040: generate schema in vyos-1x.postinst | John Estabrook | |
2023-03-01 | graphql: T5040: use nullable key field to allow schema static generation | John Estabrook | |
Schema had been dynamically generated, based on configuration setting for authentication. Add nullable field 'key' for static generation of schema regardless of key/token use. | |||
2023-02-28 | Merge pull request #1857 from nicolas-fort/nft_queue | Christian Breunig | |
T5037: Firewall: Add queue action and options to firewall | |||
2023-02-28 | T4967: Allow setting container hostname | Viacheslav Hletenko | |
Ability setting container hostname This host name is used as /etc/hostname set container name <tag> host-name 'mybox' | |||
2023-02-28 | T5037: Firewall: Add queue action and options to firewall | Nicolas Fort | |
2023-02-28 | Merge pull request #1800 from vfreex/feature-babel | Christian Breunig | |
T4977: Add Babel routing protocol support | |||
2023-02-28 | Merge pull request #1784 from Zen3515/current-add-container-command-arg | Christian Breunig | |
container: T4014: Add `command`, `arg` and `entrypoint` configuration options for containers | |||
2023-02-28 | Merge pull request #1853 from sever-sever/T5033 | Christian Breunig | |
T5033: Ability to generate muliple keys from a file or link | |||
2023-02-27 | openvpn: T4770: fix tabulate output in _format_openvpn | John Estabrook | |
2023-02-27 | openconnect: T4955: Renamed function and changed error messages | aapostoliuk | |
Renamed local function to be identical to 1.3 ver Changed error messages after commit to be identical to 1.3 ver | |||
2023-02-27 | Merge pull request #1644 from aapostoliuk/T4790-sagitta | Viacheslav Hletenko | |
T4790: Added check of the sum of radius timeouts | |||
2023-02-27 | T5033: Ability to generate muliple keys from a file or link | Viacheslav Hletenko | |
We generate only one public key (string) from a file xxx.pub op-mode with 'generate public-key-command user vyos lik_to_key_file' Add ability to generate configuration (from op-mode) for multiple keys As github keys don't use identifiers, generate uuid4 id for them | |||
2023-02-26 | graphql: T4979: add user info to token request | John Estabrook | |
2023-02-26 | T4997: add dhcp client user hooks | bri | |
This commit adds a script to run user-defined hook scripts upon renewing a DHCP lease. This can be used to, for example, dynamically define a firewall address-group based on the dynamic IP address of an interface. For an example of its use (as well as the use case I had in mind while coding this), see https://vyos.dev/T2196#142394 Co-authored-by: br <git@ibeep.com> | |||
2023-02-25 | tunnel: T5034: migrate "multicast enable" CLI node to enable-multicast | Christian Breunig | |
Tunnel interface multicast settings can be "enabled or disabled". As we prefer valueless nodes, and the linux kernel default is "disabled" we should add a set interfaces tunnel tunXX enable-multicast command | |||
2023-02-25 | python: T5026: Replace deprecated Python modules crypt, spwd | sarthurdev | |
DeprecationWarning: 'crypt' is deprecated and slated for removal in Python 3.13 DeprecationWarning: 'spwd' is deprecated and slated for removal in Python 3.13 | |||
2023-02-24 | login: T1948: drop absolut path to /usr/libexec/vyos, re-use vyos.defaults | Christian Breunig | |
2023-02-24 | http-api: T5030: fix missing check on delete keys id tag or key value | John Estabrook | |
2023-02-24 | Merge pull request #1847 from aapostoliuk/T4985-2-sagitta | Christian Breunig | |
ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library | |||
2023-02-24 | ipsec: T4985: Changed 'reset vpn ipsec-peer' to use vici library | aapostoliuk | |
1. Changed reset IPSEC, IKE SAs to use vici library. 2. Created package vyos.ipsec to communicate with vici library. | |||
2023-02-23 | Merge pull request #1829 from sever-sever/T5013 | Daniil Baturin | |
T5013: Extend accelppp op-mode script to get statistic | |||
2023-02-22 | T5025: Fix timezones and validator use timedatectl | Viacheslav Hletenko | |
Fix timezones completion help and validotor Use 'timedatectl' insted of find zoneinfo | |||
2023-02-22 | openconnect: T5023: Conf script missing optional config parameter | sarthurdev | |
2023-02-22 | Merge pull request #1839 from sarthurdev/ipsec | Christian Breunig | |
ipsec: T4593: Remove references to deleted variables | |||
2023-02-22 | ipsec: T4593: Remove references to deleted variables | sarthurdev | |
2023-02-21 | Merge pull request #1835 from sever-sever/T5020 | Christian Breunig | |
T5020: Extend openvpn op-mode to get list of configured clients | |||
2023-02-21 | T4978: Default values of port rewrite default container values | Viacheslav Hletenko | |
As we have the same variable name 'default_values' for container name, port and volume, it rewrites default container parameters with default port parameters Fix it | |||
2023-02-20 | T5020: Extend openvpn op-mode to get list of configured clients | Viacheslav Hletenko | |
Extend openvpn.py op-mode script to get list of configured clients for the '--raw' output | |||
2023-02-18 | T5013: Extend accelppp op-mode script to get statistic | Viacheslav Hletenko | |
Extend accelppp.py op-mode script to get subnet/start/stop/gateway/client_ip_pool/ etc info from the configuration | |||
2023-02-15 | Merge pull request #1817 from sarthurdev/bookworm | Christian Breunig | |
debian: T5003: Upgrade base system to Debian 12 "Bookworm" | |||
2023-02-15 | Merge pull request #1821 from sarthurdev/ipsec | Christian Breunig | |
ipsec: T4593: Migrate and remove legacy `include-ipsec` nodes | |||
2023-02-15 | ipsec: T4593: Migrate and remove legacy `include-ipsec` nodes | sarthurdev | |
Not supported with swanctl | |||
2023-02-14 | http-api: T5006: add explicit async to retrieve/configure methods | John Estabrook | |
2023-02-14 | strongSwan: T4593: move to charon-systemd | Christian Breunig | |
2023-02-14 | ipsec: T4985: Fixed 'reset vpn ipsec-peer {peer}' command | aapostoliuk | |
Fixed 'reset vpn ipsec-peer {peer}' command. The op-mode script uses value 'None' in the 'tunnel' parameter to clear all CHILD SAs. | |||
2023-02-13 | debian: T5003: Fixes dynamic DNS for Bookworm | sarthurdev | |
2023-02-13 | debian: T5003: Update XDP for latest libbpf | sarthurdev | |
2023-02-13 | debian: T5003: Fixes for Debian Bookworm | sarthurdev | |
* DH params of 256 length no longer supported |