8 files changed, 148 insertions, 26 deletions
diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x
-Subproject 96656b1a7bb7166c923a45d1333d7e7c7add551
+Subproject cf1156a60e1d03a752cde0baadbc9ac8118b2a5
diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst
index 4358b4b3..f54a7a3e 100644
--- a/docs/changelog/1.3.rst
+++ b/docs/changelog/1.3.rst
@@ -8,6 +8,45 @@
    _ext/releasenotes.py
 
 
+2021-02-21
+==========
+
+* :vytask:`T3163` (feature): ethernet ring-buffer can be set with an invalid value
+* :vytask:`T2521` (bug): Need to restart pdns-recursor to check new entries in /etc/hosts
+
+
+2021-02-20
+==========
+
+* :vytask:`T2647` (default): ipsec disableuniqreqids generate a wrong ipsec.conf
+
+
+2021-02-19
+==========
+
+* :vytask:`T3326` (bug): OSPFv3: Cannot add L2TPv3 interface
+* :vytask:`T2061` (bug): protocol logs not sent to remote syslog
+
+
+2021-02-18
+==========
+
+* :vytask:`T3259` (default): many dnat rules makes the vyos http api crash, even showConfig op timeouts
+
+
+2021-02-17
+==========
+
+* :vytask:`T3047` (bug): OSPF : virtual-link and passive-interface default parameters does not work together
+* :vytask:`T3312` (feature): SolarFlare NICs support
+
+
+2021-02-16
+==========
+
+* :vytask:`T3318` (feature): Update Linux Kernel to v5.4.99 / 5.10.17
+
+
 2021-02-14
 ==========
 
diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst
index 273f5c68..96d80b26 100644
--- a/docs/changelog/1.4.rst
+++ b/docs/changelog/1.4.rst
@@ -8,6 +8,40 @@
    _ext/releasenotes.py
 
 
+2021-02-21
+==========
+
+* :vytask:`T3331` (bug): Bgp unsuppress-map should be as "value leafNode"
+* :vytask:`T3330` (bug): Bgp capability orf prefix-list fail
+* :vytask:`T3163` (feature): ethernet ring-buffer can be set with an invalid value
+
+
+2021-02-19
+==========
+
+* :vytask:`T3326` (bug): OSPFv3: Cannot add L2TPv3 interface
+* :vytask:`T3332` (bug): BGP unnumbered - UnboundLocalError: local variable 'peer_group' referenced before assignment
+
+
+2021-02-18
+==========
+
+* :vytask:`T3259` (default): many dnat rules makes the vyos http api crash, even showConfig op timeouts
+
+
+2021-02-17
+==========
+
+* :vytask:`T3312` (feature): SolarFlare NICs support
+
+
+2021-02-16
+==========
+
+* :vytask:`T3313` (bug): ospfv3 interface missing options
+* :vytask:`T3318` (feature): Update Linux Kernel to v5.4.99 / 5.10.17
+
+
 2021-02-15
 ==========
 
diff --git a/docs/configuration/interfaces/macsec.rst b/docs/configuration/interfaces/macsec.rst
index 2bf643aa..9a20c425 100644
--- a/docs/configuration/interfaces/macsec.rst
+++ b/docs/configuration/interfaces/macsec.rst
@@ -27,14 +27,11 @@ Common interface configuration
 MACsec options
 ==============
 
-.. cfgcmd:: set interfaces macsec <interface> security cipher [gcm-aes-128]
+.. cfgcmd:: set interfaces macsec <interface> security cipher <gcm-aes-128|gcm-aes-256>
 
   Select cipher suite used for cryptographic operations. This setting is
   mandatory.
 
-  .. note:: gcm-aes-256 support planned once iproute2 package is updated to
-     version >=5.2.
-
 .. cfgcmd:: set interfaces macsec <interface> security encrypt
 
   MACsec only provides authentication by default, encryption is optional. This
diff --git a/docs/configuration/interfaces/tunnel.rst b/docs/configuration/interfaces/tunnel.rst
index d2d63ce2..36b1d70b 100644
--- a/docs/configuration/interfaces/tunnel.rst
+++ b/docs/configuration/interfaces/tunnel.rst
@@ -32,8 +32,8 @@ An example:
 .. code-block:: none
 
   set interfaces tunnel tun0 encapsulation ipip
-  set interfaces tunnel tun0 local-ip 192.0.2.10
-  set interfaces tunnel tun0 remote-ip 203.0.113.20
+  set interfaces tunnel tun0 source-address 192.0.2.10
+  set interfaces tunnel tun0 remote 203.0.113.20
   set interfaces tunnel tun0 address 192.168.100.200/24
 
 IP6IP6
@@ -50,8 +50,8 @@ An example:
 .. code-block:: none
 
   set interfaces tunnel tun0 encapsulation ip6ip6
-  set interfaces tunnel tun0 local-ip 2001:db8:aa::1
-  set interfaces tunnel tun0 remote-ip 2001:db8:aa::2
+  set interfaces tunnel tun0 source-address 2001:db8:aa::1
+  set interfaces tunnel tun0 remote 2001:db8:aa::2
   set interfaces tunnel tun0 address 2001:db8:bb::1/64
 
 IPIP6
@@ -67,8 +67,8 @@ An example:
 .. code-block:: none
 
   set interfaces tunnel tun0 encapsulation ipip6
-  set interfaces tunnel tun0 local-ip 2001:db8:aa::1
-  set interfaces tunnel tun0 remote-ip 2001:db8:aa::2
+  set interfaces tunnel tun0 source-address 2001:db8:aa::1
+  set interfaces tunnel tun0 remote 2001:db8:aa::2
   set interfaces tunnel tun0 address 192.168.70.80/24
 
 6in4 (SIT)
@@ -89,8 +89,8 @@ An example:
 .. code-block:: none
 
   set interfaces tunnel tun0 encapsulation sit
-  set interfaces tunnel tun0 local-ip 192.0.2.10
-  set interfaces tunnel tun0 remote-ip 192.0.2.20
+  set interfaces tunnel tun0 source-address 192.0.2.10
+  set interfaces tunnel tun0 remote 192.0.2.20
   set interfaces tunnel tun0 address 2001:db8:bb::1/64
 
 A full example of a Tunnelbroker.net config can be found at
@@ -112,8 +112,8 @@ over either IPv4 (gre) or IPv6 (ip6gre).
 Configuration
 ^^^^^^^^^^^^^
 
-A basic configuration requires a tunnel source (local-ip), a tunnel destination
-(remote-ip), an encapsulation type (gre), and an address (ipv4/ipv6).Below is a
+A basic configuration requires a tunnel source (source-address), a tunnel destination
+(remote), an encapsulation type (gre), and an address (ipv4/ipv6).Below is a
 basic IPv4 only configuration example taken from a VyOS router and a Cisco IOS
 router. The main difference between these two configurations is that VyOS
 requires you explicitly configure the encapsulation type. The Cisco router
@@ -125,8 +125,8 @@ defaults to gre ip otherwise it would have to be configured as well.
 
   set interfaces tunnel tun100 address '10.0.0.1/30'
   set interfaces tunnel tun100 encapsulation 'gre'
-  set interfaces tunnel tun100 local-ip '198.51.100.2'
-  set interfaces tunnel tun100 remote-ip '203.0.113.10'
+  set interfaces tunnel tun100 source-address '198.51.100.2'
+  set interfaces tunnel tun100 remote '203.0.113.10'
 
 **Cisco IOS Router:**
 
@@ -147,8 +147,8 @@ and a Linux host using systemd-networkd.
   set interfaces tunnel tun101 address '2001:db8:feed:beef::1/126'
   set interfaces tunnel tun101 address '192.168.5.1/30'
   set interfaces tunnel tun101 encapsulation 'ip6gre'
-  set interfaces tunnel tun101 local-ip '2001:db8:babe:face::3afe:3'
-  set interfaces tunnel tun101 remote-ip '2001:db8:9bb:3ce::5'
+  set interfaces tunnel tun101 source-address '2001:db8:babe:face::3afe:3'
+  set interfaces tunnel tun101 remote '2001:db8:9bb:3ce::5'
 
 **Linux systemd-networkd:**
 
@@ -189,15 +189,15 @@ An example:
 
 .. code-block:: none
 
-   set interfaces tunnel tun0 local-ip 192.0.2.10
-   set interfaces tunnel tun0 remote-ip 192.0.2.20
+   set interfaces tunnel tun0 source-address 192.0.2.10
+   set interfaces tunnel tun0 remote 192.0.2.20
    set interfaces tunnel tun0 address 10.40.50.60/24
    set interfaces tunnel tun0 parameters ip key 10
-  
+
 .. code-block:: none
 
-   set interfaces tunnel tun0 local-ip 192.0.2.10
-   set interfaces tunnel tun0 remote-ip 192.0.2.20
+   set interfaces tunnel tun0 source-address 192.0.2.10
+   set interfaces tunnel tun0 remote 192.0.2.20
    set interfaces tunnel tun0 address 172.16.17.18/24
    set interfaces tunnel tun0 parameters ip key 20
 
@@ -211,7 +211,7 @@ to make sure the configuration performs as expected. A common cause for GRE
 tunnels to fail to come up correctly include ACL or Firewall configurations
 that are discarding IP protocol 47 or blocking your source/desintation traffic.
 
-**1. Confirm IP connectivity between tunnel local-ip and remote-ip:**
+**1. Confirm IP connectivity between tunnel source-address and remote:**
 
 .. code-block:: none
 
diff --git a/docs/configuration/service/index.rst b/docs/configuration/service/index.rst
index fb194239..96660e91 100644
--- a/docs/configuration/service/index.rst
+++ b/docs/configuration/service/index.rst
@@ -19,6 +19,7 @@ Service
    mdns
    pppoe-server
    router-advert
+   salt-minion
    snmp
    ssh
    tftp-server
diff --git a/docs/configuration/service/salt-minion.disable b/docs/configuration/service/salt-minion.disable
deleted file mode 100644
index 63df57a4..00000000
--- a/docs/configuration/service/salt-minion.disable
+++ /dev/null
@@ -1,2 +0,0 @@
-salt-minion
-###########
-\ No newline at end of file
diff --git a/docs/configuration/service/salt-minion.rst b/docs/configuration/service/salt-minion.rst
new file mode 100644
index 00000000..aa747c36
--- /dev/null
+++ b/docs/configuration/service/salt-minion.rst
@@ -0,0 +1,53 @@
+.. _saltminion:
+
+###########
+Salt-Minion
+###########
+
+SaltStack_ is Python-based, open-source
+software for event-driven IT automation, remote task execution, and 
+configuration management. Supporting the "infrastructure as code" 
+approach to data center system and network deployment and management, 
+configuration automation, SecOps orchestration, vulnerability remediation,
+and hybrid cloud control.
+
+
+************
+Requirements
+************
+
+To use the Salt-Minion, a running Salt-Master is required. You can find more
+in the `Salt Poject Documentaion
+<https://docs.saltproject.io/en/latest/contents.html>`_
+
+*************
+Configuration
+*************
+
+.. cfgcmd:: set service salt-minion hash <type>
+
+   The hash type used when discovering file on master server (default: sha256)
+
+.. cfgcmd:: set service salt-minion id <id>
+
+   Explicitly declare ID for this minion to use (default: hostname)
+
+.. cfgcmd:: set service salt-minion interval <1-1440>
+
+   Interval in minutes between updates (default: 60)
+
+.. cfgcmd:: set service salt-minion master <hostname | IP>
+
+    The hostname or IP address of the master
+
+.. cfgcmd:: set service salt-minion master-key <key>
+
+    URL with signature of master for auth reply verification
+
+
+Please take a look in the Automation section to find some usefull
+Examples.
+
+
+
+.. _SaltStack: https://saltproject.io/
+\ No newline at end of file