Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-09-01 | T5261: Add AWS load-balancing tunnel handler | Viacheslav Hletenko | |
Add AWS load-balancing tunnel handler https://aws.amazon.com/blogs/networking-and-content-delivery/how-to-integrate-linux-instances-with-aws-gateway-load-balancer/ set service aws glb script on-create '/config/scripts/tmp.sh' set service aws glb script on-destroy '/config/scripts/tmp.sh' set service aws glb status format 'simple' set service aws glb status port '8282' set service aws glb threads tunnel '4' set service aws glb threads tunnel-affinity '1-2' set service aws glb threads udp '4' set service aws glb threads udp-affinity '0-3' | |||
2023-08-29 | Debian: T5521: use bash over dash for postinstall script | Christian Breunig | |
2023-08-28 | Debian: T5521: use --no-create-home for TACACS users | Christian Breunig | |
2023-08-28 | Debian: T5521: place AAA users in users group (besides aaa group) | Christian Breunig | |
2023-08-28 | Debian: T5521: both RADIUS and TACACS users belong to aaa group, add group first | Christian Breunig | |
2023-08-28 | Merge pull request #2180 from vfreex/fix-call-hangs | Christian Breunig | |
T5519: Fix `vyos.utils.process.call` hangs | |||
2023-08-28 | T5519: Fix `vyos.utils.process.call` hangs | Yuxiang Zhu | |
See https://vyos.dev/T5519 for more information. | |||
2023-08-27 | Merge pull request #2176 from sarthurdev/T5080 | Christian Breunig | |
firewall: T5080: Disable conntrack unless required by rules | |||
2023-08-27 | Merge pull request #2178 from sarthurdev/labels | Christian Breunig | |
github: Labeler needs to run on `pull_request_target` | |||
2023-08-27 | github: Labeler needs to run on `pull_request_target` | sarthurdev | |
Ref: https://github.com/actions/labeler#permissions | |||
2023-08-27 | Merge pull request #2175 from sarthurdev/labels | Christian Breunig | |
github: Set permissions for label workflow | |||
2023-08-27 | github: Set permissions for label workflow | sarthurdev | |
2023-08-27 | Merge pull request #2174 from sarthurdev/T5018_fix | Christian Breunig | |
qos: T5018: Fix dependents only being set for QoS interfaces | |||
2023-08-27 | qos: T5018: Fix dependents only being set for QoS interfaces | sarthurdev | |
2023-08-26 | firewall: T5080: Disable conntrack unless required by rules | sarthurdev | |
2023-08-26 | Merge pull request #2163 from sarthurdev/firewall_rpfilter | Christian Breunig | |
firewall: T3509: Add support for IPv6 reverse path filtering | |||
2023-08-25 | Merge pull request #2172 from nicolas-fort/T5502 | Christian Breunig | |
T5502: firewall: add validator for interface matcher | |||
2023-08-25 | T5502: firewall: add validator for interface matcher, and allow only ↵ | Nicolas Fort | |
interface-name or interface-group | |||
2023-08-25 | Merge pull request #2169 from sarthurdev/current | Christian Breunig | |
github: Add PR labels to easily identify base branches | |||
2023-08-25 | Merge pull request #2171 from sarthurdev/T5463_fix | Christian Breunig | |
container: T5463: Fixes indentation to publish all port nodes | |||
2023-08-25 | firewall: T5160: Remove unused zone template | sarthurdev | |
2023-08-25 | interface: T3509: Add per-interface IPv6 source validation | sarthurdev | |
2023-08-25 | firewall: T3509: Add support for IPv6 return path filtering | sarthurdev | |
2023-08-25 | container: T5463: Fix iteration to publish all port nodes | sarthurdev | |
2023-08-25 | github: Add PR labels to easily identify base branches | sarthurdev | |
2023-08-24 | Merge pull request #2164 from jestabro/save-config | John Estabrook | |
save-config: T4292: rewrite vyatta-save-config.pl to Python | |||
2023-08-24 | Merge pull request #2165 from sever-sever/T5506 | Christian Breunig | |
T5506: Add link-local IPv6 address for container interfaces | |||
2023-08-24 | T5506: Add link-local IPv6 address for container interfaces | Viacheslav Hletenko | |
Fix for add IPv6 link-local address for container interfaces set container network NET01 prefix '10.0.0.0/24' set container network NET01 prefix '2001:db8:2222::/64' % ip -6 addr show scope link dev pod-NET01 17: pod-NET01: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 inet6 fe80::d89c:dfff:fe1a:8689/64 scope link | |||
2023-08-24 | smoketest: T5447: wpa_supplicant is only run if required | Christian Breunig | |
2023-08-24 | system: T5505: fix zebra route-map is not removed from FRR | Christian Breunig | |
Configuring "set system ip protocol ospf|bgp route-map foo" and commit it installs the route-map into FRR. Removing the CLI configuration "delete system ip protocol" does not remove the route-map from FRR - it stays active. This commit adds the fix and appropriate smoketests extenstion. | |||
2023-08-23 | save-config: T4292: rewrite vyatta-save-config.pl to Python | John Estabrook | |
2023-08-23 | Merge pull request #2139 from dmbaturin/T5449-mss-probing | Christian Breunig | |
system-ip: T5449: add TCP MSS probing options | |||
2023-08-23 | Merge pull request #2159 from c-po/t5491-wifi | Christian Breunig | |
wifi: T5491: allow white-/blacklisting station MAC addresses for security | |||
2023-08-23 | Merge pull request #2160 from sever-sever/T5448 | Christian Breunig | |
T5448: Add configuration host-name for zabbix-agent | |||
2023-08-23 | Merge pull request #2162 from nicolas-fort/T5472 | Christian Breunig | |
T5472: nat redirect: allow redirection without defining redirected port | |||
2023-08-23 | Merge pull request #2161 from sever-sever/T5463 | Christian Breunig | |
T5463: Container allow publish listen-addresses | |||
2023-08-23 | bgp: T3759: add l3vpn "import vrf default" completion helper | Christian Breunig | |
2023-08-23 | vrf: T5428: stop DHCP processes on VRf removal | Christian Breunig | |
This is a workaround for the priority inversion from T5492 ("CLI node priority is not inversed on node deletion"). As this is a corner case bug that's only triggered if an interface is removed from a VRF and also the VRF is removed in one commit, priorities are not honored. Thus we implement this workaround which stop the DHCP(v6) client processes on the VRF associated interfaces to get out the DHCP RELEASE message before interfaces are shut down. | |||
2023-08-23 | vrf: T5428: move helpers to common vyos.utils.network module | Christian Breunig | |
Helper functions can and will be re-use din different code places. | |||
2023-08-23 | Merge pull request #2142 from nicolas-fort/T5450 | Christian Breunig | |
T5450: allow inverted matcher for interface and interface-group | |||
2023-08-23 | T5472: nat redirect: allow redirection without defining redirected port | Nicolas Fort | |
2023-08-23 | T5463: Container allow publish listen-addresses | Viacheslav Hletenko | |
Ability to publish multiple IP/IPv6 addresses for container set container name c1 port web destination '80' set container name c1 port web listen-address '192.0.2.1' set container name c1 port web listen-address '2001:db8:1111::1' set container name c1 port web source '8080' --publish 192.0.2.1:8080:80/tcp --publish [2001:db8:1111::1]:8080:80/tcp | |||
2023-08-23 | T5450: update smoketest and interface definition in order to work with new ↵ | Nicolas Fort | |
firewall cli | |||
2023-08-23 | T5448: Add configuration host-name for zabbix-agent | Viacheslav Hletenko | |
Ability to configure host-name for zabbix-agent set service monitoring zabbix-agent host-name 'r-vyos' | |||
2023-08-23 | Merge pull request #2156 from giga1699/T5447 | Christian Breunig | |
T5447: Initial support for MACsec static keys | |||
2023-08-22 | Merge pull request #2149 from nicolas-fort/T5478 | Viacheslav Hletenko | |
T5478: remove config-trap configuration parser in firewall | |||
2023-08-20 | T5447: Adjust to positive logic in generare() | Giga Murphy | |
2023-08-20 | T5447: Remove redundant self.set_admin_state | Giga Murphy | |
2023-08-20 | T5447: Update copyright years | Giga Murphy | |
2023-08-20 | T5447: Corrected comment in _create header | Giga Murphy | |