Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-06-11 | openvpn: T5487: Remove eprecated option --cipher for server and client mode | Nataliia Solomko | |
2024-06-10 | Merge pull request #3610 from c-po/ipsec-profile-T6424 | Christian Breunig | |
op-mode: T6424: ipsec: honor certificate CN and CA chain during profile generation | |||
2024-06-10 | Merge pull request #3612 from c-po/haproxy-pki-T6463 | Christian Breunig | |
pki: T6463: reverse-proxy service not reloaded when updating SSL certificate(s) | |||
2024-06-10 | Merge pull request #3613 from c-po/sstpc-T6464 | Christian Breunig | |
pki: T6464: sstpc interface not reloaded when updating SSL certificate(s) | |||
2024-06-10 | Merge pull request #3607 from c-po/firewall-unused-import | Christian Breunig | |
firewall: T3900: T6394: remove unused import | |||
2024-06-09 | op-mode: T6424: ipsec: filter out duplicate CA certificates in Apple IOS profile | Christian Breunig | |
2024-06-09 | op-mode: T6424: ipsec: honor certificate CN and CA chain during profile ↵ | Christian Breunig | |
generation In e6fe6e50a5c ("op-mode: ipsec: T6407: fix profile generation") we fixed support for multiple CAs when dealing with the generation of Apple IOS profiles. This commit extends support to properly include the common name of the server certificate issuer and all it's paren't CAs. A list of parent CAs is automatically generated from the "PKI" subsystem content and embedded into the resulting profile. | |||
2024-06-09 | pki: T6464: sstpc interface not reloaded when updating SSL certificate(s) | Christian Breunig | |
The SSTPC client was not reloaded/restarted with the new SSL certificate(s) after a change in the PKI subsystem. This was due to missing dependencies. | |||
2024-06-09 | pki: T6463: reverse-proxy service not reloaded when updating SSL certificate(s) | Christian Breunig | |
The haproxy reverse proxy was not reloaded/restarted with the new SSL certificate(s) after a change in the PKI subsystem. This was due to missing dependencies. | |||
2024-06-09 | T6449: added pr update trigger (#3596) | Vijayakumar A | |
2024-06-09 | firewall: T3900: T6394: remove unused import | Christian Breunig | |
With commit 770edf016838 ("T3900: T6394: extend functionalities in firewall; move netfilter sysctl timeout parameters defined in conntrack to firewall global-opton section.") the import of the glob module is no longer required. Found my running: make unused-imports | |||
2024-06-09 | Merge pull request #3598 from Embezzle/T6454 | Christian Breunig | |
reverse-proxy: T6454: Set default value of http for haproxy mode | |||
2024-06-07 | Merge pull request #3592 from zdc/T6453-circinus | Daniil Baturin | |
grub: T6453: Fixed GRUB variables parsing | |||
2024-06-07 | reverse-proxy: T6454: Set default value of http for haproxy mode | Alex W | |
2024-06-06 | grub: T6453: Fixed GRUB variables parsing | zsdc | |
To parse variables with `=` a variable name should be limited by alphanumerical characters only. | |||
2024-06-06 | Merge pull request #3589 from natali-rs1985/T6423-current | John Estabrook | |
xml: T6423: enforce priority on nodes having an owner | |||
2024-06-06 | xml: T6423: enforce priority on nodes having an owner | Nataliia Solomko | |
2024-06-06 | T6412: CGNAT fix allocation calcluation for verify (#3585) | Viacheslav Hletenko | |
Fix external address/port allocation for CGN. It fixes some cases where external address/ports can be allocated again to another user. | |||
2024-06-06 | Merge pull request #3578 from nicolas-fort/raw-hook | Daniil Baturin | |
T3900: Add support for raw tables in firewall | |||
2024-06-06 | Merge pull request #3573 from talmakion/bugfix/T6401-2 | Daniil Baturin | |
vxlan: T6401: Avoid calling get_vxlan_vni_filter() unless we need it | |||
2024-06-06 | Merge pull request #3587 from jestabro/config-default-system-version | Daniil Baturin | |
migration: T6006: add system component version to config.boot.default by separating activation from migration | |||
2024-06-05 | migration: T6006: add activation script dir and helper function | John Estabrook | |
2024-06-05 | migration: T6447: add module compose_config | John Estabrook | |
2024-06-05 | migration: T6006: update config.boot.default and move to vyos-1x | John Estabrook | |
2024-06-05 | Merge pull request #3584 from dmbaturin/T6446-display-support-url | Daniil Baturin | |
show version: T6446: display the support URL for LTS builds | |||
2024-06-05 | Merge pull request #3571 from fett0/T6429 | Daniil Baturin | |
isis: T6429: fix isis metric-style configuration missing | |||
2024-06-05 | Merge pull request #3560 from c-po/action-test | Christian Breunig | |
GitHub: add action to build package on PR | |||
2024-06-05 | show version: T6446: display the support URL for LTS builds | Daniil Baturin | |
2024-06-04 | Merge pull request #3582 from talmakion/bugfix/T6431 | Daniil Baturin | |
T6431: op-mode command "monitor traceroute" missing recursive symlink | |||
2024-06-04 | ISIS: T6332: add smoketest option | fett0 | |
2024-06-04 | T3900: T6394: extend functionalities in firewall; move netfilter sysctl ↵ | Nicolas Fort | |
timeout parameters defined in conntrack to firewall global-opton section. | |||
2024-06-04 | T6431: op-mode command monitor traceroute missing recursive symlink | Andrew Topp | |
Likely this was copied from mtr in the past but the symlink wasn't added to the Makefile. I've also swapped the completion help text around to match the commands. | |||
2024-06-03 | Merge pull request #3572 from talmakion/bugfix/T6403 | Daniil Baturin | |
nat64: T6403: validate source prefix for RFC compliance | |||
2024-06-03 | Merge pull request #3579 from h5t4/current | Daniil Baturin | |
bfd: T6440: BFD peer length typo | |||
2024-06-03 | bfd: T6440: BFD peer length typo | Hannes Tamme | |
2024-06-03 | reverse-proxy: T6434: Support additional healthcheck options (#3574) | Alex W | |
2024-06-01 | vxlan: T6401: Avoid calling get_vxlan_vni_filter() unless we need it | Andrew Topp | |
`bridge vni show dev vxlanX` will exit with an error if no VNI filters are installed, but the getter is used even when we haven't installed any. This fix avoids fetching a list of VNI filters unless we know we've created some. | |||
2024-06-01 | nat64: T6403: validate source prefix for RFC compliance | Andrew Topp | |
Simplest fix is to comply with RFC6052. The code change is just masking out the relevant bits and ensuring they're zeroed. | |||
2024-05-31 | isis: T6429: fix isis metric-style configuration missing | fett0 | |
2024-05-31 | Merge pull request #3570 from talmakion/bugfix/T6157 | Daniil Baturin | |
tunnel: T6157: fixing GRE tunnel uniqueness checks | |||
2024-05-31 | Merge pull request #3569 from vyos/feature/T6415-repo-sync-pull_request_target | Daniil Baturin | |
T6415: repo sync using pull_request_target | |||
2024-05-31 | tunnel: T6157: fixing GRE tunnel uniqueness checks | Andrew Topp | |
Unset params would mistakenly match when None and trigger a validation error even when used params were unique. Updated check to ensure unique source-addresses if not None, and that (source-interfaces, source-addresses) are unique together appropriately. | |||
2024-05-31 | T6415: repo sync using pull_request_target | Vijayakumar A | |
2024-05-31 | Merge pull request #3557 from haimgel/T6422/allow-multiple-ns-records | Christian Breunig | |
dns: T6422: allow multiple redundant NS records | |||
2024-05-31 | T5307: QoS - traffic-class-map services (#3492) | Roman Khramshin | |
added new syntax to work with class match filters in QoS policy | |||
2024-05-31 | Merge pull request #3564 from c-po/snmpv3-op-mode | Christian Breunig | |
op-mode: T683: remove superfluous debug print in snmpv3 display code | |||
2024-05-31 | Merge pull request #3563 from Giggum/vyos_t6396 | Christian Breunig | |
conntrack: T6396: correction to helper message for ipv4/ipv6 custom timeout rule | |||
2024-05-31 | GitHub: add action to build package on PR | Christian Breunig | |
2024-05-31 | op-mode: T683: remove superfluous debug print in snmpv3 display code | Christian Breunig | |
This was a leftover from the early days. | |||
2024-05-30 | conntrack: T6396: correction to helper message for custom timeout rule | Giggum | |