Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-04-04 | T5142: Add audit tool to monitor security-relevant events | Viacheslav Hletenko | |
2023-04-03 | Merge pull request #1932 from sever-sever/T5125 | Christian Breunig | |
T5125: Sflow op-mode add event_samples_suppressed option | |||
2023-04-03 | Merge pull request #1934 from sever-sever/T5141 | Christian Breunig | |
T5141: Add numbers for dhclient-exit-hooks.d to enforce order | |||
2023-04-03 | Merge pull request #1933 from sever-sever/T5139 | Christian Breunig | |
T5139: IPSec add IKE lifetime 0 for no rekeying | |||
2023-04-03 | T5141: Add numbers for dhclient-exit-hooks.d to enforce order | Viacheslav Hletenko | |
Add numbers for all dhclient-exit-hooks.d to enforce script order execution Also, move '99-run-user-hooks' to '98-run-user-hooks' due to vyatta-dhclient-hook bug and exit with 'exit 1' it is described in the https://vyos.dev/T4856, so we should move this hook to the end. Rename 'vyatta-dhclient-hook' to '99-vyatta-dhclient-hook' | |||
2023-04-03 | T5139: IPSec add IKE lifetime 0 for no rekeying | Viacheslav Hletenko | |
IKE lifetime should starting from 0 for disabling rekeying | |||
2023-04-03 | T5125: Sflow op-mode add event_samples_suppressed option | Viacheslav Hletenko | |
Add "Packet drops suppressed" option Rename "Samples drop events sent" to "Packet drops sent" | |||
2023-04-02 | container: T5134: support binding container network to specific VRF | Christian Breunig | |
Container networks now can be bound to a specific VRF instance. set vrf name <foo> table <xxx> set container network <name> vrf <foo> | |||
2023-04-02 | xml: re-use generic-description.xml.i building block whenever possible | Christian Breunig | |
Remove redundant XML CLI node definitions for the common description node by referencing the common building block. | |||
2023-04-01 | Merge pull request #1929 from sever-sever/T5125 | Christian Breunig | |
T5125: Extend op-mode show sflow add new metric | |||
2023-04-01 | T5125: Extend op-mode show sflow add new metric | Viacheslav Hletenko | |
Add new metric, the number of packet-drop-events sent | |||
2023-04-01 | container: T4959: bugfix credential validation on registries | Christian Breunig | |
Commit fe82d86d ("container: T4959: add registry authentication option") looked up the wrong config dict level when validating that both username and password need to be specified when registries are in use. | |||
2023-04-01 | container: T5082: switch to netavark network stack | Christian Breunig | |
We now support assigning discrete IPv6 addresses to a container. | |||
2023-04-01 | container: T5047: bugfix TypeError: argument of type 'NoneType' is not iterable | Christian Breunig | |
Commit 52e51ffb ("container: T5047: restart only containers that changed") started to iterate over a NoneType which is invalid. This happened when a network description was changed but no container was due for restart. | |||
2023-04-01 | xml: include building block file name should end with .i and not .in | Christian Breunig | |
2023-04-01 | isis: op-mode: T5132: bugfix VRF commands for route and neighbor | Christian Breunig | |
show isis vrf <name> neighbor|route did not call the vtysh wrapper but instead always called the commands for the default routing table. | |||
2023-04-01 | Merge pull request #1926 from aapostoliuk/T5093-sagitta | Christian Breunig | |
ipsec: T5093: Fixed 'reset vpn ipsec profile' command | |||
2023-04-01 | xml: T5128: streamline help string for interface CLI node building blocks | Christian Breunig | |
2023-04-01 | xml: allow-client: T5126: re-use new building block also for NTP service | Christian Breunig | |
2023-03-31 | Merge pull request #1920 from jestabro/https-allow-client | Viacheslav Hletenko | |
http-api: T5126: allow restricting client IP address | |||
2023-03-31 | http-api: T5126: allow restricting client IP address | John Estabrook | |
2023-03-31 | Merge pull request #1922 from nicolas-fort/T5128 | Christian Breunig | |
T5128: Policy Route: allow wildcard on interface | |||
2023-03-31 | Merge pull request #1927 from sever-sever/T5125 | Christian Breunig | |
T5125: Add op-mode for sFlow based on hsflowd | |||
2023-03-31 | T5125: Add op-mode for sFlow based on hsflowd | Viacheslav Hletenko | |
Add op-mode for sFlow based on hsflowd "show sflow" Add machine readable format '--raw' and formatted output | |||
2023-03-31 | T5128: Add contraint for firewall interface. Also update smoketest to ↵ | Nicolas Fort | |
include at least one wildcarded interface | |||
2023-03-31 | T5128: Policy Route: allow wildcard on interface | Nicolas Fort | |
2023-03-31 | Merge pull request #1925 from sever-sever/T4173-smoketest | Viacheslav Hletenko | |
T4173: Fix smoketest for load-balancing wan | |||
2023-03-31 | Merge pull request #1924 from fett0/T5131 | Christian Breunig | |
T5131: fix op-mode show isis segment-routing prefix-sids | |||
2023-03-30 | T5131: fix op-mode show isis segment-routing prefix-sids | fett0 | |
2023-03-30 | Merge pull request #1923 from jestabro/fix-template | Christian Breunig | |
interfaces: T5130: remove show_interfaces.py reference and script | |||
2023-03-30 | interfaces: T5130: remove obsoleted show_interfaces.py | John Estabrook | |
2023-03-30 | interfaces: T5130: show/interfaces/node.def defined in vyos-1x | John Estabrook | |
2023-03-30 | ipsec: T5093: Fixed 'reset vpn ipsec profile' command | aapostoliuk | |
Fixed 'reset vpn ipsec profile' command using vici library and new op-mode style. Added ability to use 'reset vpn ipsec profile' command with 'remote-host' option. | |||
2023-03-30 | T4173: Fix smoketest for load-balancing wan | Viacheslav Hletenko | |
Counter jump WANLOADBALANCE was deleted in the commit https://github.com/vyos/vyos-1x/commit/27ca5b9d6d699e201f88ffff41b0a651166b65eb I guess it was done to pass the smoketest even if it broke the load-balance wan feature Fix it | |||
2023-03-29 | Merge pull request #1900 from jestabro/diff-test | Christian Breunig | |
configdiff: T5089: add unit test of config_diff | |||
2023-03-29 | ntp: T3008: start daemon with extended privileges but then drop to _chrony | Christian Breunig | |
2023-03-29 | configdiff: T5089: add unit test | John Estabrook | |
2023-03-29 | configdiff: T5089: add optional arg ordered_values for unit tests | John Estabrook | |
2023-03-29 | configdiff: T5089: add union of configtrees for unit test | John Estabrook | |
2023-03-29 | configtree: T5089: sorting of nodes is now implemented on parsing config | John Estabrook | |
2023-03-29 | Merge pull request #1918 from sever-sever/T5110 | Christian Breunig | |
T5110: Fix op-mode FRR vtysh_pam account validation | |||
2023-03-29 | T5110: Fix op-mode FRR vtysh_pam account validation | Viacheslav Hletenko | |
With FRR 8.5 there is exists file /etc/pam.d/frr With this file by default we have cosmtetic error for any op-mode command $ show ip bgp vtysh_pam: Failed in account validation: Success(0)No BGP prefixes displayed, 0 exist Fix it | |||
2023-03-29 | T5115: bump version dns-forwarding 3 -> 4 | Christian Breunig | |
2023-03-29 | Merge pull request #1915 from indrajitr/pdns-port-round2 | Christian Breunig | |
dns: T5115: Support custom port for name servers for forwarding zones | |||
2023-03-29 | Merge pull request #1916 from jestabro/clear-counters | Christian Breunig | |
interfaces: T4885: add 'clear interfaces counters' to op-mode | |||
2023-03-29 | Merge pull request #1917 from indrajitr/chrony-cleanup | Christian Breunig | |
ntp: T5118: Remove vestigial ntp completion script | |||
2023-03-29 | frr: T5045: remove LimitNOFILESoft | Christian Breunig | |
Commit cb872efb ("frr: T5045: lift LimitNOFILE 1024 -> 4096") added both LimitNOFILE and LimitNOFILESoft parameters for FRR, as "systemctl cat frr.service" showed both versions. During daemon startup systemd complains: Unknown key name 'LimitNOFILESoft' in section 'Service', ignoring. So the key got removed again. | |||
2023-03-28 | ntp: T5118: Remove vestigial ntp completion script | Indrajit Raychaudhuri | |
This isn't used anymore after migration from ntpd to chrony as part of T3008. | |||
2023-03-28 | container: T5047: restart only containers that changed | Christian Breunig | |
By default VyOS used to restart all containers it managed. This makes no sense as it will be service disrupting. Instead only restart the containers that had changes on the CLI beeing made. | |||
2023-03-28 | container: T2216: explicitly select CNI network backend | Christian Breunig | |
As podman is going to use netavark as new default we must explicitly select the old driver until we have migrated to netavark. |