Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-08-18 | T3896: Drop cserv local user req, add groupconfig | RageLtMan | |
From ocserv documentation: ``` If the groupconfig option is set, then config-per-user will be overriden, and all configuration will be read from radius. That also includes the Acct-Interim-Interval, and Session-Timeout values. ``` Implement yes/no configuration and parameter handling during jinja rendering. Fix bug wherein openconnect-server configuration requires creation of local user accounts even when RADIUS authentication is used. Testing: Set the groupconfig=yes param and observed change in generated /run/ocserv/ocserv.conf. Removed the local users via `delete vpn openconnect authentication local-users` and observed commit & service operation | |||
2022-08-16 | Merge pull request #1475 from sever-sever/T4613 | Christian Poessinger | |
upnp: T4613: Verify listen key in dictionary | |||
2022-08-16 | Merge pull request #1474 from DaniilHarun/current | Christian Poessinger | |
T4619: Replacing instead of adding a static arp entry | |||
2022-08-16 | upnp: T4613: Verify listen key in dictionary | Viacheslav Hletenko | |
There is no check if 'listen' is exist in the dictionary, fix it Fix odd ValueHelp format | |||
2022-08-16 | T4619: Replacing instead of adding a static arp entry | DaniilHarun | |
2022-08-16 | Merge pull request #1462 from sever-sever/T4596 | Christian Poessinger | |
ocserv: T4596: Rewrite show openconnect sessions op-mode | |||
2022-08-16 | Debian: T4584: remove version number from hostap package requirement | Christian Poessinger | |
2022-08-16 | Merge pull request #1471 from mkorobeinikov/current | Christian Poessinger | |
dhcp-relay: T4601: restart dhcp relay-agent | |||
2022-08-16 | dhcp-relay: T4601: restart dhcp relay-agent | mkorobeinikov | |
The command "restart dhcp relay-agent" doesn't restart "isc-dhcp-relay" service. | |||
2022-08-15 | ocserv: openconnect: T4614: add support for split-dns | Christian Poessinger | |
set vpn openconnect network-settings split-dns <domain> | |||
2022-08-15 | smoketest: ocserv: implement config file validation | Christian Poessinger | |
2022-08-15 | ocserv: T4333: migrate to new vyos_defined Jinja2 test | Christian Poessinger | |
2022-08-15 | Merge pull request #1468 from sever-sever/T4609 | Christian Poessinger | |
container: T4609: Fix restart container | |||
2022-08-15 | container: T4609: Fix restart container | Viacheslav Hletenko | |
Add 2 dashes for arg "name" | |||
2022-08-15 | Merge pull request #1465 from sever-sever/T4595 | Christian Poessinger | |
dmvpn: T4595: Fix dpd profile options | |||
2022-08-11 | Merge pull request #1464 from sever-sever/T4603 | Christian Poessinger | |
l2tp: T4603: Add RADIUS nas-ip-address option | |||
2022-08-10 | dmvpn: T4595: Fix dpd profile options | Viacheslav Hletenko | |
Fix template for configuration DMVPN IKE profile dead-peer-detection delay and dead-peer-detecion timeout options | |||
2022-08-10 | l2tp: T4603: Add RADIUS nas-ip-address option | Viacheslav Hletenko | |
Add l2tp authentication radius nas-ip-address option which will be sent in NAS-IP-Address Radius attribute | |||
2022-08-08 | Merge pull request #1461 from nicolas-fort/nat66-exclude | Christian Poessinger | |
nat66: T4598: Add exclude options in nat66 | |||
2022-08-08 | nat66: T4598: add file nat-exclue.xml.i, which is invoked by nat66.xml.in ↵ | Nicolas Fort | |
and nat-rule.xml.i | |||
2022-08-06 | ocserv: T4596: Rewrite show openconnect sessions op-mode | Viacheslav Hletenko | |
Rewrite "show openconnect-server sessions" to vyos.opmode format Ability to get raw and formatted output Ability to get data via API | |||
2022-08-05 | Merge pull request #1460 from sever-sever/T4597 | Christian Poessinger | |
ocserv: T4597: Check bind port before openconnect commit | |||
2022-08-05 | nat66: T4598: Add exclude options in nat66 | Nicolas Fort | |
2022-08-05 | ocserv: T4597: Check bind port before openconnect commit | Viacheslav Hletenko | |
Check if openconnect listen port is available and not used by another service | |||
2022-08-05 | Merge pull request #1459 from dmbaturin/genop-exn | Viacheslav Hletenko | |
T2719: add an exception hierarchy for op mode errors | |||
2022-08-05 | bgp: T4257: bugfixes after renaming "local-as" to "system-as" | Christian Poessinger | |
2022-08-04 | Merge https://github.com/Cheeze-It/vyos-1x into current | Christian Poessinger | |
* https://github.com/Cheeze-It/vyos-1x: bgp: T4257: Changing BGP "local-as" to "system-as" | |||
2022-08-04 | macsec: T4537: macsec_csindex can be set even without encryption | Christian Poessinger | |
2022-08-04 | smoketest: macsec: T4537: validate macsec_csindex for both AES-GCM-128 and ↵ | Christian Poessinger | |
AES-GCM-256 | |||
2022-08-04 | T2719: add an exception hierarchy for op mode errors | Daniil Baturin | |
2022-08-04 | Merge pull request #1457 from sever-sever/T4586 | Christian Poessinger | |
nat66: T4586: Add SNAT destination prefix and DNAT address | |||
2022-08-04 | macsec: T4592: can not create two interfaces using the same source-interface | Christian Poessinger | |
2022-08-04 | vyos.config.configdict: T4592: only print interface name, not interface dict ↵ | Christian Poessinger | |
on error | |||
2022-08-04 | smoketest: macsec: T4537: verify macsec_csindex | Christian Poessinger | |
2022-08-03 | Merge pull request #1369 from nicolas-fort/T4480 | Daniil Baturin | |
T4480: webproxy: Add safe-ports and ssl-safe-ports for acl squid config | |||
2022-08-03 | nat66: T4586: Add SNAT destination prefix and DNAT address | Viacheslav Hletenko | |
Ability to configure SNAT destination prefix and DNAT source address Add option "!" - not address/prefix for NAT66 | |||
2022-08-03 | validators: T4586: Add IPv6 exclude validators for address/prefix | Viacheslav Hletenko | |
Add IPV6 exclude validators: - ipv6-address-exclude - ipv6-prefix-exclude Will use in nat66 source/destination | |||
2022-08-02 | Merge pull request #1456 from sever-sever/T4585 | Christian Poessinger | |
containers: T4585: Add option restart to containers.py | |||
2022-08-02 | containers: T4585: Add option restart to containers.py | Viacheslav Hletenko | |
Add option restart to `containers.py` | |||
2022-08-02 | Merge pull request #1455 from sever-sever/T4544 | Christian Poessinger | |
graphql: T4544: Add overwritten scripts op-mode-standardized.json | |||
2022-08-02 | graphql: T4544: Add overwritten scripts op-mode-standardized.json | Viacheslav Hletenko | |
Add overwritten scripts to 'op-mode-standardized.json' | |||
2022-08-02 | Merge pull request #1454 from sever-sever/T4585 | Christian Poessinger | |
container: T4585: Rewrite show container | |||
2022-08-02 | container: T4585: Rewrite show container | Viacheslav Hletenko | |
Rewrite op-mode: - show container - show container network - show container image to the new vyos.opmode format | |||
2022-08-02 | macsec: T4537: add mussing macsec_csindex option to support GCM-AES-256 | Christian Poessinger | |
2022-08-02 | hostap: T4584: add Debian specific options to systemd unit files | Christian Poessinger | |
2022-08-01 | macsec: T4537: remove debug falg "-d" from systemd service file | Christian Poessinger | |
2022-08-01 | macsec: T4537: supply PID path via systemd service file to daemon | Christian Poessinger | |
2022-08-01 | macsec: T4391: bugfix config path | Christian Poessinger | |
After commit 85d6c8f7c62 ("vyos.configdict: T4391: enable get_interface_dict() to be used with ConfigTreeQuery()") we also need to use the full path when working with Config() as previous calls to get_interface_dict() no longer change the level of Config(). | |||
2022-08-01 | op-mode: macsec: T4537: add "show|monitor log macsec" CLI commands | Christian Poessinger | |
2022-08-01 | macsec: T4537: restart wpa_supplicant on error | Christian Poessinger | |