| Age | Commit message (Collapse) | Author |
|---|
|
Clients using VyOS as their DNS server and trying to resolve the FQDN of the
router will receive 127.0.1.1 as answer.
set service dns forwarding allow-from '172.16.0.0/12'
set service dns forwarding listen-address '172.31.0.254'
set service dns forwarding negative-ttl '60'
set system domain-name 'vyos.net'
set system host-name 'R1'
Will return:
$ host R1.vyos.net 172.31.0.254
Using domain server:
Name: 172.31.0.254
Address: 172.31.0.254#53
Aliases:
R1.vyos.net has address 127.0.1.1
When it should rather return the real IP address assigned via DNS.
|
|
dhcp-server: T6063: Add `ignore-client-id` to relax client identifier checks for leases
|
|
for leases
|
|
container: T6060: support removing all container images at once via op-mode
|
|
cpo@LR1.wue3:~$ show container image
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/busybox latest 3f57d9401f8d 5 weeks ago 4.5 MB
docker.io/jacobalberty/unifi v7.5 f6df690d6c67 4 months ago 827 MB
docker.io/jacobalberty/unifi v7.4 7838b75ef7b9 7 months ago 786 MB
cpo@LR1.wue3:~$ delete container image
Possible completions:
3f57d9401f8d Delete container image
7838b75ef7b9
all
f6df690d6c67
cpo@LR1.wue3:~$ delete container image all
cpo@LR1.wue3:~$ show container image
REPOSITORY TAG IMAGE ID CREATED SIZE
|
|
container: T5909: move registry login to op-mode
|
|
It does not make sense to perform the "podman login" command when setting up
containers, as images are not automatically pulled in from the registry - due
to issues with the default route during startup.
The same issue manifests in "podman login" where we can not login to a registry
unless there is a default route present.
This commit changes the behavior that the container registry is part of the
configuration, but it is only referenced during "add container image" and thus
never during system boot.
|
|
T6054: WLB: fix rules parsing when using multiple ports in one rule
|
|
|
|
pki: T6055: Cleanup unnecessary sudo, preserve env when sudo is needed
|
|
|
|
|
|
conntrack: T5376: Fix priority for CT helpers
|
|
Ref: https://www.spinics.net/lists/netfilter/msg59549.html
|
|
vyos-event-handler.py: T6048: handling exception when _PID is not found
|
|
T6050: Fixed descriptions of 'extended-scripts' commands in accel-ppp
|
|
Removed word 'PPPoE' from descriptions in common template for all
accel-ppp services.
|
|
|
|
smoketest: T6043: proper cleanup after testcase
|
|
This extends commit dbe8c613b ("bridge: T6043: do not call vxlan dependency if
interface does not exist (yet)") with a proper cleanup of additional interfaces
created during the testrun.
|
|
bridge: T6043: do not call vxlan dependency if interface does not exist (yet)
|
|
op-mode: T5581: add "show ipv6 nht" command
|
|
This improves the implementation to support both IPv4 and IPv6
|
|
In order to keep the proper priority list during system startup and on initial
setup/commit for this feature the dependent VXLAN code should not be called,
if the interface in question does not exist (yet).
|
|
image-tools: T6041: fix logic of is_live_boot to allow for PXE boot
|
|
|
|
login: T5972: add possibility to disable individual local user accounts
|
|
T3722: Fixed L-Time in 'show vpn ike sa' command
|
|
Fixed L-Time in 'show vpn ike sa' command
|
|
* set system login user <name> disable
|
|
T6001: add option to disable next-hop-tracking resolve-via-default
|
|
context
* set vrf name <name> ip nht no-resolve-via-default
* set vrf name <name> ipv6 nht no-resolve-via-default
|
|
* set system ip nht no-resolve-via-default
* set system ipv6 nht no-resolve-via-default
|
|
EDB should be EGP for exterior gateway protocol
|
|
dhcpv6-server: T5993: Extend interface migrator to check VLAN/QinQ
|
|
rpki: T6034: extend config migration testcase
|
|
T6029: Rewritten Accel-PPP services to an identical feature set
|
|
Removed dhcp-interface option (l2tp)
Added wins-server (sstp)
Added description (ipoe, pppoe, sstp, pptp)
Added exteded-script (l2tp, sstp, pptp)
Added shaper (ipoe, pptp, sstp, l2tp)
Added limits (ipoe, pptp, sstp, l2tp)
Added snmp ( ipoe, pptp,sstp, l2tp)
Refactoring and reformated code.
|
|
Commit 0eb4168aa ("eigrp: T2472: improve code for later tests") added a basic
smoketest for EIGRP, which is also run by the CI hence not having a +x bit at
all.
This just deletes the basic smoketest testing for ASN and EIGRP router-id.
We can revert it once it's fixed in FRR upstream.
https://github.com/FRRouting/frr/pull/14765
|
|
|
|
|
|
Updates smoketest config to test migrator change
|
|
T6019: Fix smoketest test_system_conntrack custom timeout
|
|
After updateing netfilter in the commit https://github.com/vyos/vyos-build/commit/b31f5fe934bcb37534d49acdb5f7756bf05422e8
The nftables format for conntrack timeouts is different.
Fix this.
|
|
dhcpv6-server: T5992: Fix op-mode DHCP lease output + updates
|
|
T5928: Change firewall priority to 319
|
|
T5064: Firewall fix RegEx for for domain-group
|
|
bgp: T6032: add EVPN MAC-VRF Site-of-Origin support
|
|
Improve RegEx for firewall domain-groups.
This domain group looks good, but the current RegEx validation
fils:
```
set firewall group domain-group a_aa
```
|
|
|
