Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-07-17 | xml: provide common "pre-shared-secret" include block | Christian Poessinger | |
2021-07-17 | xml: provide common "dhcp-interface" include block | Christian Poessinger | |
2021-07-17 | Merge pull request #924 from sarthurdev/ipsec_l2tp_pki | Christian Poessinger | |
pki: ipsec: l2tp: T2816: T3642: Move IPSec/L2TP code into vpn_ipsec.py and update to use PKI. | |||
2021-07-15 | pki: ipsec: l2tp: T2816: T3642: Move IPSec/L2TP code into vpn_ipsec.py and ↵ | sarthurdev | |
update to use PKI. | |||
2021-07-15 | vyos-1x-vmware: T3682: remove dhclient from ether-resume.py | Yun Zheng Hu | |
dhclient is already handled by netplug so it's removed to avoid double renewing of dhcp leases. | |||
2021-07-14 | Merge pull request #922 from jack9603301/container | Christian Poessinger | |
container: T3662: Set its priority to 1280 | |||
2021-07-14 | Merge pull request #920 from yunzheng/current | Christian Poessinger | |
vyos-1x-vmware: T3681: don't bytecompile ether-resume.py | |||
2021-07-15 | container: T3662: Set its priority to 1280 | jack9603301 | |
Set its priority to 1280 to prevent its configuration failure from affecting the underlying network services | |||
2021-07-14 | vyos-1x-vmware: T3681: don't bytecompile ether-resume.py | Yun Zheng Hu | |
Exclude /vmware-tools/scripts/ from bytecompilation to avoid the `__pycache__` directory being created. | |||
2021-07-13 | Merge branch 'current' of github.com:/vyos/vyos-1x into current | Daniil Baturin | |
2021-07-13 | T3663: remove some unused sleep imports. | Daniil Baturin | |
2021-07-13 | Merge pull request #918 from erkin/current | Christian Poessinger | |
T3679: Update the unexpected exception message | |||
2021-07-13 | T3679: Update the unexpected exception message | erkin | |
2021-07-13 | T3663: use inotify-based watching for the IPsec process restart. | Daniil Baturin | |
2021-07-13 | T3663: add a small sleep between polling for a new inotify event. | Daniil Baturin | |
2021-07-13 | T3663: use inotify-based watching in "show vrrp". | Daniil Baturin | |
2021-07-13 | Merge pull request #917 from yunzheng/current | Christian Poessinger | |
openvpn: T56: remove strict checks for tls cert-file and key-file | |||
2021-07-13 | openvpn: T56: remove strict checks for tls cert-file and key-file | Yun Zheng Hu | |
This makes the tls cert-file and key-file optional and allows for more advanced configurations via "openvpn-option", such as pkcs11 or pkcs12 options. | |||
2021-07-12 | vrf: T31: remove supefluous new-lines for each VRF instance | Christian Poessinger | |
2021-07-12 | vrf: route: static: T2450: we also need to migrate the interface based routes | Christian Poessinger | |
Previously during migration if one had used interface routes, the VRF based ones got not migrated. The following "old" VyOS 1.3 configuration did not get migrated: set protocols static interface-route 10.20.0.0/24 next-hop-interface eth2 next-hop-vrf 'blue' set protocols static interface-route 10.30.0.0/24 next-hop-interface br10 next-hop-vrf 'red' set protocols vrf blue static interface-route 10.0.0.0/24 next-hop-interface eth1 next-hop-vrf 'default' set protocols vrf red static interface-route 10.0.0.0/24 next-hop-interface eth1 next-hop-vrf 'default' set vrf name blue table '3000' set vrf name mgmt table '1000' set vrf name red table '2000' It must get migrated to: set protocols static route 10.20.0.0/24 interface eth2 vrf 'blue' set protocols static route 10.30.0.0/24 interface br10 vrf 'red' set vrf name blue protocols static route 10.0.0.0/24 interface eth1 vrf 'default' set vrf name blue table '3000' set vrf name mgmt table '1000' set vrf name red protocols static route 10.0.0.0/24 interface eth1 vrf 'default' set vrf name red table '2000' | |||
2021-07-12 | op-mode: T427: add "summary" command for WireGuard interface information | Christian Poessinger | |
2021-07-11 | ipsec: T2816: use common "if key in dict:" pattern | Christian Poessinger | |
2021-07-11 | ipsec: T2816: fix NameError | Christian Poessinger | |
Commit a5cd877a0a ("ipsec: T2816: Migrate ipsec-settings.xml.in and charon.conf to vpn_ipsec.py") unfortunately removed the dictionary definition for "data" which is required when running the l2tp handler script. | |||
2021-07-11 | vxlan: T3665: add VRF support | Christian Poessinger | |
2021-07-11 | smoketest: ospf: change passive-interface debugging | Christian Poessinger | |
2021-07-10 | Merge pull request #916 from jack9603301/T3667 | Christian Poessinger | |
bridge: op-mode: T3667: Moving VLANs and modifying XML errors | |||
2021-07-10 | bridge: op-mode: T3667: Fix command line errors | jack9603301 | |
2021-07-10 | bridge: op-mode: T3667: Moving `vlan` to better locations | jack9603301 | |
2021-07-09 | Merge pull request #915 from jack9603301/T3667 | Christian Poessinger | |
bridge: op-mode: T3667: Fix command line errors | |||
2021-07-10 | bridge: op-mode: T3667: Fix command line errors | jack9603301 | |
2021-07-09 | Merge pull request #913 from jack9603301/T3667 | Christian Poessinger | |
op-mode: brctl: T3667: Using bridge command structure instead of brctl | |||
2021-07-09 | op-mode: brctl: T3667: Using `bridge` command structure instead of `brctl` | jack9603301 | |
2021-07-08 | T3663: add pre_hook argument to util.wait_for_inotify | Daniil Baturin | |
When waiting for processes that don't take long, we need add an inotify watcher _before_ starting that process. The pre-hook arguments allows the user to pass a () -> () anonymous function to be called before adding a watch. | |||
2021-07-08 | T3663: fix the call to time.time() to match the new import scheme. | Daniil Baturin | |
2021-07-07 | Merge pull request #912 from sarthurdev/pki_ipsec_rsa | Christian Poessinger | |
pki: T3642: Migrate rsa-keys to PKI configuration | |||
2021-07-07 | pki: T3642: Migrate rsa-keys to PKI configuration | sarthurdev | |
2021-07-06 | Merge pull request #911 from sarthurdev/pki_san | Christian Poessinger | |
pki: ipsec: T3642: T1210: T2816: Add SANs to generated certificates, more IPSec remote-access features and fixes | |||
2021-07-06 | ipsec: T2816: Migrate ipsec-settings.xml.in and charon.conf to vpn_ipsec.py | sarthurdev | |
Also adds check for the charon socket instead of an arbitrary sleep() | |||
2021-07-05 | ipsec: T1210: T1251: Add more features to remote-access connections | sarthurdev | |
- Adds client/server authentication methods. - Adds basic verification to remote-access. - Adds DHCP pool and options to remote-access. - Cleanup unused PKI files. | |||
2021-07-05 | T3663: python3-inotify should be a runtime dependency | John Estabrook | |
2021-07-05 | pki: ipsec: T3642: Fix issue with '.' being present in tag nodes, adds new ↵ | sarthurdev | |
vyos.util method `dict_search_args` to allow for dot characters in keys. | |||
2021-07-05 | pki: T3642: Support for adding SANs on certificate requests | sarthurdev | |
2021-07-04 | Merge pull request #910 from sarthurdev/pki_ext | Christian Poessinger | |
pki: T3642: Add standard extensions to generated certificates | |||
2021-07-04 | pki: T3642: Add standard extensions to generated certificates | sarthurdev | |
2021-07-04 | vyos.util: T3663: move inotify-based imports to function level | Christian Poessinger | |
Keep the vyos.util function clean and not pull in the rest of the world when importing it. | |||
2021-07-04 | Merge pull request #908 from c-po/ipsec-ikev2-remote-access | Christian Poessinger | |
ipsec: T1210: T1251: IKEv2 road-warrior support | |||
2021-07-04 | ipsec: T2816: add completion helper for tunnel interfaces | Christian Poessinger | |
2021-07-04 | T3663: prerequisites for inotify-based watching implementations. | Daniil Baturin | |
2021-07-04 | ipsec: T1210: T1251: add "local" traffic-selector include definition | Christian Poessinger | |
Used by both site2site and remote-access/road-warrior VPN connections. | |||
2021-07-04 | ipsec: T1210: T1251: add remote-access "name-server" definition to pool config | Christian Poessinger | |