| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-07-31 | sysctl: T671: add missing net.ipv6.route.skip_notify_on_dev_down setting | Christian Poessinger | |
| Recommended by FRR best deafults https://github.com/FRRouting/frr/blob/master/doc/user/Useful_Sysctl_Settings.md | |||
| 2021-07-30 | Merge pull request #949 from sever-sever/T1176-curr | Christian Poessinger | |
| bgp: T1176: Add solo option for neighbor | |||
| 2021-07-30 | router-advert: T2745: use template common coding style in for loops | Christian Poessinger | |
| 2021-07-30 | bgp: T1176: Add solo option for neighbor | Viacheslav | |
| 2021-07-30 | Merge pull request #947 from bstepler/T3694 | Christian Poessinger | |
| configd: T3694: always set script.argv | |||
| 2021-07-30 | vyos.util: drop custom implementations in favor of is_systemd_service_running() | Christian Poessinger | |
| Commit f520182b ("vyos.util: add is_systemd_service_running() helper function") added a new helper function that can be used to check if a systemd service is running. Drop all custom implementations in favor of this library call. | |||
| 2021-07-30 | vyos.util: add is_systemd_service_running() helper function | Christian Poessinger | |
| Test is a specified systemd service is actually running. Returns True if service is running, false otherwise. | |||
| 2021-07-29 | configd: T3694: always set script.argv | Brandon Stepler | |
| Several scripts imported by vyos-configd (including src/conf_mode/protocols_static.py) rely on argv for operating on VRFs. Always setting script.argv in src/services/vyos-configd ensures those scripts will operate on the default VRF when called with no arguments. Otherwise, a stale argv might cause those scripts to operate on the last modified VRF instead of the default VRF. | |||
| 2021-07-29 | ipsec: T1210: add op-mode command to print Windows connection profile | Christian Poessinger | |
| 2021-07-29 | Merge pull request #945 from DmitriyEshenko/1x-29072021-01 | Daniil Baturin | |
| dhcp-server: T2432: Run dhcpd in group vyattacfg to allow recreate le… | |||
| 2021-07-29 | dhcp-server: T2432: Run dhcpd in group vyattacfg to allow recreate lease files | DmitriyEshenko | |
| 2021-07-27 | ipsec: T3705: bugfix for VTI interfaces no honoring default-esp-group | Christian Poessinger | |
| 2021-07-26 | smoketest: config: azure: also utilize "default-esp-group" feature | Christian Poessinger | |
| 2021-07-26 | ipsec: T1210: remote-access connections only work with IKEv2 | Christian Poessinger | |
| 2021-07-26 | ipsec: T1210: extend support for iOS profile generation | Christian Poessinger | |
| $ generate ipsec mac-ios-profile <connection> remote <ip> | |||
| 2021-07-25 | tunnel: T3366: re-order migration scripts | Christian Poessinger | |
| The migrator from 20-to-21 is required as 19-to-20 on VyOS 1.3 - thus simply rename/reorder the two migrators to not break things the hard way when upgrading from 1.3 -> 1.4. | |||
| 2021-07-25 | ifconfig: T2653: obey conding style | Christian Poessinger | |
| 2021-07-25 | xml: tunnel: use source-interface building block | Christian Poessinger | |
| 2021-07-25 | ipsec: T1210: add RADIUS authentication for remote-access IKEv2 VPN | Christian Poessinger | |
| set vpn ipsec remote-access connection rw authentication client-mode 'eap-radius' set vpn ipsec remote-access connection rw authentication id '192.0.2.1' set vpn ipsec remote-access connection rw authentication server-mode 'x509' set vpn ipsec remote-access connection rw authentication x509 ca-certificate 'CAcert_Class_3_Root' set vpn ipsec remote-access connection rw authentication x509 certificate 'vyos' set vpn ipsec remote-access connection rw esp-group 'ESP-RW' set vpn ipsec remote-access connection rw ike-group 'IKE-RW' set vpn ipsec remote-access connection rw local-address '192.0.2.1' set vpn ipsec remote-access connection rw pool 'ra-rw-ipv4' set vpn ipsec remote-access connection rw unique 'never' set vpn ipsec remote-access pool ra-rw-ipv4 name-server '192.0.2.2' set vpn ipsec remote-access pool ra-rw-ipv4 prefix '192.168.22.0/24' set vpn ipsec remote-access radius nas-identifier 'fooo' set vpn ipsec remote-access radius server 172.16.100.10 key 'secret' | |||
| 2021-07-25 | xml: add building block for RADIUS nas-identifier | Christian Poessinger | |
| 2021-07-25 | ipsec: T1210: move DHCP server configuration unter remote-access node | Christian Poessinger | |
| As this is only related to remote-access, keeping it under "options" simply feels wrong. | |||
| 2021-07-23 | Merge pull request #939 from sarthurdev/pki_file | Christian Poessinger | |
| pki: T3642: Add ability to write generated certificates/keys to files | |||
| 2021-07-23 | frr: T2175: remove no longer required loop when removing routing protocols | Christian Poessinger | |
| 2021-07-23 | login: T3699: verify system username does not conflict with Linux base users | Christian Poessinger | |
| (cherry picked from commit 7292631373ea50f9908796ef2eda32e672d1df2e) | |||
| 2021-07-23 | pki: T3642: Add ability to write generated certificates/keys to specified ↵ | sarthurdev | |
| filenames | |||
| 2021-07-22 | op-mode: xml: rename definition file for "generate wireguard" command | Christian Poessinger | |
| 2021-07-22 | pki: wireguard: T3642: remove obsolete op-mode script | Christian Poessinger | |
| As the keys are now stored inside the CLI configuration and no longer in a file on the filesystem, this command is no longer required. Also there are dedicated CLI commands available to display the additional Wireguard information. - show interfaces wireguard wg10 - show interfaces wireguard wg10 summary | |||
| 2021-07-22 | pki: wireguard: T3642: remove obsolete "show wireguard keypairs" command | Christian Poessinger | |
| As the keys are now stored inside the CLI configuration and no longer in a file on the filesystem, this command is no longer required. | |||
| 2021-07-22 | pki: wireguard: T3642: remove obsolete "delete wireguard keypair" command | Christian Poessinger | |
| As the keys are now stored inside the CLI configuration and no longer in a file on the filesystem, this command is no longer required. | |||
| 2021-07-22 | Merge pull request #937 from jack9603301/T3698 | Christian Poessinger | |
| bridge: op-mode: T3698: Support bridge monitoring | |||
| 2021-07-22 | pki: wireguard: T3642: add new op-mode command for public-key | Christian Poessinger | |
| Per interface public-key can now be retrieved via: vyos@vyos:~$ show interfaces wireguard wg10 public-key +XZr0oUjYRQuB/kcO1f+puOjKkiOWBG8eZX1Jpyq2n0= | |||
| 2021-07-22 | xml: op-mode: move "show interfaces wireguard" to dedicated file | Christian Poessinger | |
| 2021-07-23 | bridge: op-mode: T3698: Support bridge monitoring | jack9603301 | |
| 2021-07-22 | ipsec: T2816: remove "auto-update" CLI option | Christian Poessinger | |
| Update/refresh of DNS records is now handled internally by Strongswan. | |||
| 2021-07-22 | xml: add building block for "local-users" | Christian Poessinger | |
| 2021-07-22 | Merge pull request #936 from jack9603301/T3667 | Christian Poessinger | |
| bridge: op-mode: T3667: Fix displaying members of a specific bridge interface | |||
| 2021-07-22 | Merge pull request #935 from sarthurdev/pki_https | Christian Poessinger | |
| pki: https: T3642: Migrate HTTPS to use PKI configuration | |||
| 2021-07-23 | bridge: op-mode: T3667: Fix displaying members of a specific bridge interface | jack9603301 | |
| 2021-07-22 | pki: https: T3642: Migrate HTTPS to use PKI configuration | sarthurdev | |
| 2021-07-22 | Merge pull request #934 from sarthurdev/pki_openvpn | Christian Poessinger | |
| pki: openvpn: T3642: Migrate OpenVPN to PKI and refactor | |||
| 2021-07-21 | pki: openvpn: T3642: Migrate OpenVPN to PKI and refactor | sarthurdev | |
| 2021-07-20 | ipsec: T1210: create uuid from empty string in ios profile | Christian Poessinger | |
| 2021-07-20 | ipsec: T1210: add op-mode command for macOS and iOS profile generation | Christian Poessinger | |
| generate ipsec mac-ios-profile <connection> remote <ip|fqdn> will generate a matching IPSec profile which can be loaded on an iOS device. | |||
| 2021-07-20 | Merge pull request #931 from sarthurdev/pki_eapol | Christian Poessinger | |
| pki: eapol: T3642: Migrate EAPoL to use PKI configuration | |||
| 2021-07-20 | pki: eapol: T3642: Migrate EAPoL to use PKI configuration | sarthurdev | |
| 2021-07-20 | pki: T3642: Fix Wireguard migration comment | sarthurdev | |
| 2021-07-20 | Merge pull request #930 from sarthurdev/pki_migration | Christian Poessinger | |
| pki: openconnect: sstp: T3642: Migrate OpenConnect and SSTP to PKI configuration | |||
| 2021-07-20 | pki: sstp: T3642: Migrate SSTP to PKI configuration | sarthurdev | |
| 2021-07-20 | pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configuration | sarthurdev | |
| 2021-07-19 | vrf: T3655: fix potential error when removing VRF connection tracking table | Christian Poessinger | |
| This extends commit 22791e26 ("VRF: T3655: proper connection tracking for VRFs") so that when the netfilter table is removed, we first check if it exists at all, and if it does not exist we do not remove it. This fixes the smoketest error: PermissionError: [Errno 1] failed to run command: nft delete table inet vrf_zones | |||
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) |
| summaryrefslogtreecommitdiff |