Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-05-16 | nat: T2198: do not run DNAT rule if rule is disabled | Christian Poessinger | |
2020-05-16 | nat: T2198: restructure DNAT template | Christian Poessinger | |
Make the entire template more maintainable | |||
2020-05-16 | nat: T2198: verify translation address for SNAT and DNAT | Christian Poessinger | |
2020-05-16 | nat: T2198: extend verify() for destination ports | Christian Poessinger | |
Destination NAT configuration: destination ports can only be specified when protocol is tcp, udp or tcp_udp. | |||
2020-05-16 | nat: T2198: migrate "log enable" node to only "log" | Christian Poessinger | |
2020-05-16 | nat: T2198: add protocol completion helper and regex constraint | Christian Poessinger | |
2020-05-16 | nat: T2198: migrate "show nat" commands to XML and Python | Christian Poessinger | |
- "show nat source|destination statistics" is now implemented in Python - "show nat source|destination rules" needs a new implementation, see T2459 - "show nat source|destination translations" has been copied over from the old repo and is here until it is rewritten, this was not possible for "rules" as there would have been too much dependencies. This one only requires libxml-simple-perl | |||
2020-05-16 | nat: T2198: add some basic verify() rules | Christian Poessinger | |
2020-05-16 | nat: T2198: split nat-address-port include into individual files | Christian Poessinger | |
2020-05-16 | nat: T2198: add ipv4-{address,prefix,rage}-exclude validators | Christian Poessinger | |
Exclude validators are required to support the ! (not) operator on the CLI to exclude addresses from NAT. | |||
2020-05-16 | nat: T2198: add new ipv4-range validator | Christian Poessinger | |
2020-05-16 | nat: T2198: make use of jmespath when walking nftables JSON output | Christian Poessinger | |
2020-05-16 | nat: T2198: implement deletion of NAT subsystem | Christian Poessinger | |
2020-05-16 | nat: T2198: automatically determine handler numbers | Christian Poessinger | |
When instantiating NAT it is required to isntall some nftable jump targets. The targets need to be added after a specific other target thus we need to dynamically query the handler number. This is done by get_handler() which could be moved to vyos.util at a later point in time so it can be reused for a firewall rewrite. | |||
2020-05-16 | nat: T2198: move from iptables to nftables | Christian Poessinger | |
2020-05-16 | nat: T2198: migrate to common template for source/destination NAT | Christian Poessinger | |
2020-05-16 | nat: T2198: destination nat template for iptables-restore | Christian Poessinger | |
2020-05-16 | nat: T2198: initial XML and Python representation | Christian Poessinger | |
2020-05-16 | Merge pull request #410 from kroy-the-rabbit/patch-3 | Daniil Baturin | |
T2467: Restarting of service needs a sudo | |||
2020-05-15 | T2467: Restarting of service needs `sudo` | kroy-the-rabbit | |
2020-05-13 | Merge pull request #406 from runborg/T2267 | Christian Poessinger | |
T2267: Versioning: Update version tag from GIT repo | |||
2020-05-13 | Merge pull request #409 from DmitriyEshenko/fix-flow-acct01 | Christian Poessinger | |
flow-accounting: T2456: Replace old function | |||
2020-05-13 | flow-accounting: T2456: Replace old function | DmitriyEshenko | |
2020-05-13 | Merge pull request #408 from kroy-the-rabbit/patch-2 | Daniil Baturin | |
T2449: Fixing key to appropriate one | |||
2020-05-12 | T2449: Fixing key to appropriate one | kroy-the-rabbit | |
2020-05-12 | tunnel: T2449: bugfix KeyError 'address' | Christian Poessinger | |
Commit 9e5c6a935e2f55 ("tunnel: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is set") referenced wrong key in dict. | |||
2020-05-11 | Merge pull request #407 from jjakob/accept-ra-fix-T2449 | Christian Poessinger | |
T2449: set 'accept_ra=2' if 'address dhcpv6' or 'ipv6 address autoconf' is set | |||
2020-05-11 | ifconfig/dhcp: T2449: remove accept_ra logic as it was wrong | Jernej Jakob | |
Currently accept_ra was set to 0 if 'address dhcpv6' was set on an interface. This is wrong, as without RA, the system will get no routes to the DHCPv6-obtained prefix. Since the logic for accept_ra was moved to the interface scripts, it can be removed from the dhclient code. | |||
2020-05-11 | wireless: T2449: set accept_ra on wireless interfaces | Jernej Jakob | |
2020-05-11 | vxlan: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is set | Jernej Jakob | |
To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2 (default for accept_ra is 1). | |||
2020-05-11 | tunnel: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is set | Jernej Jakob | |
To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2 (default for accept_ra is 1). | |||
2020-05-11 | pseudo-ethernet: T2449: set accept_ra on pseudo-ethernet interfaces | Jernej Jakob | |
2020-05-11 | openvpn: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is set | Jernej Jakob | |
To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2 (default for accept_ra is 1). | |||
2020-05-11 | l2tpv3: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is set | Jernej Jakob | |
To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2 (default for accept_ra is 1). | |||
2020-05-11 | ethernet: T2449: set accept_ra on ethernet interfaces | Jernej Jakob | |
2020-05-11 | bridge: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is set | Jernej Jakob | |
To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2 (default for accept_ra is 1). | |||
2020-05-11 | bonding: T2449: set accept_ra on bonding interfaces | Jernej Jakob | |
2020-05-11 | vlan: T2449: set accept_ra on vlan interfaces | Jernej Jakob | |
2020-05-11 | configdict: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is set | Jernej Jakob | |
To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2 (default for accept_ra is 1). | |||
2020-05-11 | interface: T2449: add ability to set accept_ra | Jernej Jakob | |
2020-05-09 | T2267: Versioning: Update version tag from GIT repo | Runar Borge | |
This commit will update the version field of the generated deb package from the git repo version tag. the tag needs to be in the format "vyos/<version>" eg. "vyos/1.2.5" 1.2.5 is then used as the version The version field will be one of the following syntaxes: on a commit: - <version>-<commits from tag>-g<commit id> eg. 1.2.5-4-g23232343 on a commit with unstaged changes: - <version>-<commits from tag>-g<commit id>+dirty eg. 1.2.5-4-g23232343+dirty This will make it clear what state the repo was in when the package was generated. It is possible to remove the number and commit id on the tagged commit, but i've decided to use the same format for all commits tagged or not. as for now the tagged commit will be sufixed with -0-g<commit id> if no valid tag is recieved from `git describe`, the script uses a 0.0 version number. The changelog is also updated to reflext that we dont use it and refers to the Git Changelog and vyos release-notes | |||
2020-05-09 | Merge pull request #405 from kroy-the-rabbit/patch-1 | Daniil Baturin | |
T2441: Fix parse error in TZ validator | |||
2020-05-08 | T2441: Fix parse error | kroy-the-rabbit | |
2020-05-09 | Merge branch 'current' of https://github.com/vyos/vyos-1x into current | Daniil Baturin | |
2020-05-09 | T2431: remove the numeric validator for it now lives in vyos-utils. | Daniil Baturin | |
2020-05-08 | validator: T2417: remove src/validators/mac-address | Christian Poessinger | |
File now provided by vyos-utils | |||
2020-05-08 | Merge pull request #395 from thomas-mangin/T2417 | Christian Poessinger | |
validator: T2417: try to make the code clearer | |||
2020-05-08 | Merge branch 'current' of github.com:thomas-mangin/vyos-1x into T2417 | Thomas Mangin | |
2020-05-08 | Merge pull request #401 from runborg/T2436 | Christian Poessinger | |
T2436: Adding offline python compile to fetch syntax faults | |||
2020-05-08 | Merge branch 'dhcpd-permissions-T2432' of https://github.com/jjakob/vyos-1x ↵ | Christian Poessinger | |
into current * 'dhcpd-permissions-T2432' of https://github.com/jjakob/vyos-1x: dhcp-server, dhcpv6-server: T2432: chown lease file to nobody:nogroup |