| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-06-03 | Merge pull request #4538 from c-po/op-mode-bgp | Daniil Baturin | |
| op-mode: T7509: add "detail" and "wide" modifier for BGP advertised-routes|received-routes | |||
| 2025-06-03 | Merge pull request #4540 from red55/current | Daniil Baturin | |
| openconnect: T7511: bugfix invalid variable name | |||
| 2025-06-03 | Merge pull request #4543 from sever-sever/T7514 | Daniil Baturin | |
| T7514: Fix smoketest QoS burst bytes replaced with kilobytes | |||
| 2025-06-03 | Merge pull request #4512 from dmbaturin/T7459-no-direct-sudo-in-op-mode | John Estabrook | |
| op-mode: T7459: eliminate direct use of sudo in op mode commands | |||
| 2025-06-03 | T7514: Fix smoketest QoS burst bytes replaced with kilobytes | Viacheslav Hletenko | |
| The `tc` output burst size was changed from bytes to kilobytes | |||
| 2025-06-02 | Merge pull request #4537 from sarthurdev/T7237 | Christian Breunig | |
| nat: T7237: Remove expensive NAT address check | |||
| 2025-06-02 | op-mode: T7509: refactor "show bgp" XML definitions to re-usable code blocks | Christian Breunig | |
| 2025-06-02 | openconnect: T7511: ruff format | Leonid Korokh | |
| 2025-06-02 | openconnect: T7511: fix ruff warnings | Leonid Korokh | |
| 2025-06-02 | openconnect: T7511: Correct variable name in accounting checks block | Leonid Korokh | |
| 2025-06-02 | Merge pull request #4539 from indrajitr/firewall-bridge-vlan-aware | Daniil Baturin | |
| T7512: firewall: Modify accepting invalid traffic for VLAN aware bridge | |||
| 2025-06-01 | T7512: Update smoketest for invalid traffic for VLAN aware bridge | Indrajit Raychaudhuri | |
| 2025-06-01 | T7512: firewall: Modify accepting invalid traffic for VLAN aware bridge | Indrajit Raychaudhuri | |
| Allow accepting invalid packets for ethernet types `8021q` and `8021ad` in addition to ARP and UDP types so that stateful bridge firewall works for VLAN-aware bridges in addition to regular bridges. | |||
| 2025-06-01 | op-mode: T7509: add "detail" and "wide" modifier for received-routes | Christian Breunig | |
| show ip bgp neighbors <ip> received-routes [detail [wide]|wide] show bgp neighbors <ip> received-routes [detail [wide]|wide] show bgp ipv4 neighbors <ip> received-routes [detail [wide]|wide] show bgp ipv6 neighbors <ip> received-routes [detail [wide]|wide] show bgp vrf <name> neighbors <ip> received-routes [detail [wide]|wide] show bgp vrf <name> ipv4 neighbors <ip> received-routes [detail [wide]|wide] show bgp vrf <name> ipv6 neighbors <ip> received-routes [detail [wide]|wide] | |||
| 2025-06-01 | op-mode: T7509: add "detail" and "wide" modifier for advertised-routes | Christian Breunig | |
| show ip bgp neighbors <ip> advertised-routes [detail [wide]|wide] show bgp neighbors <ip> advertised-routes [detail [wide]|wide] show bgp ipv4 neighbors <ip> advertised-routes [detail [wide]|wide] show bgp ipv6 neighbors <ip> advertised-routes [detail [wide]|wide] show bgp vrf <name> neighbors <ip> advertised-routes [detail [wide]|wide] show bgp vrf <name> ipv4 neighbors <ip> advertised-routes [detail [wide]|wide] show bgp vrf <name> ipv6 neighbors <ip> advertised-routes [detail [wide]|wide] | |||
| 2025-05-31 | nat: T7237: Remove expensive NAT address check | sarthurdev | |
| 2025-05-30 | Merge pull request #4535 from jestabro/default-commit-confirm-action | John Estabrook | |
| config-mgmt: T7508: use recursive defaults to read commit-confirm action | |||
| 2025-05-30 | config-mgmt: T7508: use recursive defaults to read commit-confirm action | John Estabrook | |
| 2025-05-29 | Merge pull request #4266 from takehaya/T6013-trusted-ca-keys | Christian Breunig | |
| T6013: Add support for AuthorizedPrincipalsFile to trusted_user_ca_key | |||
| 2025-05-29 | Merge pull request #4532 from vyos/c-po-patch-1 | Christian Breunig | |
| VD-277: use YYYY.MM.DD-HHMM-integration version scheme for builds | |||
| 2025-05-29 | VD-277: use YYYY.MM.DD-HHMM-integration version scheme for builds | Christian Breunig | |
| 2025-05-29 | zebra: T7349: Added importing routes from non to the kernel routing table | aapostoliuk | |
| * zebra: T7349: Added importing routes from non to the kernel routing table Added importing routes from non to the kernel routing table. --------- Co-authored-by: Christian Breunig <christian@breunig.cc> | |||
| 2025-05-29 | Merge pull request #4531 from jestabro/commit-confirm-reboot | Christian Breunig | |
| config-mgmt: T7500: fix typo preventing commit-confirm hard rollback | |||
| 2025-05-29 | Merge pull request #4530 from jestabro/api-extend-load-merge | Christian Breunig | |
| http-api: T7498: allow passing config string in body of 'load' or 'merge' request | |||
| 2025-05-29 | ssh: T6013: rename trusted-user-ca-key -> truster-user-ca | Christian Breunig | |
| The current implementation for SSH CA based authentication uses "set service ssh trusted-user-ca-key ca-certificate <foo>" to define an X.509 certificate from "set pki ca <foo> ..." - fun fact, native OpenSSH does not support X.509 certificates and only runs with OpenSSH ssh-keygen generated RSA or EC keys. This commit changes the bahavior to support antive certificates generated using ssh-keygen and loaded to our PKI tree. As the previous implementation did not work at all, no migrations cript is used. | |||
| 2025-05-29 | pki: T6013: add proper dependencies for SSH CA | Christian Breunig | |
| We need to establish proper dependencies on "system login" and "pki ca" for the SSH subsystem. If the CA is updated or user principal names are modified, we must also ensure that the SSH daemon is restarted accordingly. | |||
| 2025-05-29 | ssh: T6013: move principal name to "system login user <name> authentication" | Christian Breunig | |
| We already support using per-user SSH public keys for system authentication. Instead of introducing a new CLI path to configure per-user principal names, we should continue using the existing CLI location and store the principal names alongside the corresponding SSH public keys. set system login user <name> principal <principal> The certificate used for SSH authentication contains an embedded principal name, which is defined under this CLI node. Only users with matching principal names are permitted to log in. | |||
| 2025-05-29 | ssh: T6013: support SSH AuthorizedPrincipalsFile in use with trusted-user-ca-key | Takeru Hayasaka | |
| Thisc omplements commit e7cab89f9f81 ("T6013: Add support for configuring TrustedUserCAKeys in SSH service with local and remote CA keys"). It introduces a new CLI node per user to support defining the authorized principals used by any given PKI certificate. It is now possible to associate SSH login users with their respective principals. Authored-by: Takeru Hayasaka <hayatake396@gmail.com> | |||
| 2025-05-28 | config-mgmt: T7500: fix typo preventing commit-confirm hard rollback | John Estabrook | |
| 2025-05-28 | Merge pull request #4529 from IDerr/current | John Estabrook | |
| T7395: Add support for renew in REST Server | |||
| 2025-05-28 | http-api: T7498: allow passing config string in body of 'merge' request | John Estabrook | |
| 2025-05-28 | http-api: T7498: allow passing config string in body of 'load' request | John Estabrook | |
| 2025-05-28 | T7395: Add support for renew in REST Server | IDerr | |
| 2025-05-27 | Merge pull request #4524 from sarthurdev/T7350 | Daniil Baturin | |
| flowtable: T7350: Prevent interface deletion if referenced on flowtable | |||
| 2025-05-27 | Merge pull request #4523 from aapostoliuk/T7471-current | Daniil Baturin | |
| accel-ppp: T7471: Changed CoA port completion help to standard template | |||
| 2025-05-27 | Merge pull request #4490 from l0crian1/fix-qos-tcp-flags | Daniil Baturin | |
| QoS: T7415: Fix tcp flags matching | |||
| 2025-05-27 | Merge pull request #4496 from l0crian1/add-root-bpdu-guard | Daniil Baturin | |
| Bridge: T7430: Add BPDU Guard and Root Guard support | |||
| 2025-05-26 | bridge: T7430: rephrase bpdu/root-guard error message | Christian Breunig | |
| 2025-05-26 | Merge pull request #4525 from yunzheng/T3681-exclusion | Daniil Baturin | |
| vyos-1x-vmware: T3681: Fix Python bytecompile exclusion | |||
| 2025-05-23 | Merge pull request #4505 from jestabro/config-context | John Estabrook | |
| T7363: Add vyconf aware initialization of Config | |||
| 2025-05-22 | T7363: update hash for vyconf aware initialization of Config | John Estabrook | |
| 2025-05-22 | T7363: retain generated files as imports for nosetests | John Estabrook | |
| 2025-05-22 | vyos-1x-vmware: T3681: Fix Python bytecompile exclusion | Yun Zheng Hu | |
| 2025-05-22 | T7365: add POSIX-type lock to vyconf_session.commit for compatibility | John Estabrook | |
| We maintain compatibility with the legacy commit lock file until all other references are resolved; this requires a POSIX-type lock instead of the BSD-type lock of vyos.utils.locking. | |||
| 2025-05-22 | T7365: normalize formatting | John Estabrook | |
| 2025-05-22 | T7363: populate ConfigSourceVyconfSession methods | John Estabrook | |
| 2025-05-22 | T7363: add initialization of Config from VyconfSession | John Estabrook | |
| 2025-05-22 | T7121: add missing default version string on init from internal cache | John Estabrook | |
| 2025-05-22 | T7352: use option to load legacy config on start for interoperability | John Estabrook | |
| 2025-05-22 | T7363: distinguish config mode from op mode | John Estabrook | |
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) |
| summaryrefslogtreecommitdiff |