| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-02-04 | firewall: T4209: Fix support for rule `recent` matches | sarthurdev | |
| 2022-01-29 | firewall: T4218: Adds a prefix to all user defined chains | sarthurdev | |
| 2022-01-30 | Merge pull request #789 from jack9603301/T3420 | Daniil Baturin | |
| upnpd: T3420: Support UPNP protocol | |||
| 2022-01-25 | monitoring: T3872: Delete iptables input plugin as we use nft | Viacheslav | |
| Telegraf inputs iptables plugin incompatible with nftables As it tries to get statistics from "iptables -L -n -v" which doesnt display required data in 1.4 as we don't use iptables anymore | |||
| 2022-01-25 | sshd: T4205: Hide extra version suffix "Debian" | Viacheslav Hletenko | |
| Disable distribution-specified extra version suffix is included during initial protocol handshake SSH-2.0-OpenSSH_8.4p1 Debian-5 => SSH-2.0-OpenSSH_8.4p1 | |||
| 2022-01-21 | Merge pull request #1180 from goodNETnick/dhcp-client-prefix | Christian Poessinger | |
| DHCP: T4196: fix client-prefix-length parameter | |||
| 2022-01-20 | DHCP: T4196: fix client-prefix-length parameter | goodNETnick | |
| 2022-01-20 | firewall: T2199: Add log prefix to match legacy perl behaviour | sarthurdev | |
| Example syslog: [FWNAME-default-D] ... * Also clean-up firewall default-action | |||
| 2022-01-19 | Merge pull request #1177 from sarthurdev/mac_groups | Christian Poessinger | |
| firewall: T3560: Add support for MAC address groups | |||
| 2022-01-19 | OSPF : T4195: ability to set maximum paths for OSPF | fett0 | |
| 2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
| 2022-01-18 | firewall: T4188: Create default conntrack `FW_CONNTRACK` chain | sarthurdev | |
| This chain was missing from the XML/Python rewrite thus all traffic fell through to the `notrack` rule. | |||
| 2022-01-17 | Merge pull request #1174 from sarthurdev/firewall | Christian Poessinger | |
| firewall: T4178: T3873: tcp flags syntax refactor, intra-zone-filtering fix | |||
| 2022-01-17 | zone-policy: T3873: Fix intra-zone-filtering return to zone default-action | sarthurdev | |
| 2022-01-15 | ntp: T4184: Fix allow-clients address | Viacheslav | |
| NTP-server with option "allow-clients address x.x.x.x" should accept requests only from clients addresses which declared in configuration if this option exists Add "restrict default ignore" to fix it, in another case it responce to any address | |||
| 2022-01-13 | monitoring: T3872: Add just required interfaces for ethtool | Viacheslav | |
| Telegraf ethtool input filter expected ethX interfaces and not other interfaces like vlans/tunnels/dummy Add "interface_include" option to telegraf template. | |||
| 2022-01-11 | policy: T2199: Refactor policy route script for better error handling | sarthurdev | |
| * Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6` | |||
| 2022-01-11 | firewall: policy: T4159: T4164: Fix empty firewall groups, create separate ↵ | sarthurdev | |
| file for group definitions. | |||
| 2022-01-11 | policy: T4170: rename "policy ipv6-route" -> "policy route6" | Christian Poessinger | |
| In order to have a consistent looking CLI we should rename this CLI node. There is: * access-list and access-list6 (policy) * prefix-list and prefix-list6 (policy) * route and route6 (static routes) | |||
| 2022-01-10 | conntrack: T3579: prepare for "conntrack timeout custom rule" CLI commands | Christian Poessinger | |
| 2022-01-10 | conntrack: T3579: use "notrack" over "return" in nft statements | Christian Poessinger | |
| 2022-01-10 | conntrack: T3579: migrate "conntrack ignore" tree to vyos-1x and nftables | Christian Poessinger | |
| 2022-01-09 | Merge pull request #1143 from sever-sever/T1972 | Christian Poessinger | |
| vrrp: T1972: Ability to set IP address on not vrrp interface | |||
| 2022-01-09 | Merge pull request #1142 from sever-sever/T4150 | Christian Poessinger | |
| keepalived: T4150: Fix template option conntrack_sync_group | |||
| 2022-01-09 | nhrp: T4152: Fix template holding-time for nhrp | Viacheslav | |
| Add missed 'holding-time' option for shortcut-target address | |||
| 2022-01-09 | vrrp: T1972: Ability to set IP address on not vrrp interface | Viacheslav | |
| Ability to set virtual_address on not vrrp-listen interface Add ability don't track primary vrrp interface "exclude-vrrp-interface" Add ability to set tracking (state UP/Down) on desired interfaces For example eth0 is used for vrrp and we want to track another eth1 interface that not belong to any vrrp-group | |||
| 2022-01-08 | keepalived: T4150: Fix template option conntrack_sync_group | Viacheslav | |
| conntrack_sync_group option not under 'vrrp' section but part of high-avalability dictionary | |||
| 2022-01-06 | https: T4146: do not listen on port 80 | John Estabrook | |
| 2022-01-06 | vrrp: T4141: bugfix missing {% if %} clause when adding sync-groups | Christian Poessinger | |
| 2022-01-05 | Merge pull request #1134 from sarthurdev/firewall | Christian Poessinger | |
| firewall: zone-policy: T2199: T4130: Fixes for firewall, state-policy and zone-policy | |||
| 2022-01-05 | firewall: zone-policy: T2199: T4130: Fixes for firewall, state-policy and ↵ | sarthurdev | |
| zone-policy | |||
| 2022-01-04 | Merge pull request #1121 from sever-sever/T4109 | Christian Poessinger | |
| keepalived: T4109: Add high-availability virtual-server | |||
| 2022-01-04 | keepalived: T4109: Add high-availability virtual-server | Viacheslav | |
| Add new feature, high-availability virtual-server Change XML, python and templates Move vrrp to root node 'high-availability' as all logic are handler by root node 'high-availability' | |||
| 2022-01-04 | Merge pull request #1130 from sarthurdev/firewall | Christian Poessinger | |
| firewall: T4130: Fix firewall state-policy errors | |||
| 2022-01-04 | firewall: T4130: Fix firewall state-policy errors | sarthurdev | |
| Also fixes: * Issue with multiple state-policy rules being created on firewall updates * Prevents interface rules being inserted before state-policy | |||
| 2022-01-03 | Merge pull request #1018 from sever-sever/T3872 | Christian Poessinger | |
| monitoring: T3872: Add a new feature service monitoring | |||
| 2022-01-03 | monitoring: T3872: Add a new feature service monitoring telegraf | Viacheslav | |
| 2021-12-31 | Merge branch 'firewall' of https://github.com/sarthurdev/vyos-1x into current | Christian Poessinger | |
| * 'firewall' of https://github.com/sarthurdev/vyos-1x: zone_policy: T3873: Implement intra-zone-filtering policy: T2199: Migrate policy route op-mode to XML/Python policy: T2199: Migrate policy route to XML/Python zone-policy: T2199: Migrate zone-policy op-mode to XML/Python zone-policy: T2199: Migrate zone-policy to XML/Python firewall: T2199: Migrate firewall op-mode to XML/Python firewall: T2199: Migrate firewall to XML/Python | |||
| 2021-12-31 | ipsec: T4126: Ability to set priorities for installed policy | Viacheslav | |
| Add priority for policy based IPSec VPN tunnels If 2 tunnels have the same pair of local and remote traffic selectors (prefixes) it allows to set more preforable install policy from required peer The lowest priority is more preforable | |||
| 2021-12-30 | snmp: T4124: migrate to get_config_dict() | Christian Poessinger | |
| 2021-12-29 | webproxy: T4116: Ability to listen on IPv6 addresses | Andreas | |
| IPv6 addresses on webproxy/SQUID where not added correctly. They need to be added in brackets. Modified squid.conf.tmpl to bracketize the address | |||
| 2021-12-28 | ipsec: T4111: Fix for swanctl configuration IPV6 peers | Viacheslav | |
| Peer name must not contain dots and colons, otherwise swanct can't generate correct configuration for swanctl.conf This is used in connection names and child SA names Add filter 'dot_colon_to_dash' which replace dots and colons | |||
| 2021-12-27 | Merge pull request #1116 from sever-sever/T4039 | Christian Poessinger | |
| syslog: T4039: Add protocol23format logging for UDP | |||
| 2021-12-27 | syslog: T4039: Add protocol23format logging for UDP | Viacheslav | |
| Add protocol23format for rsyslog protocol UDP Add ability to use IPv6 addresses (bracketize_ipv6) for protocol TCP and UDP, when protocol is configured explicity | |||
| 2021-12-27 | keepalived: T4109: Add XML for high-availability virtual-server | Viacheslav | |
| Add XML for required 'virtual-server' configuration commands | |||
| 2021-12-26 | ospfv3: T4107: add support for "default-information originate" | Christian Poessinger | |
| 2021-12-26 | ospfv3: T4108: add support for auto-cost parameter | Christian Poessinger | |
| 2021-12-26 | ospfv3: T4102: nssa area support both no-summary and default-originate | Christian Poessinger | |
| 2021-12-26 | flow-accounting: T4097: move configuration file to /run | Christian Poessinger | |
| 2021-12-26 | http: api: T4055: add VRF support | Christian Poessinger | |
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) |
| summaryrefslogtreecommitdiff |