summaryrefslogtreecommitdiff
path: root/data
AgeCommit message (Collapse)Author
44 hoursconsole-server: T7217: generate Dropbear SSH keys if they do not existDaniil Baturin
8 daysMerge pull request #4321 from sskaje/T7092Daniil Baturin
T7092: Add Container Registry Mirror
8 daysT7092: Change validators: regex to host-name|address + port + pathsskaje
11 dayssyslog: T7229: advanced format should not have IPv6 addresses in [] bracketsChristian Breunig
Otherwise rsyslog will report an error: omfwd: could not get addrinfo for hostname '[2001:db8::2]':'514': System error
12 dayslogin: T6712: add newline after motd warning messageChristian Breunig
13 daysipsec: T7225: fix dynamic generation of IKE DiffieHellmanGroup in iOS profileChristian Breunig
Commit e97d86e ("T6617: T6618: vpn ipsec remote-access: fix profile generators") added a bug when working with DiffieHellmanGroup, it started becoming a boolead and no longer referencing the DH groups itself. This has been fixed.
13 daysipsec: T7225: iOS18+ always requires ExtendedAuthEnabled to be setChristian Breunig
If this is unset, loading the iOS VPN profile will error out on the device giving: Profile Installation Failed configuration is invalid: Missing identity My first assumption was an empty string in LocalIdentifier for IKE, but turned out only adding this flag solved it. This was made optional in commit e97d86e ("T6617: T6618: vpn ipsec remote-access: fix profile generators") but got reverted now.
13 daysMerge pull request #4381 from c-po/ipsec-opmode-profileChristian Breunig
ipsec: T7225: "generate ipsec profile ios-remote-access" throws UndefinedError
13 daysipsec: T7225: "generate ipsec profile ios-remote-access" throws UndefinedErrorChristian Breunig
Calling "generate ipsec profile ios-remote-access rw remote ipsec.vyos.net name VYOS-NET profile VYOS" in op-mode causes File "/usr/share/vyos/templates/ipsec/ios_profile.j2", line 58, in top-level template code {% if authentication.client_mode.startswith("eap") %} ^^^^^^^^^^^^^^^^^^^^^^^^^ jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'client_mode'
13 daysT4406: Add public API endpoint to display informationoniko94
2025-03-04syslog: T6989: add option do disable "MARK"syslog-typos-T6989Christian Breunig
New CLI command set system syslog marker disable
2025-02-27Merge pull request #4369 from natali-rs1985/T7166Daniil Baturin
wireguard: T7166: Call vxlan dependency if interface exist
2025-02-27wireguard: T7166: Call vxlan dependency if interface existNataliia Solomko
2025-02-26policy: T7158: Added match source-vrf to route-mapaapostoliuk
Added match source-vrf to route-map
2025-02-25Merge pull request #4365 from c-po/lldp-t7165Daniil Baturin
lldp: T7165: add support to enable only rx/tx on specific interfaces
2025-02-24lldp: T7165: add support to enable only rx or tx on specific interfaceChristian Breunig
LLDP is a stateless protocol which does not necessitate sending to receive advertisements. There are multiple scenarios such as provider peering links in which it is advantageous to receive LLDP but not disclose internal information to the provider. Add new CLI command: * set service lldp interface <name> mode [disable|rx-tx|rx|tx] The default is unchanged and will be rx-tx. Furthermore if an interface has an explicit LLDP disable configured under "set service lldp interface <name> disable" this will be migrated to "set service lldp interface <name> mode disable"
2025-02-24T7190: Add haproxy default timeout options configurableViacheslav Hletenko
Add the ability to configurate default timeout and frontend client timeout ``` set load-balancing haproxy service web timeout client '600' set load-balancing haproxy timeout check '4' set load-balancing haproxy timeout client '600' set load-balancing haproxy timeout connect '12' set load-balancing haproxy timeout server '120' ```
2025-02-20firewall: T7148: Bridge state-policy uses drop in place of rejectsarthurdev
2025-02-20Merge pull request #4353 from natali-rs1985/T5810Daniil Baturin
T5810: Add support for RPKI source ip
2025-02-20Merge pull request #4352 from natali-rs1985/T6628-fixChristian Breunig
T6628: IPoE-server rename "static-ip" to "ip-address" for local auth
2025-02-20Merge pull request #4356 from sarthurdev/wlb_pythonChristian Breunig
wlb: T4452: Use return for exclude statements
2025-02-19wlb: T4452: Use return for exclude statementssarthurdev
2025-02-19T5810: Add support for RPKI source ipNataliia Solomko
2025-02-19T6628: IPoE-server rename "static-ip" to "ip-address" for local authNataliia Solomko
2025-02-18Merge pull request #4347 from c-po/bgp-redistr-table-T7163Daniil Baturin
bgp: T7163: add CLI route-map and metric support for "redistribute table"
2025-02-13wlb: T4470: Support WLB op-mode commandssarthurdev
2025-02-13wlb: T4470: Migrate WAN load balancer to Python/XMLsarthurdev
2025-02-13bgp: T7163: add CLI route-map and metric support for "redistribute table"Christian Breunig
* set protocols bgp address-family <ipv4-unicast|ipv6-unicast> redistribute table <n> [metric <n>] [route-map <name>]
2025-02-13bgp: T7161: fix IPv4/IPv6 unicast AFI "redistribute table" commandChristian Breunig
Re-use existing XML constraint added via commit 8f6246da6 ("xml: T7161: provide re-usable building block for alternative routing tables") and add handy CLI completion helper. FRRouting supports redistribution of multiple non-main tables, thus make this a multi node in addition, too.
2025-02-11webproxy: T7057: Fixed 'domain-nocache' commandaapostoliuk
Fixed 'domain-nocache' command. Added config generation for this command.
2025-02-10syslog: T6989: update default system configuration with new CLI syntaxChristian Breunig
2025-02-09T7092: Add Container Registry Mirrorsskaje
2025-02-04syslog: T6989: increase local log size form 256KiB -> 1MiBChristian Breunig
2025-02-04syslog: T6989: add possibility to define VRF per remoteChristian Breunig
Rsyslog supports individual VRFs per omfwd remote entry - so we should support this, too.
2025-02-03syslog: T6989: remove RepeatedMsgReduction configuration optionChristian Breunig
This is a feature that worked decades ago when logs were small and reviewed by a human, it fails badly on high volume logs processed by tools. https://www.rsyslog.com/doc/configuration/action/rsconf1_repeatedmsgreduction.html
2025-02-03syslog: T6989: rename "global" to "local"Christian Breunig
The previously "global" options actually were only relevant for the local logging to /var/log/messages.
2025-02-03syslog: T6989: move up "global marker" one level in CLIChristian Breunig
2025-02-03syslog: T6989: move up "global preserve-fqdn" one level in CLIChristian Breunig
Move "global preserve-fqdn" one CLI level up, as it relates to all logging targets (console, global and remote).
2025-02-03syslog: T6989: add new source-address CLI option for outgoing connectionsChristian Breunig
2025-02-03syslog: T6989: convert old configuration format to "advanced"Christian Breunig
2025-02-03syslog: T6989: rename "host" to "remote"Christian Breunig
2025-02-03syslog: T6989: remove CLI option for user terminal loggingChristian Breunig
Should be added as runtime option similar to "terminal monitor" known from other vendors.
2025-02-03syslog: T6989: remove "file" logging destinationChristian Breunig
2025-01-28Merge pull request #4318 from sskaje/T7089Daniil Baturin
T7089: Fix static route when using PPPoE default route
2025-01-28Merge pull request #4322 from aapostoliuk/T2326-fix-3-circinusDaniil Baturin
nhrp: T2326: Fixed jinja template to generate NHRP config
2025-01-27haproxy: T7081: Support HTTP compression (#4314)Alex W
2025-01-27nhrp: T2326: Fixed jinja template to generate NHRP configaapostoliuk
Removed an unnecessary command that caused an error when creating a configuration with VRF and NHRP.
2025-01-27T7089: Fix Indentationsskaje
2025-01-27T7089: Fix static route when using PPPoE default routesskaje
2025-01-21T6895: Merge the hsflowd-based sFlow and uacctd-based sFlow (#4310)Nataliia S.
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-19 13:44:32 +0000