| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-07-18 | openvpn: T6591: deprecate OpenVPN server net30 topology (#3825) | Daniil Baturin | |
| 2024-07-03 | T6539: add logging options to load-balancer reverse-proxy | Jonathan Voss | |
| 2024-06-24 | T5735: Stunnel CLI and configuration | khramshinr | |
| Add CLI commands Add config Add conf_mode Add systemd config Add stunnel smoketests Add log level config | |||
| 2024-06-16 | wireless: T6318: move country-code to a system wide configuration | Christian Breunig | |
| Wireless devices are subject to regulations issued by authorities. For any given AP or router, there will most likely be no case where one wireless NIC is located in one country and another wireless NIC in the same device is located in another country, resulting in different regulatory domains to apply to the same box. Currently, wireless regulatory domains in VyOS need to be configured per-NIC: set interfaces wireless wlan0 country-code us This leads to several side-effects: * When operating multiple WiFi NICs, they all can have different regulatory domains configured which might offend legislation. * Some NICs need additional entries to /etc/modprobe.d/cfg80211.conf to apply regulatory domain settings, such as: "options cfg80211 ieee80211_regdom=US" This is true for the Compex WLE600VX. This setting cannot be done per-interface. Migrate the first found wireless module country-code from the wireless interface CLI to: "system wireless country-code" | |||
| 2024-06-13 | Merge pull request #3639 from natali-rs1985/T5487-current | Daniil Baturin | |
| openvpn: T5487: Remove deprecated option --cipher for server and client mode | |||
| 2024-06-11 | bgp: T6473: missing completion helper for peer-groups inside a VRF | Christian Breunig | |
| Using BGP peer-groups inside a VRF instance will make use if the global VRFs peer-group list during tab-completion and not the peer-groups defined within the BGP instance of the given VRF. | |||
| 2024-06-11 | openvpn: T5487: Remove eprecated option --cipher for server and client mode | Nataliia Solomko | |
| 2024-06-07 | reverse-proxy: T6454: Set default value of http for haproxy mode | Alex W | |
| 2024-06-06 | Merge pull request #3578 from nicolas-fort/raw-hook | Daniil Baturin | |
| T3900: Add support for raw tables in firewall | |||
| 2024-06-04 | T3900: T6394: extend functionalities in firewall; move netfilter sysctl ↵ | Nicolas Fort | |
| timeout parameters defined in conntrack to firewall global-opton section. | |||
| 2024-05-31 | T5307: QoS - traffic-class-map services (#3492) | Roman Khramshin | |
| added new syntax to work with class match filters in QoS policy | |||
| 2024-05-30 | Merge pull request #3531 from Embezzle/T6409 | Christian Breunig | |
| reverse-proxy: T6409: Remove unused backend parameters | |||
| 2024-05-30 | Merge pull request #3510 from HollyGurza/T4576 | Daniil Baturin | |
| T4576: Accel-ppp logging level configuration | |||
| 2024-05-29 | ISIS: T6332: Fix isis not working only ipv6 | fett0 | |
| 2024-05-27 | reverse-proxy: T6409: Remove unused backend parameters | Alex W | |
| 2024-05-27 | T4576: Accel-ppp logging level configuration | khramshinr | |
| add ability to change logging level config for: * VPN L2TP * VPN PPTP * VPN SSTP * IPoE Server * PPPoE Serve | |||
| 2024-05-24 | load-balancing haproxy: T6391: fix typo in timeout help (#3513) | Gregor Michels | |
| Co-authored-by: Gregor Michels <hirnpfirsich@brainpeach.de> | |||
| 2024-05-23 | Merge pull request #3487 from Embezzle/T6370 | Christian Breunig | |
| reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses | |||
| 2024-05-22 | nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel ↵ | Christian Breunig | |
| >=5.0 random - In kernel 5.0 and newer this is the same as fully-random. In earlier kernels the port mapping will be randomized using a seeded MD5 hash mix using source and destination address and destination port. https://git.netfilter.org/nftables/commit/?id=fbe27464dee4588d906492749251454 | |||
| 2024-05-21 | reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses | Alex W | |
| 2024-05-15 | T3900: add support for raw table in firewall. | Nicolas Fort | |
| 2024-05-15 | T5756: L2TP RADIUS backup and weight settings | khramshinr | |
| 2024-05-11 | ethernet: T6306: add support for EVPN MH uplink/core tracking | Christian Breunig | |
| When all the underlay links go down the PE no longer has access to the VxLAN +overlay. To prevent blackholing of traffic the server/ES links are protodowned on the PE. A link can be setup for uplink tracking via the following configuration: set interfaces ethernet eth0 evpn uplink | |||
| 2024-05-07 | T6305: accept ipoe interfaces on firewall ruleset | Nicolas Fort | |
| 2024-05-01 | Merge pull request #3364 from natali-rs1985/T6234-current | Daniil Baturin | |
| pppoe-server: T6234: PPPoE-server pado-delay refactoring | |||
| 2024-04-30 | Merge pull request #3374 from aapostoliuk/T6273 | Christian Breunig | |
| T6273: Allowed the use of "-" and "_" in PPPoE access-concentrator name | |||
| 2024-04-30 | T6273: Allowed the use of "-" and "_" in PPPoE access-concentrator name | aapostoliuk | |
| Allowed the use of "-" and "_" in PPPoE access-concentrator name | |||
| 2024-04-29 | openconnect: T4982: Support defining minimum TLS version in openconnect VPN | Alex W | |
| 2024-04-25 | pppoe-server: T6234: PPPoE-server pado-delay refactoring | Nataliia Solomko | |
| 2024-04-25 | T6258: Add sysctl base-reachable-time for IPv6 | Viacheslav Hletenko | |
| Add abiilty to change `base_reachable_time_ms` option /proc/sys/net/ipv6/neigh/{ifname}/base_reachable_time_ms | |||
| 2024-04-23 | Merge pull request #3342 from fsdrw08/current | Christian Breunig | |
| T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy config | |||
| 2024-04-23 | T6226: add HAPROXY tcp-request related block to load-balancing reverse proxy ↵ | Windom WU | |
| config | |||
| 2024-04-22 | xml: T5738: fix typo in radius-additions.xml.i | André Luiz dos Santos | |
| 2024-04-15 | T5535: firewall: migrate command <set system ip disable-directed-broadcast> ↵ | Nicolas Fort | |
| to firewall global-optinos | |||
| 2024-04-13 | Merge pull request #3297 from HollyGurza/T6035 | Daniil Baturin | |
| qos: T6035: QoS policy shaper queue-type random-detect requires limit avpkt | |||
| 2024-04-12 | qos: T6035: QoS policy shaper queue-type random-detect requires limit avpkt | khramshinr | |
| Added params for configuration red on the shaper policy | |||
| 2024-04-09 | T6214: T6213: change constraint <alpha-numeric-hyphen-underscore-dot.xml.i> ↵ | Nicolas Fort | |
| in order to not allow string starting with dot character; use such constraint in firewall group definitions. | |||
| 2024-04-07 | Merge pull request #3265 from c-po/ethernet-mtu-T5862 | Daniil Baturin | |
| ethernet: T5862: default MTU is not acceptable in some environments | |||
| 2024-04-06 | container: T6208: rename "cap-add" CLI node to "capability" | Christian Breunig | |
| Containers have the ability to add Linux system capabilities to them, this is done using the "set container name <name> cap-add" command. The CLI node sounds off and rather should be "set container name <name> capability" instead as we use and pass a capability to a container and not add/invent new ones. | |||
| 2024-04-06 | xml: T5862: drop defaultValue from mtu-68-16000.xml.i - use individual values | Christian Breunig | |
| In order to lower the Ethernet default MTU we need to drop the common defaultValue from the XML mtu-68-16000.xml.i building block. Per interface default MTU is later overloaded by XML. | |||
| 2024-04-02 | Merge pull request #3229 from c-po/multi-vrf | Christian Breunig | |
| T6192: allow binding SSH to multiple VRF instances | |||
| 2024-04-01 | ssh: T6192: allow binding to multiple VRF instances | Christian Breunig | |
| Currently VyOS only supports binding a service to one individual VRF. It might become handy to have the services (initially it will be VRF, NTP and SNMP) be bound to multiple VRFs. Changed VRF from leafNode to multi leafNode with defaultValue: default - which is the name of the default VRF. | |||
| 2024-04-01 | xml: T5738: extend VRF building blocks with common constraint definition | Christian Breunig | |
| 2024-03-31 | bgp: T6151: Fix description in PEER disable-connected-check | fett0 | |
| 2024-03-29 | bgp: T6151: Fix description in PEER disable-connected-check | fett0 | |
| 2024-03-29 | bgp: T6151: Allow configuration of disable-ebgp-connected-route-check | fett0 | |
| 2024-03-29 | bgp: T6010: Allow configuration of disable-ebgp-connected-route-check | fett0 | |
| 2024-03-28 | ipsec: T5606: T5871: Use multi node for CA certificates | sarthurdev | |
| This changes behaviour from fetching CA chain in PKI, to the user manually setting CA certificates. Prevents unwanted parent CAs existing in PKI from being auto-included as may not be desired/intended. | |||
| 2024-03-25 | T6171: migrate <set service dhcp-server failover> to <set service ↵ | Nicolas Fort | |
| dhcp-server high-availability>. | |||
| 2024-03-24 | xml: T5738: use common constraint include for container network | Christian Breunig | |
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) |
| summaryrefslogtreecommitdiff |