summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2021-09-19dhcp-server: T3672: re-add missing "name" CLI optionChristian Poessinger
This option is mandatory and must be user configurable as it needs to match on both sides.
2021-09-19xml: dhcp-server: move building blocks to dhcp subdirectoryChristian Poessinger
2021-09-19dhcp-server: T3841: add option to perform ICMP check before address assignmentChristian Poessinger
2021-09-19dhcp-server: T3672: only one failover peer is supportedChristian Poessinger
2021-09-18T3840: Allow larger DNS forwarding cache sizesLucas Christian
2021-09-18container: T2216: add IPv6 support to container networksChristian Poessinger
2021-09-18dhcp-server: T3839: support name-servers and domain config per shared-networkChristian Poessinger
DHCP servers "shared-network" level only makes sense if one can specify configuration items that can be inherited by individual subnets. This is now possible for name-servers and the domain-name. set service dhcp-server shared-network-name LAN domain-name 'vyos.net' set service dhcp-server shared-network-name LAN name-server '192.0.2.1'
2021-09-18dhcp-server: xml: use description building blockChristian Poessinger
2021-09-18dhcpv6-server: xml: add description CLI nodeChristian Poessinger
2021-09-18dhcp-server: T3838: rename dns-server to name-server nodeChristian Poessinger
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given pool. In order to use the same CLI syntax this should be renamed to name-server, which is already the case for DHCPv6.
2021-09-18dhcp-server: T1968: allow multiple static-routes to be configuredChristian Poessinger
vyos@vyos# show service dhcp-server shared-network-name LAN { subnet 10.0.0.0/24 { default-router 10.0.0.1 dns-server 194.145.150.1 lease 88 range 0 { start 10.0.0.100 stop 10.0.0.200 } static-route 192.168.10.0/24 { next-hop 10.0.0.2 } static-route 192.168.20.0/24 { router 10.0.0.2 } } }
2021-09-15typo: remove unnecessary 'i' from helpJavinator9889
2021-09-14ipsec: T3828: Update interface definitions for new behavioursarthurdev
2021-09-10squid: T3810: Node source-group address should be multiViacheslav
2021-09-06pki: xml: T3642: use "txt" as format identifierChristian Poessinger
2021-09-05name-server: T3804: merge "system name-servers-dhcp" into "system name-server"Christian Poessinger
We have "set system name-server <ipv4|ipv6>" to specify a name-server IP address we wan't to use. We also have "set system name-servers-dhcp <interface>" which does the same, but the name-server in question is retrieved via DHCP. Both CLI nodes are combined under "set system name-server <ipv4|ipv6|interface>" to keep things as they are in real life - we need a name-server. (cherry picked from commit 2ecf7a9f9cbe9359457bd23b4a0c45f3763123c7)
2021-09-04bgp: T3798: "replace-as" option can only be used when "no-prepend" is definedChristian Poessinger
Commit 5f1c1ae4 ("bgp: T3798: add support for neighbor local-as <n> replace-as") added support for a new CLI option when the local-as is changed for a specified neighbor or peer-group. There was an error in the CLI / design as the "replace-as" option can only be used when "no-prepend" is defined. Thus "no-prepend" became a <node> and the new "replace-as" leafNode is now a child of "no-prepend".
2021-09-03bgp: T3798: add support for neighbor local-as <n> replace-asChristian Poessinger
2021-09-01login: T1948: add missing ssh-public key name regexChristian Poessinger
2021-09-01login: T1948: fix username regex - add missing start ^ and end $Christian Poessinger
2021-08-31ssh: T3789: add custom validator for base64 encoded CLI dataChristian Poessinger
SSH keys used for remote login are supplied as base64 encoded data on the CLI. The key is not validated, thus an invalid copy/pasted key will render the login useless. This commit adds a custom and re-usable validator which check if the data is properly base64 encoded.
2021-08-30ethernet: T3787: remove deprecated UDP fragmentation offloading optionChristian Poessinger
Deprecated in the Linux Kernel by commit 08a00fea6de277df12ccfadc21 ("net: Remove references to NETIF_F_UFO from ethtool."). (cherry picked from commit f5e46ee6cc2b6c1c1869e26beca4ccd5bf52b62f)
2021-08-29xml: add missing "u32:" value declarator on integer rangesChristian Poessinger
2021-08-29ospf: T3236: add possibility to redistribute "table"Christian Poessinger
Add new CLI command: * "set protocols ospf redistribute table <n>"
2021-08-29ospf: xml: T3236: update help stringsChristian Poessinger
2021-08-27ipsec: T1210: Jinj2 template did not honor inactivity/timeout settingChristian Poessinger
2021-08-26Merge pull request #965 from c-po/t3739-evpn-route-mapChristian Poessinger
bgp: evpn: T3739: add route-map match support
2021-08-26ipsec: T1210: support road-warrior IP assignment via RADIUS Framed-IP-AddressChristian Poessinger
Extended CLI command: "set vpn ipsec remote-access connection rw pool" with a "radius" option.
2021-08-24bgp: T3759: "l2vpn evpn" and ipv4/ipv6 safi route-targets differChristian Poessinger
The "l2vpn evpn" address-family route-target command only accepts a single route-target value consisting of (A.B.C.D:MN|EF:OPQR|GHJK:MN). The "ipv4-unicast or ipv6-unicast" address-family route-target command for VPNs support multiple, whitespace separated route-target values. This commit adds a new custom validator named "bgp-route-target" with a --single and a --multi option to pass one or more route-target values.
2021-08-24policy: T2425: rename validator large-community-list -> bgp-large-community-listChristian Poessinger
... as we will get another bgp route-target validator soon.
2021-08-23container: T2216: add option to "disable" a containerChristian Poessinger
2021-08-23container: T2216: use common "generic-description.xml.i" building blockChristian Poessinger
2021-08-23container: T2216: increase default memory limit to 512MBChristian Poessinger
2021-08-23container: T2216: name of container must be alphanumeric and can contain a ↵Christian Poessinger
hyphen
2021-08-23containers: T2216: add CLI commands to specify restart behavior and memory usageChristian Poessinger
A container is limited to 256MB memory by default and will always restart on failure.
2021-08-23containers: T2216: xml: impove help string for address commandChristian Poessinger
2021-08-23containers: T2216: add environmnet variable constraintChristian Poessinger
An environment variable passed to podman can only consist out of alphanumeric characters, a hypend and an underscore.
2021-08-22ipsec: T2816: l2tp ipsec VPN must be started after strongSwanChristian Poessinger
2021-08-21pppoe: T1318: bump priority by 1 so we can source from pseudo-ethernet ↵Christian Poessinger
interfaces
2021-08-21pppoe: T1318: implement missing access-concentrator CLI optionChristian Poessinger
2021-08-21pppoe: T3090: support forward disable on a PPPoE linkChristian Poessinger
2021-08-21xml: interfaces: use one common building block for "disable-forwarding"Christian Poessinger
Both building blocks only differed in the help text, so use IP for both IPv4 and IPv6.
2021-08-21vti: T1441: enable ipv4/ipv6 interface optionsChristian Poessinger
Now that we are based on XFRM interfaces we can also enable specific IPv4 and IPv6 interface options.
2021-08-21interfaces: T3090: migrate adjust-mss from "firewall options" to "interface" ↵Christian Poessinger
level Getting rid of "set firewall options" and move it from: set firewall options interface ethX adjust-mss 1400 set firewall options interface ethX adjust-mss6 1400 to: set interfaces ethernet ethX ip adjust-mss 1400 set interfaces ethernet ethX ipv6 adjust-mss 1400 In addition add an extra option called clamp-mss-to-pmtu instead of a value.
2021-08-20bgp: T3759: add IPv4/IPv6 unicast AFI route-map for VPN import/exportChristian Poessinger
This adds the following new commands: set protocols bgp address-family ipv4-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv4-unicast route-map vpn import foo-map-in set protocols bgp address-family ipv6-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv6-unicast route-map vpn import foo-map-in
2021-08-20bgp: T3759: fix DOS -> UNIX line endings on route-target building blocksChristian Poessinger
2021-08-20bgp: T3759: create common export/import building block for re-usable route-mapsChristian Poessinger
2021-08-20xml: remove superfluous "interface" prefix from interface includesChristian Poessinger
2021-08-19xml: T3768: drop early XML syntaxVersion implementationJohn Estabrook
2021-08-18bgp: T3759: add l3vpn "route-target vpn" commandsChristian Poessinger
Add the following new commands: * set protocols bgp address-family ipv4-unicast route-target vpn both 1.1.1.1:100 * set protocols bgp address-family ipv4-unicast route-target vpn export 1.1.1.1:100 * set protocols bgp address-family ipv4-unicast route-target vpn import 1.1.1.1:100