Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-02-25 | zone-policy: T2199: bugfix defaultValue usage | Christian Poessinger | |
Instead of hardcoding the default behavior inside the Jinaj2 template, all defaults are required to be specified inside teh XML definition. This is required to automatically render the appropriate CLI tab completion commands. | |||
2022-02-25 | vpn: ipsec: T3093: add missing defaultValue entries | Christian Poessinger | |
2022-02-25 | monitoring: T3872: re-use "port" building block from port-number.xml.i | Christian Poessinger | |
2022-02-25 | xml: webproxy: add comment about explicitly not set defaultValue | Christian Poessinger | |
2022-02-25 | wireless: ifconfig: T2653: add missing defaultValue for mgmt-frame-protection | Christian Poessinger | |
2022-02-25 | dhcp-relay: T3095: add missing max-size default value | Christian Poessinger | |
2022-02-24 | scripts: T4269: node.def generator should automatically add default values | Christian Poessinger | |
Since introducing the XML <defaultValue> node it was common, but redundant, practice to also add a help string indicating which value would be used as default if the node is unset. This makes no sense b/c it's duplicated code/value/characters and prone to error. The node.def scripts should be extended to automatically render the appropriate default value into the CLI help string. For e.g. SSH the current PoC renders: $ cat templates-cfg/service/ssh/port/node.def multi: type: txt help: Port for SSH service (default: 22) val_help: u32:1-65535; Numeric IP port ... Not all subsystems are already migrated to get_config_dict() and make use of the defaults() call - those subsystems need to be migrated, first before the new default is added to the CLI help. | |||
2022-02-22 | Merge pull request #1230 from sever-sever/T1856 | Christian Poessinger | |
ipsec: T1856: Ability to set SA life bytes and packets | |||
2022-02-21 | Merge pull request #1231 from sever-sever/T3948 | Christian Poessinger | |
ipsec: T3948: Add CLI site-to-site peer connection-type none | |||
2022-02-21 | Merge pull request #1234 from srividya0208/T3656 | Christian Poessinger | |
vpn_ipsec: T3656: modified completion help for key-exchange | |||
2022-02-21 | vpn_ipsec: T3656: modified completion help for key-exchange | srividya0208 | |
In latest releases, default IKE version is removed, which allows the connection to be IKEv1 or IKEv2. The completion help shows IKEv1 as default so removed it. | |||
2022-02-20 | vxlan: T4120: rename tunnel-remotes.xml.i -> tunnel-remote-multi.xml.i | Christian Poessinger | |
2022-02-20 | vxlan: T4120: add ability to set multiple remotes (PR #1127) | Andreas | |
VXLAN does support using multiple remotes but VyOS does not. Add the ability to set multiple remotes and add their flood lists using "bridge" command. | |||
2022-02-20 | ipsec: T3948: Add CLI site-to-site peer connection-type none | Viacheslav Hletenko | |
set vpn ipsec site-to-site peer 192.0.2.14 connection-type none | |||
2022-02-20 | macsec: T4261: add dhcp client support | Christian Poessinger | |
2022-02-20 | ipsec: T1856: Ability to set SA life bytes and packets | Viacheslav Hletenko | |
set vpn ipsec esp-group grp-ESP life-bytes '100000' set vpn ipsec esp-group grp-ESP life-packets '2000000' | |||
2022-02-20 | Merge branch 't4203-dhcp' into current | Christian Poessinger | |
* t4203-dhcp: smoketest: dhcp: T4203: move testcase to base class static: T4203: obey interface dhcp default route distance interface: T4203: prevent DHCP client restart if not necessary | |||
2022-02-20 | Merge pull request #1226 from sever-sever/T4254 | Christian Poessinger | |
vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options | |||
2022-02-20 | static: T4203: obey interface dhcp default route distance | Christian Poessinger | |
Commit 05aa22dc ("protocols: static: T3680: do not delete DHCP received routes") added a bug whenever a static route is modified - the DHCP interface will always end up with metric 210 - if there was a default route over a DHCP interface. | |||
2022-02-19 | containers: T4249: Allow to connect host device to the container | Viacheslav Hletenko | |
Ability to attach host devices to the container It can be disk, USB device or any device from the directory /dev set container name alp01 device disk source '/dev/vdb1' set container name alp01 device disk destination '/dev/mydisk' | |||
2022-02-19 | vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options | Viacheslav Hletenko | |
Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn charon.install_virtual_ip_on swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z set vpn ipsec options flexvpn set vpn ipsec options virtual-ip set vpn ipsec options interface tunX set vpn ipsec site-to-site peer x.x.x.x virtual-address x.x.x.x | |||
2022-02-16 | xml: T3474: add component version include files | John Estabrook | |
Add the include files containing the syntaxVersion element defining the version of the respective component; these files are included by the top level file 'xml-component-versions.xml.in'. Processing of these elements was previously added to the python xml lib in commit 40f5359d. This will replace the use of 'curver_DATA' in vyatta-cfg-system and other legacy packages. | |||
2022-02-16 | policy: T2425: add completion helper script when referencing IP addresses | Christian Poessinger | |
2022-02-07 | xml: ssh: T4233: sync regex for allow/deny usernames to "system login" | Christian Poessinger | |
2022-02-05 | Merge pull request #1206 from sarthurdev/T4209 | Christian Poessinger | |
firewall: T4209: Fix support for rule `recent` matches | |||
2022-02-04 | firewall: T4209: Fix support for rule `recent` matches | sarthurdev | |
2022-02-03 | T4227:Bridge: Typo in completion help of hello-time option | srividya0208 | |
There is spelling mistake in "advertisement" of hello-time option's completion help | |||
2022-01-31 | upnpd: T3420: use proper include directives | Christian Poessinger | |
2022-01-31 | Merge pull request #1196 from hensur/current-ipv6-local-route-iif | Christian Poessinger | |
policy: T4219: add local-route(6) inbound-interface support | |||
2022-01-30 | firewall: T2199: Add constraint for tagnode names | sarthurdev | |
2022-01-30 | policy: T4219: add local-route(6) incoming-interface | Henning Surmeier | |
2022-01-30 | Merge pull request #789 from jack9603301/T3420 | Daniil Baturin | |
upnpd: T3420: Support UPNP protocol | |||
2022-01-25 | nat: T4138: Add port-range validation for NAT | Viacheslav Hletenko | |
Add port-validators for NAT rules that prevent to set incorrect port-ranges (21-5) and incorrect ports (70000) | |||
2022-01-22 | Merge pull request #1184 from sarthurdev/firewall_icmp | Christian Poessinger | |
firewall: T4130: T4186: ICMP/v6 updates, ipv6 state policy check fix | |||
2022-01-21 | Firewall: T4186: Adding icmpv6 corrections, in corcondancy of what was done ↵ | Nicolas Fort | |
for icmp | |||
2022-01-21 | Firewall: T4186: typo correction on address-mask-reply description | Nicolas Fort | |
2022-01-21 | Firewall: T4186: Correct icmp type-name options for firewall rules | Nicolas Fort | |
2022-01-20 | Merge pull request #1144 from hensur/current-ipv6-local-route | Christian Poessinger | |
policy: T4151: Add policy ipv6-local-route | |||
2022-01-19 | Merge pull request #1177 from sarthurdev/mac_groups | Christian Poessinger | |
firewall: T3560: Add support for MAC address groups | |||
2022-01-19 | OSPF : T4195: ability to set maximum paths for OSPF | fett0 | |
2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
2022-01-17 | Merge pull request #1174 from sarthurdev/firewall | Christian Poessinger | |
firewall: T4178: T3873: tcp flags syntax refactor, intra-zone-filtering fix | |||
2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
* Add support for ECN and CWR flags | |||
2022-01-14 | wireguard: T4183: Allow to set peer IPv6 link-local address | Viacheslav | |
2022-01-14 | Merge pull request #1167 from sarthurdev/firewall | Christian Poessinger | |
firewall: T4178: Use lowercase for TCP flags and add an validator | |||
2022-01-14 | firewall: T4178: Use lowercase for TCP flags and add an validator | sarthurdev | |
2022-01-14 | policy: T4151: Add policy ipv6-local-route | Henning Surmeier | |
Adds support for `ip -6 rule` policy based routing. Also, extends the existing ipv4 implemenation with a `destination` key, which is translated as `ip rule add to x.x.x.x/x` rules. https://phabricator.vyos.net/T4151 | |||
2022-01-13 | Firewall: T4181: Set correct description for ipv6-network-group | fett0 | |
2022-01-11 | Merge pull request #1157 from nicolas-fort/T4162 | Christian Poessinger | |
vpn: T4162: Correct helper description for ikev2-reauth | |||
2022-01-11 | policy: T2199: Refactor policy route script for better error handling | sarthurdev | |
* Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6` |