Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-04-21 | pppoe: T4384: replace default-route CLI option with common CLI nodes already ↵ | Christian Poessinger | |
present for DHCP VyOS 1.4 still leverages PPPd internals on the CLI. pppd supports three options for a default route, none, auto, force. * none: No default route is installed on interface up * auto: Default route is only installed if there is yet no default route * force: overwrite any default route There are several drawbacks in this design for VyOS and the users. If auto is specified, this only counted for static default routes - but what about dynamic ones? Same for force, only a static default route got replaced but dynamic ones did not got taken into account. The CLI is changed and we now re-use already existing nodes from the DHCP interface configuration: * no-default-route: On link up no default route is installed, same as the previous default-route none * default-route-distance: We can now specify the distance of this route for the routing table on the system. This defaults to 210 as we have for DHCP interfaces. All this will be migrated using a CLI migration script. | |||
2022-04-21 | xml: T4385: provide building blocks for default route configuration | Christian Poessinger | |
2022-04-18 | vxlan: geneve: T4370: support configuration of DF bit option | Christian Poessinger | |
set interfaces vxlan vxlan0 parameters ip df <set|unset|inherit> set interfaces geneve gnv0 parameters ip df <set|unset|inherit> | |||
2022-04-18 | bgp: xml: update as-override help string | Christian Poessinger | |
2022-04-16 | xml: include: improve don't fragment help | Christian Poessinger | |
2022-04-15 | salt-minion: T4364: add support for source-interface definition | Christian Poessinger | |
2022-04-15 | salt-minion: T4364: support IPv6 master server(s) | Christian Poessinger | |
2022-04-15 | salt-minion: T4364: migrate to get_config_dict() | Christian Poessinger | |
2022-04-10 | ocserv: T4231: increment config version 1 -> 2 | Christian Poessinger | |
2022-04-09 | Merge pull request #1242 from goodNETnick/ocserv_local_otp | Christian Poessinger | |
ocserv: T4231: Added OTP support for Openconnect 2FA | |||
2022-04-09 | ocserv: T4231: Added OTP support for Openconnect 2FA | goodNETnick | |
2022-04-08 | Merge branch 'current' into dhcpd | Georg | |
2022-04-07 | ipv6: T4346: delete (migrate) CLI command to disable IPv6 address family | Christian Poessinger | |
2022-04-07 | qos: T4284: rename "traffic-policy" node to "qos policy" | Christian Poessinger | |
"set traffic-policy" now becomes "set qos policy" "set interface ethernet eth0 traffic-policy" now bvecomes "set qos interface eth0" | |||
2022-04-07 | qos: T4284: support mirror and redirect on vlan subinterfaces | Christian Poessinger | |
2022-04-07 | qos: T4284: support mirror and redirect on all interface types | Christian Poessinger | |
2022-04-06 | dns: forwarding: T4343: add CLI option for PowerDNS network-timeout | Bracken | |
Makes the powerdns `network-timeout` setting configurable via: `service dns forwarding timeout`. The powerdns default is 1500ms, VyOS now explicitly sets the same default value or the configured value so that the setting can have a readily apparent default in the help, rather than the user having to know it's powerdns. | |||
2022-04-06 | firewall: T4345: Fix incorrect rule limit rate syntax | sarthurdev | |
2022-04-04 | wifi: T4339: tab-completion results in "No such file or directory" | Christian Poessinger | |
2022-04-04 | wwan: T4339: tab-completion results in "No such file or directory" | Christian Poessinger | |
2022-04-04 | Merge pull request #1267 from sever-sever/T2580 | Christian Poessinger | |
ipoe: T2580: Add pools and gateway options | |||
2022-04-04 | ipoe: T2580: Add pools and gateway options | Viacheslav Hletenko | |
Add new feature to allow to use named pools Can be used also with Radius attribute 'Framed-Pool' set service ipoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service ipoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24' | |||
2022-04-03 | isis: T3156: add segment routing local-block for ISIS | Christian Poessinger | |
2022-04-03 | xml: isis: T3236: create common high-low label value include block | Christian Poessinger | |
2022-04-03 | isis: T4336: add support for MD5 authentication password on a circuit | Christian Poessinger | |
2022-04-01 | policy: T4329: Fix regex for extcommunity rt | Viacheslav Hletenko | |
Fix regex to allow to set several marks for extcommunity rt set extcommunity rt '65:24 65:23 192.168.2.1:11 192.168.0.2:222' | |||
2022-03-31 | bgp: T4326: Add bgp parameter no-suppress-duplicates | Viacheslav Hletenko | |
Add new bgp parameter 'no-suppress-duplicates' set protocols bgp parameters no-suppress-duplicates | |||
2022-03-31 | Merge branch 'vyos:current' into ocserv_local_otp | goodNETnick | |
2022-03-25 | xml: T4319: use common building block for table-size CLI option | Christian Poessinger | |
2022-03-25 | T4319: "system ip(v6)" must run before any interface operation | Christian Poessinger | |
2022-03-24 | ipsec: T4288: bump config version 8 -> 9 | Christian Poessinger | |
2022-03-24 | Merge pull request #1251 from srividya0208/T4288a | Christian Poessinger | |
ike-group: T4288 : close-action is missing in swanctl.conf | |||
2022-03-24 | ike-group: T4288 : close-action is missing in swanctl.conf | srividya0208 | |
close-action parameter is missing in the swanctl.conf file | |||
2022-03-23 | l2tpv3: T1923: remove duplicate mtu include | Christian Poessinger | |
2022-03-21 | qos: T4284: initial XML interface definitions for rewrite | Christian Poessinger | |
2022-03-17 | OSPF : T4304: Set import/export filter inter-area prefix | fett0 | |
2022-03-16 | ocserv: T4231: Added OTP support for Openconnect 2FA | goodNETnick | |
2022-03-09 | policy: T2493 ip-next-hop unchanged & peer-address | Paul Lettington | |
Also add ipv6-next-hop peer-address | |||
2022-03-07 | ipsec prefix: T4275: Fix for prefix val_help of remote-access and s2s vpn | srividya0208 | |
It accepts network as the input value but the completion help is showing ip address, continuation of previous commit | |||
2022-03-03 | static: T4283: support "reject" routes - emit an ICMP unreachable when matched | Christian Poessinger | |
2022-03-03 | static: T4283: create re-usable XML interface definitions for blackhole | Christian Poessinger | |
2022-03-03 | static: T4283: fix help string for route/route6 | Christian Poessinger | |
2022-03-01 | flow-accounting: T4277: support sending flow-data via VRF interface | Christian Poessinger | |
It should be possible to send the gathered data via a VRF bound interface to the collector. This is somehow related to T3981 but it's the opposite side of the netflow process. set system flow-accounting vrf <name> | |||
2022-02-28 | ipsec prefix: T4275: Incorrect val_help for local/remote prefix | srividya0208 | |
It accepts network as the input value but the completion help is showing ip address | |||
2022-02-28 | open-connect: T4274: extend RADIUS authentication timeout | RageLtMan | |
RADIUS authentication can be handled by a variety of mechanisms, including proxy for 2FA systems requiring user interaction with a separate device, token acquisition, or other time-consuming action. Given the delays required for certain 2FA implementations, a thirty second timeout can range from onerous to untenable. Accomodate the 2FA time requirements by extending the hard-coded RADIUS time limit from 30 seconds to 240. Co-authored-by: RageLtMan <rageltman [at] sempervictus> | |||
2022-02-28 | ssh: T4273: bugfix cipher and key-exchange multi nodes | Christian Poessinger | |
After hardning the regex validator to be preceeded with ^ and ending with $ it was no longer possible to have a comma separated list as SSH ciphers. The migrations cript is altered to migrate the previous comma separated list to individual multi node entries - cipher and key-exchange always had been multinodes - so this just re-arranges some values and does not break CLI compatibility | |||
2022-02-26 | lldp: T4272: migrate to get_config_dict() | Christian Poessinger | |
2022-02-25 | nat: T1083: use defaultValue from XML when handling translations | Christian Poessinger | |
2022-02-25 | zone-policy: T2199: bugfix defaultValue usage | Christian Poessinger | |
Instead of hardcoding the default behavior inside the Jinaj2 template, all defaults are required to be specified inside teh XML definition. This is required to automatically render the appropriate CLI tab completion commands. | |||
2022-02-25 | vpn: ipsec: T3093: add missing defaultValue entries | Christian Poessinger | |