summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2022-04-21pppoe: T4384: replace default-route CLI option with common CLI nodes already ↵Christian Poessinger
present for DHCP VyOS 1.4 still leverages PPPd internals on the CLI. pppd supports three options for a default route, none, auto, force. * none: No default route is installed on interface up * auto: Default route is only installed if there is yet no default route * force: overwrite any default route There are several drawbacks in this design for VyOS and the users. If auto is specified, this only counted for static default routes - but what about dynamic ones? Same for force, only a static default route got replaced but dynamic ones did not got taken into account. The CLI is changed and we now re-use already existing nodes from the DHCP interface configuration: * no-default-route: On link up no default route is installed, same as the previous default-route none * default-route-distance: We can now specify the distance of this route for the routing table on the system. This defaults to 210 as we have for DHCP interfaces. All this will be migrated using a CLI migration script.
2022-04-21xml: T4385: provide building blocks for default route configurationChristian Poessinger
2022-04-18vxlan: geneve: T4370: support configuration of DF bit optionChristian Poessinger
set interfaces vxlan vxlan0 parameters ip df <set|unset|inherit> set interfaces geneve gnv0 parameters ip df <set|unset|inherit>
2022-04-18bgp: xml: update as-override help stringChristian Poessinger
2022-04-16xml: include: improve don't fragment helpChristian Poessinger
2022-04-15salt-minion: T4364: add support for source-interface definitionChristian Poessinger
2022-04-15salt-minion: T4364: support IPv6 master server(s)Christian Poessinger
2022-04-15salt-minion: T4364: migrate to get_config_dict()Christian Poessinger
2022-04-10ocserv: T4231: increment config version 1 -> 2Christian Poessinger
2022-04-09Merge pull request #1242 from goodNETnick/ocserv_local_otpChristian Poessinger
ocserv: T4231: Added OTP support for Openconnect 2FA
2022-04-09ocserv: T4231: Added OTP support for Openconnect 2FAgoodNETnick
2022-04-08Merge branch 'current' into dhcpdGeorg
2022-04-07ipv6: T4346: delete (migrate) CLI command to disable IPv6 address familyChristian Poessinger
2022-04-07qos: T4284: rename "traffic-policy" node to "qos policy"Christian Poessinger
"set traffic-policy" now becomes "set qos policy" "set interface ethernet eth0 traffic-policy" now bvecomes "set qos interface eth0"
2022-04-07qos: T4284: support mirror and redirect on vlan subinterfacesChristian Poessinger
2022-04-07qos: T4284: support mirror and redirect on all interface typesChristian Poessinger
2022-04-06dns: forwarding: T4343: add CLI option for PowerDNS network-timeoutBracken
Makes the powerdns `network-timeout` setting configurable via: `service dns forwarding timeout`. The powerdns default is 1500ms, VyOS now explicitly sets the same default value or the configured value so that the setting can have a readily apparent default in the help, rather than the user having to know it's powerdns.
2022-04-06firewall: T4345: Fix incorrect rule limit rate syntaxsarthurdev
2022-04-04wifi: T4339: tab-completion results in "No such file or directory"Christian Poessinger
2022-04-04wwan: T4339: tab-completion results in "No such file or directory"Christian Poessinger
2022-04-04Merge pull request #1267 from sever-sever/T2580Christian Poessinger
ipoe: T2580: Add pools and gateway options
2022-04-04ipoe: T2580: Add pools and gateway optionsViacheslav Hletenko
Add new feature to allow to use named pools Can be used also with Radius attribute 'Framed-Pool' set service ipoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service ipoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'
2022-04-03isis: T3156: add segment routing local-block for ISISChristian Poessinger
2022-04-03xml: isis: T3236: create common high-low label value include blockChristian Poessinger
2022-04-03isis: T4336: add support for MD5 authentication password on a circuitChristian Poessinger
2022-04-01policy: T4329: Fix regex for extcommunity rtViacheslav Hletenko
Fix regex to allow to set several marks for extcommunity rt set extcommunity rt '65:24 65:23 192.168.2.1:11 192.168.0.2:222'
2022-03-31bgp: T4326: Add bgp parameter no-suppress-duplicatesViacheslav Hletenko
Add new bgp parameter 'no-suppress-duplicates' set protocols bgp parameters no-suppress-duplicates
2022-03-31Merge branch 'vyos:current' into ocserv_local_otpgoodNETnick
2022-03-25xml: T4319: use common building block for table-size CLI optionChristian Poessinger
2022-03-25T4319: "system ip(v6)" must run before any interface operationChristian Poessinger
2022-03-24ipsec: T4288: bump config version 8 -> 9Christian Poessinger
2022-03-24Merge pull request #1251 from srividya0208/T4288aChristian Poessinger
ike-group: T4288 : close-action is missing in swanctl.conf
2022-03-24ike-group: T4288 : close-action is missing in swanctl.confsrividya0208
close-action parameter is missing in the swanctl.conf file
2022-03-23l2tpv3: T1923: remove duplicate mtu includeChristian Poessinger
2022-03-21qos: T4284: initial XML interface definitions for rewriteChristian Poessinger
2022-03-17OSPF : T4304: Set import/export filter inter-area prefixfett0
2022-03-16ocserv: T4231: Added OTP support for Openconnect 2FAgoodNETnick
2022-03-09policy: T2493 ip-next-hop unchanged & peer-addressPaul Lettington
Also add ipv6-next-hop peer-address
2022-03-07ipsec prefix: T4275: Fix for prefix val_help of remote-access and s2s vpnsrividya0208
It accepts network as the input value but the completion help is showing ip address, continuation of previous commit
2022-03-03static: T4283: support "reject" routes - emit an ICMP unreachable when matchedChristian Poessinger
2022-03-03static: T4283: create re-usable XML interface definitions for blackholeChristian Poessinger
2022-03-03static: T4283: fix help string for route/route6Christian Poessinger
2022-03-01flow-accounting: T4277: support sending flow-data via VRF interfaceChristian Poessinger
It should be possible to send the gathered data via a VRF bound interface to the collector. This is somehow related to T3981 but it's the opposite side of the netflow process. set system flow-accounting vrf <name>
2022-02-28ipsec prefix: T4275: Incorrect val_help for local/remote prefixsrividya0208
It accepts network as the input value but the completion help is showing ip address
2022-02-28open-connect: T4274: extend RADIUS authentication timeoutRageLtMan
RADIUS authentication can be handled by a variety of mechanisms, including proxy for 2FA systems requiring user interaction with a separate device, token acquisition, or other time-consuming action. Given the delays required for certain 2FA implementations, a thirty second timeout can range from onerous to untenable. Accomodate the 2FA time requirements by extending the hard-coded RADIUS time limit from 30 seconds to 240. Co-authored-by: RageLtMan <rageltman [at] sempervictus>
2022-02-28ssh: T4273: bugfix cipher and key-exchange multi nodesChristian Poessinger
After hardning the regex validator to be preceeded with ^ and ending with $ it was no longer possible to have a comma separated list as SSH ciphers. The migrations cript is altered to migrate the previous comma separated list to individual multi node entries - cipher and key-exchange always had been multinodes - so this just re-arranges some values and does not break CLI compatibility
2022-02-26lldp: T4272: migrate to get_config_dict()Christian Poessinger
2022-02-25nat: T1083: use defaultValue from XML when handling translationsChristian Poessinger
2022-02-25zone-policy: T2199: bugfix defaultValue usageChristian Poessinger
Instead of hardcoding the default behavior inside the Jinaj2 template, all defaults are required to be specified inside teh XML definition. This is required to automatically render the appropriate CLI tab completion commands.
2022-02-25vpn: ipsec: T3093: add missing defaultValue entriesChristian Poessinger