Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-09-15 | Merge branch 'T4689' of https://github.com/jack9603301/vyos-1x into current | Christian Poessinger | |
* 'T4689' of https://github.com/jack9603301/vyos-1x: rfs: T4689: Support RFS(Receive Flow Steering) | |||
2022-09-15 | rfs: T4689: Support RFS(Receive Flow Steering) | jack9603301 | |
2022-09-15 | conntrack: T4691: lower "tcp max-retrans" upper limit | Christian Poessinger | |
Kernel 5.15.y and newer only support an upper boundary of 255. vyos@vyos:~$ sudo sysctl -w net.netfilter.nf_conntrack_tcp_max_retrans=255 net.netfilter.nf_conntrack_tcp_max_retrans = 255 vyos@vyos:~$ sudo sysctl -w net.netfilter.nf_conntrack_tcp_max_retrans=256 sysctl: setting key "net.netfilter.nf_conntrack_tcp_max_retrans": Invalid argument | |||
2022-09-14 | keymap: T4695: Add Spain 'es' and Japan 'jp106' keymaps | Viacheslav Hletenko | |
Add Spain (es) and Japan (jp106) keymaps set system option keyboard-layout es|jp106 | |||
2022-09-14 | Merge pull request #1534 from sarthurdev/firewall_interfaces | Christian Poessinger | |
firewall: zone-policy: T2199: T4605: Refactor firewall, migrate zone-policy | |||
2022-09-13 | zone-policy: T2199: Migrate zone-policy to firewall node | sarthurdev | |
2022-09-13 | firewall: T2199: Refactor firewall + zone-policy, move interfaces under ↵ | sarthurdev | |
firewall node * Refactor firewall and zone-policy rule creation and cleanup * Migrate interface firewall values to `firewall interfaces <name> <direction> name/ipv6-name <name>` * Remove `firewall-interface.py` conf script | |||
2022-09-12 | Revert "rfs: T4689: Support RFS(Receive Flow Steering)" | Christian Poessinger | |
This reverts commit 53355271a2864d844daca89a064c21e514e10adb. | |||
2022-09-12 | rfs: T4689: Support RFS(Receive Flow Steering) | jack9603301 | |
2022-09-10 | policy: T4685: fix non-existent inbound-interface on commit | initramfs | |
The local-policy and local-policy6 nodes were missing their priority property causing an ordering issue between the creation of dynamic interfaces (like VLAN/Bonding) and referencing said interface in PBR rules. Add a priority value to order local-policy(6) to be after all interface definitions. | |||
2022-09-07 | T1024: Firewall and Policy route: add option to match dscp value, both on ↵ | Nicolas Fort | |
firewall and in policy route | |||
2022-09-06 | T4670: policy route: extend matching criteria for policy route and route6. ↵ | Nicolas Fort | |
Matching criteria added: ttl/hoplimit and packet-length | |||
2022-09-03 | firewall: T4651: re-implement packet-length CLI option to use <multi/> | Christian Poessinger | |
2022-09-03 | firewall: T3568: improve default-action help string | Christian Poessinger | |
2022-09-03 | firewall: T3568: add XML include block for eq,gt,lt options | Christian Poessinger | |
2022-09-02 | Merge branch 'T4651' of https://github.com/nicolas-fort/vyos-1x into firewall | Christian Poessinger | |
* 'T4651' of https://github.com/nicolas-fort/vyos-1x: Firewall: T4651: Change proposed cli from ip-length to packet-length Firewall: T4651: Add options to match packet size on firewall rules. | |||
2022-09-01 | Firewall: T4651: Change proposed cli from ip-length to packet-length | Nicolas Fort | |
2022-08-31 | nat: T538: Move nat configs to /run directory | Viacheslav Hletenko | |
2022-08-30 | firewall: T4655: implement XML defaultValue for name and ipv6-name | Christian Poessinger | |
This extends the implementation of commit 0cc7e0a49094 ("firewall: T4655: Fix default action 'drop' for the firewall") in a way that we can now also use the XML <defaultValue> node under "firewall name" and "firewall ipv6-name". This is a much cleaner approach which also adds the default value automatically to the CLIs completion helper ("?"). | |||
2022-08-30 | firewall: T3568: cleanup XML help node - remove information passed via valueHelp | Christian Poessinger | |
2022-08-30 | firewall: T3568: rename XML building blocks to match CLI node name | Christian Poessinger | |
2022-08-29 | rpki: T4654: Fix RPKI cache description | Viacheslav Hletenko | |
Fix wrong descriptions for the RPKI server It was mentioned about the NTP server | |||
2022-08-27 | Firewall: T4651: Add options to match packet size on firewall rules. | Nicolas Fort | |
2022-08-26 | Merge pull request #1482 from sever-sever/T4631 | Christian Poessinger | |
nat66: T4631: Add port and protocol to nat66 conf | |||
2022-08-25 | proxy: T4642: allow https proxy transports | Christian Poessinger | |
2022-08-25 | telegraf: T3872: re-use existing XML building blocks | Christian Poessinger | |
2022-08-25 | telegraf: T4617: add VRF support | Christian Poessinger | |
2022-08-25 | Merge pull request #1478 from sever-sever/T4622 | Christian Poessinger | |
firewall: T4622: Add TCP MSS option | |||
2022-08-24 | proxy: T4642: bugfix regex, add hyphen to allow list | Christian Poessinger | |
2022-08-24 | Policy: T4641: allow only ipv4 prefixes on prefix-list | Nicolas Fort | |
2022-08-20 | nat66: T4631: Add port and protocol to nat66 | Viacheslav Hletenko | |
Ability to configure src/dst/translation port and protocol for SNAT and DNAT IPv6 | |||
2022-08-19 | Merge pull request #1476 from sever-sever/T4620 | Christian Poessinger | |
UPnP: T4211: T4620 Fix upnp template | |||
2022-08-19 | UPnP: T4611: Rule must be as prefix instead of an address | Viacheslav Hletenko | |
From the doc miniupnpd IP/mask format must be nnn.nnn.nnn.nnn/nn Comment out invalid option "anchor" | |||
2022-08-18 | firewall: T4622: Add TCP MSS option | Viacheslav Hletenko | |
Ability to drop|accept packets based on TCP MSS size set firewall name <tag> rule <tag> tcp mss '501-1460' | |||
2022-08-17 | nat: T538: Add static NAT one-to-one | Viacheslav Hletenko | |
Ability to set static NAT (one-to-one) in one rule set nat static rule 10 destination address '203.0.113.0/24' set nat static rule 10 inbound-interface 'eth0' set nat static rule 10 translation address '192.0.2.0/24' It will be enough for PREROUTING and POSTROUTING rules Use a separate table 'vyos_static_nat' as SRC/DST rules and STATIC rules can have the same rule number | |||
2022-08-16 | upnp: T4613: Verify listen key in dictionary | Viacheslav Hletenko | |
There is no check if 'listen' is exist in the dictionary, fix it Fix odd ValueHelp format | |||
2022-08-15 | ocserv: openconnect: T4614: add support for split-dns | Christian Poessinger | |
set vpn openconnect network-settings split-dns <domain> | |||
2022-08-10 | l2tp: T4603: Add RADIUS nas-ip-address option | Viacheslav Hletenko | |
Add l2tp authentication radius nas-ip-address option which will be sent in NAS-IP-Address Radius attribute | |||
2022-08-08 | nat66: T4598: add file nat-exclue.xml.i, which is invoked by nat66.xml.in ↵ | Nicolas Fort | |
and nat-rule.xml.i | |||
2022-08-05 | nat66: T4598: Add exclude options in nat66 | Nicolas Fort | |
2022-08-04 | Merge https://github.com/Cheeze-It/vyos-1x into current | Christian Poessinger | |
* https://github.com/Cheeze-It/vyos-1x: bgp: T4257: Changing BGP "local-as" to "system-as" | |||
2022-08-04 | Merge pull request #1457 from sever-sever/T4586 | Christian Poessinger | |
nat66: T4586: Add SNAT destination prefix and DNAT address | |||
2022-08-03 | Merge pull request #1369 from nicolas-fort/T4480 | Daniil Baturin | |
T4480: webproxy: Add safe-ports and ssl-safe-ports for acl squid config | |||
2022-08-03 | nat66: T4586: Add SNAT destination prefix and DNAT address | Viacheslav Hletenko | |
Ability to configure SNAT destination prefix and DNAT source address Add option "!" - not address/prefix for NAT66 | |||
2022-08-01 | mtu: T4572: Add DHCP-option MTU to get values from DHCP-server | Viacheslav Hletenko | |
Ability to get MTU from DHCP-server and don't touch it per any interface change if interface 'dhcp-options mtu' is configured | |||
2022-07-30 | bgp: T4257: Changing BGP "local-as" to "system-as" | Cheeze_It | |
bgp: T4257: Changing BGP "local-as" to "system-as" This change is to change the global BGP name for the node "local-as" to "system-as" This is needed so that there's less ambiguity with the local-as feature per neighbor. bgp: T4257: Changing BGP "local-as" to "system-as" bgp: T4257: Changing BGP "local-as" to "system-as" This change is to change the global BGP name for the node "local-as" to "system-as" This is needed so that there's less ambiguity with the local-as feature per neighbor. | |||
2022-07-29 | Merge pull request #1403 from sever-sever/T4518 | Christian Poessinger | |
lb-wan: T4518: Add XML for conf mode load-balancing wan | |||
2022-07-25 | fastnetmon: T4556: Allow configure white_list_path and populate with ↵ | Adrian Almenar | |
hosts/networks that should be ignored. | |||
2022-07-24 | graphql: T3993: disable introspection unless set in CLI | John Estabrook | |
2022-07-24 | graphql: T3993: add interface-definition for gql | John Estabrook | |