Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-08-14 | [service https] T1443: add self-signed TLS certificate | John Estabrook | |
2019-08-09 | [bfd] T1183: Added some new functionality and fixed bugs in BFD: | zsdc | |
* added option "echo-mode" and "echo-interval" for BFD peers * added configuration check for usage "multihop" and "echo-mode" * added configuration check for denying deletion BFD peers, which are used in BGP configuration * fixed deleting/changing BFD peers with custom parameters (for example multihop, local-address, etc.) * deleted wrong skipping of configuration check for "shutdown" BFD peers | |||
2019-08-07 | [l2tp] T1566 ipv6 implementation | DmitriyEshenko | |
2019-08-07 | XML: WireGuard: run interfacedefinition through XML lint | Christian Poessinger | |
2019-08-07 | Validator: rename cidr -> ip-cidr to match existing patterns | Christian Poessinger | |
2019-08-05 | [bridge] T1156: add XML completion helpers for interface address (dhcp and ↵ | Christian Poessinger | |
dhcpv6) | |||
2019-08-05 | [bridge] T1156: add XML address constraints | Christian Poessinger | |
2019-08-05 | [bridge] T1156: remove priority of address node | Christian Poessinger | |
2019-08-04 | [bridge] T1156: rename igmp-snooping node to igmp | Christian Poessinger | |
2019-08-03 | [bridge] T1156: support adding and removing bridge member interfaces | Christian Poessinger | |
This is the new syntax bridge br0 { member { interface eth0 { cost 10 } interface eth1 { cost 11 } } } | |||
2019-08-02 | [bridge] T1156: first working implementation using Python and XML | Christian Poessinger | |
2019-08-02 | WireGuard: rename wireguard.py -> interface-wireguard.py | Christian Poessinger | |
2019-08-02 | WireGuard: rename wireguard.xml -> interfaces-wireguard.xml | Christian Poessinger | |
2019-07-31 | T1555 Implementation shared-secret for LNS. Implementation command disabling ↵ | DmitriyEshenko | |
ccp. | |||
2019-07-30 | Merge pull request #94 from hagbard-01/sstp | hagbard-01 | |
[SSTP] - T853: accel-ppp: SSTP implementation | |||
2019-07-30 | [SSTP] - T853: accel-ppp: SSTP implementation | hagbard | |
2019-07-26 | T1546 fix syntax l2tp radius source-address and migrate other radius options | DmitriyEshenko | |
2019-07-25 | [accel-l2tp] - T834: l2tp implementation | hagbard | |
- node.def deletion for show remote-access - IPSec interface checking for L2TP - IPSec x509 for l2tp - verification of outside-address to warning since it was optional in the previous config | |||
2019-07-22 | [wireguard] fixing value help typo | hagbard | |
2019-07-22 | [pppoe] typo fixed | hagbard | |
2019-07-21 | T1537: add missing help for 'set service dns' | Christian Poessinger | |
2019-07-15 | [T1299] - SNMP extension with custom scripts | hagbard | |
2019-07-08 | [IPoE] - T1510: vlan-mon option implementation | hagbard | |
2019-07-08 | [PPPoE] - T1489: vlan_mon config options | hagbard | |
2019-07-04 | T1435 plus other dhcp/dhcpv6-server enhancements | Jernej Jakob | |
- T1435: dhcp-server: make ip-address optional in static-mapping - remove [REQUIRED] from dhcpv6-server static-mapping identifier and ipv6-address - verify if static-mapping ipv6-address is in subnet - make help and error messages in conf-mode more descriptive - remove regex ^$ anchors (implied in re.fullmatch) | |||
2019-07-02 | [IPoE] T1495 - IA-PD via IPoE implemented | hagbard | |
2019-07-01 | [service https] T1443: add service https and service https api | John Estabrook | |
2019-07-01 | T1498: Nameservers are not propagated into resolv.conf | Kim Hagen | |
2019-06-28 | [IPoE] config structure improved | hagbard | |
* fixed minor issues * fixed lower function for mac addresses if user capitalized it (local mode only) * added some checks to verify() * cli ip-address checks on input | |||
2019-06-27 | [IPoE] T989 - IPoE implementation | hagbard | |
* chap-secrets file generation * noauth in accel config as option * local auth with csid implemented * radius implementation * shaper per user implemented * op comands for stats | |||
2019-06-22 | bfd: T1183: move "multiplier" configuration node to "interval multiplier" | Christian Poessinger | |
2019-06-22 | bfd: T1183: add rx/tx interval configuration | Christian Poessinger | |
vyos@vyos# show protocols bfd { peer 1.1.1.1 { interval { receive 400 transmit 300 } } } | |||
2019-06-22 | bfd: T1183: add support to configure detection multiplier | Christian Poessinger | |
Configures the detection multiplier to determine packet loss. The remote transmission interval will be multiplied by this value to determine the connection loss detection timer. The default value is 3. Example: when the local system has detect-multiplier 3 and the remote system has transmission interval 300, the local system will detect failures only after 900 milliseconds without receiving packets. | |||
2019-06-22 | bfd: T1183: adjust CLI syntax for source address/interface | Christian Poessinger | |
Place address/interface under new source node. vyis@vyos# show protocols bfd peer 1.1.1.1 { source { address 1.2.3.4 interface eth0.201 } } | |||
2019-06-22 | bfd: T1183: add support for multihop | Christian Poessinger | |
multihop tells the BFD daemon that we should expect packets with TTL less than 254 (because it will take more than one hop) and to listen on the multihop port (4784). When using multi-hop mode echo-mode will not work (see RFC 5883 section 3). | |||
2019-06-22 | bfd: T1183: initial CLI implementation | Christian Poessinger | |
vyos@vyos# show protocols bfd peer 172.18.202.10 { local-address 172.18.201.10 local-interface eth0.201 shutdown } peer 172.18.202.12 { shutdown } | |||
2019-06-19 | [wireguard] T1425 - assign a /31 address on Wireguard interface | hagbard | |
- added a validator for checking if the address is any cidr noted address | |||
2019-06-18 | [pppoe-server] T1452 - add vendor option to shaper | hagbard | |
2019-06-16 | T1439: remove beginning and end anchors, they are implied with re.fullmatch | Jernej Jakob | |
2019-06-16 | T1439: move DUID validator to regex | Jernej Jakob | |
2019-06-16 | T1439: add dhcpv6-client-id validator | Jernej Jakob | |
2019-06-16 | dhcpv6-server: Add name constraint, clarify help, fix typos | Jernej Jakob | |
2019-04-26 | [pppoe-server] adding CIDR based prefixes as client-ip-pool option | hagbard | |
2019-04-23 | [pppoe-server] - fixed default RADIUS attribute Filter-Id | hagbard | |
2019-04-21 | [firewall] T314: add firewall options for MSS clamping | Christian Poessinger | |
* clamp MSS IPv4 set firewall options interface pppoe0 adjust-mss '1452' * clamp MSS IPv6 set firewall options interface pppoe0 adjust-mss6 '1452' * disable entire rule set firewall options interface pppoe0 disable Output ------ $ sudo iptables-save -t mangle # Generated by iptables-save v1.4.21 on Sun Apr 21 12:56:25 2019 *mangle :PREROUTING ACCEPT [1217:439885] :INPUT ACCEPT [290:52459] :FORWARD ACCEPT [920:375774] :OUTPUT ACCEPT [301:100053] :POSTROUTING ACCEPT [1221:475827] :VYOS_FW_OPTIONS - [0:0] -A FORWARD -j VYOS_FW_OPTIONS -A VYOS_FW_OPTIONS -o pppoe0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 COMMIT Completed on Sun Apr 21 12:56:25 2019 (cherry picked from commit 476aa4c3a561ea0ef0bf9b4c26ec8b78d18a5d02) | |||
2019-04-20 | Revert "[hostname] T1336: trailing dots in system domain-name are invalid" | Christian Poessinger | |
This reverts commit 05c539ea5595790b297904569cbe13089ce79e18. | |||
2019-04-20 | [hostname] T1336: trailing dots in system domain-name are invalid | Christian Poessinger | |
Debian/Systemd provides hostnamectl which disabllows setting a FQDN when there is a trailing (.) in the provided hostname. Extend regex when setting "system domain-name" that there can't be a trailing (.). Provide migration script for current installations to remove the dot. | |||
2019-04-18 | [pppoe-server] - typo corrected | hagbard | |
2019-04-18 | [pppoe-server] T1341 - Adding rate-limiter for pppoe server users | hagbard | |
- RADIUS shaper settings | |||
2019-04-18 | [pppoe-server] T1341 - Adding rate-limiter for pppoe server users | hagbard | |
- implementation for locally definied users |