| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-02-24 | scripts: T4269: node.def generator should automatically add default values | Christian Poessinger | |
| Since introducing the XML <defaultValue> node it was common, but redundant, practice to also add a help string indicating which value would be used as default if the node is unset. This makes no sense b/c it's duplicated code/value/characters and prone to error. The node.def scripts should be extended to automatically render the appropriate default value into the CLI help string. For e.g. SSH the current PoC renders: $ cat templates-cfg/service/ssh/port/node.def multi: type: txt help: Port for SSH service (default: 22) val_help: u32:1-65535; Numeric IP port ... Not all subsystems are already migrated to get_config_dict() and make use of the defaults() call - those subsystems need to be migrated, first before the new default is added to the CLI help. | |||
| 2022-02-22 | Merge pull request #1230 from sever-sever/T1856 | Christian Poessinger | |
| ipsec: T1856: Ability to set SA life bytes and packets | |||
| 2022-02-21 | Merge pull request #1231 from sever-sever/T3948 | Christian Poessinger | |
| ipsec: T3948: Add CLI site-to-site peer connection-type none | |||
| 2022-02-21 | Merge pull request #1234 from srividya0208/T3656 | Christian Poessinger | |
| vpn_ipsec: T3656: modified completion help for key-exchange | |||
| 2022-02-21 | vpn_ipsec: T3656: modified completion help for key-exchange | srividya0208 | |
| In latest releases, default IKE version is removed, which allows the connection to be IKEv1 or IKEv2. The completion help shows IKEv1 as default so removed it. | |||
| 2022-02-20 | vxlan: T4120: rename tunnel-remotes.xml.i -> tunnel-remote-multi.xml.i | Christian Poessinger | |
| 2022-02-20 | vxlan: T4120: add ability to set multiple remotes (PR #1127) | Andreas | |
| VXLAN does support using multiple remotes but VyOS does not. Add the ability to set multiple remotes and add their flood lists using "bridge" command. | |||
| 2022-02-20 | ipsec: T3948: Add CLI site-to-site peer connection-type none | Viacheslav Hletenko | |
| set vpn ipsec site-to-site peer 192.0.2.14 connection-type none | |||
| 2022-02-20 | macsec: T4261: add dhcp client support | Christian Poessinger | |
| 2022-02-20 | ipsec: T1856: Ability to set SA life bytes and packets | Viacheslav Hletenko | |
| set vpn ipsec esp-group grp-ESP life-bytes '100000' set vpn ipsec esp-group grp-ESP life-packets '2000000' | |||
| 2022-02-20 | Merge branch 't4203-dhcp' into current | Christian Poessinger | |
| * t4203-dhcp: smoketest: dhcp: T4203: move testcase to base class static: T4203: obey interface dhcp default route distance interface: T4203: prevent DHCP client restart if not necessary | |||
| 2022-02-20 | Merge pull request #1226 from sever-sever/T4254 | Christian Poessinger | |
| vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options | |||
| 2022-02-20 | static: T4203: obey interface dhcp default route distance | Christian Poessinger | |
| Commit 05aa22dc ("protocols: static: T3680: do not delete DHCP received routes") added a bug whenever a static route is modified - the DHCP interface will always end up with metric 210 - if there was a default route over a DHCP interface. | |||
| 2022-02-19 | containers: T4249: Allow to connect host device to the container | Viacheslav Hletenko | |
| Ability to attach host devices to the container It can be disk, USB device or any device from the directory /dev set container name alp01 device disk source '/dev/vdb1' set container name alp01 device disk destination '/dev/mydisk' | |||
| 2022-02-19 | vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options | Viacheslav Hletenko | |
| Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn charon.install_virtual_ip_on swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z set vpn ipsec options flexvpn set vpn ipsec options virtual-ip set vpn ipsec options interface tunX set vpn ipsec site-to-site peer x.x.x.x virtual-address x.x.x.x | |||
| 2022-02-16 | xml: T3474: add component version include files | John Estabrook | |
| Add the include files containing the syntaxVersion element defining the version of the respective component; these files are included by the top level file 'xml-component-versions.xml.in'. Processing of these elements was previously added to the python xml lib in commit 40f5359d. This will replace the use of 'curver_DATA' in vyatta-cfg-system and other legacy packages. | |||
| 2022-02-16 | policy: T2425: add completion helper script when referencing IP addresses | Christian Poessinger | |
| 2022-02-07 | xml: ssh: T4233: sync regex for allow/deny usernames to "system login" | Christian Poessinger | |
| 2022-02-05 | Merge pull request #1206 from sarthurdev/T4209 | Christian Poessinger | |
| firewall: T4209: Fix support for rule `recent` matches | |||
| 2022-02-04 | firewall: T4209: Fix support for rule `recent` matches | sarthurdev | |
| 2022-02-03 | T4227:Bridge: Typo in completion help of hello-time option | srividya0208 | |
| There is spelling mistake in "advertisement" of hello-time option's completion help | |||
| 2022-01-31 | upnpd: T3420: use proper include directives | Christian Poessinger | |
| 2022-01-31 | Merge pull request #1196 from hensur/current-ipv6-local-route-iif | Christian Poessinger | |
| policy: T4219: add local-route(6) inbound-interface support | |||
| 2022-01-30 | firewall: T2199: Add constraint for tagnode names | sarthurdev | |
| 2022-01-30 | policy: T4219: add local-route(6) incoming-interface | Henning Surmeier | |
| 2022-01-30 | Merge pull request #789 from jack9603301/T3420 | Daniil Baturin | |
| upnpd: T3420: Support UPNP protocol | |||
| 2022-01-25 | nat: T4138: Add port-range validation for NAT | Viacheslav Hletenko | |
| Add port-validators for NAT rules that prevent to set incorrect port-ranges (21-5) and incorrect ports (70000) | |||
| 2022-01-22 | Merge pull request #1184 from sarthurdev/firewall_icmp | Christian Poessinger | |
| firewall: T4130: T4186: ICMP/v6 updates, ipv6 state policy check fix | |||
| 2022-01-21 | Firewall: T4186: Adding icmpv6 corrections, in corcondancy of what was done ↵ | Nicolas Fort | |
| for icmp | |||
| 2022-01-21 | Firewall: T4186: typo correction on address-mask-reply description | Nicolas Fort | |
| 2022-01-21 | Firewall: T4186: Correct icmp type-name options for firewall rules | Nicolas Fort | |
| 2022-01-20 | Merge pull request #1144 from hensur/current-ipv6-local-route | Christian Poessinger | |
| policy: T4151: Add policy ipv6-local-route | |||
| 2022-01-19 | Merge pull request #1177 from sarthurdev/mac_groups | Christian Poessinger | |
| firewall: T3560: Add support for MAC address groups | |||
| 2022-01-19 | OSPF : T4195: ability to set maximum paths for OSPF | fett0 | |
| 2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
| 2022-01-17 | Merge pull request #1174 from sarthurdev/firewall | Christian Poessinger | |
| firewall: T4178: T3873: tcp flags syntax refactor, intra-zone-filtering fix | |||
| 2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
| * Add support for ECN and CWR flags | |||
| 2022-01-14 | wireguard: T4183: Allow to set peer IPv6 link-local address | Viacheslav | |
| 2022-01-14 | Merge pull request #1167 from sarthurdev/firewall | Christian Poessinger | |
| firewall: T4178: Use lowercase for TCP flags and add an validator | |||
| 2022-01-14 | firewall: T4178: Use lowercase for TCP flags and add an validator | sarthurdev | |
| 2022-01-14 | policy: T4151: Add policy ipv6-local-route | Henning Surmeier | |
| Adds support for `ip -6 rule` policy based routing. Also, extends the existing ipv4 implemenation with a `destination` key, which is translated as `ip rule add to x.x.x.x/x` rules. https://phabricator.vyos.net/T4151 | |||
| 2022-01-13 | Firewall: T4181: Set correct description for ipv6-network-group | fett0 | |
| 2022-01-11 | Merge pull request #1157 from nicolas-fort/T4162 | Christian Poessinger | |
| vpn: T4162: Correct helper description for ikev2-reauth | |||
| 2022-01-11 | policy: T2199: Refactor policy route script for better error handling | sarthurdev | |
| * Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6` | |||
| 2022-01-11 | ike-group: T4162: Correct helper description for ikev2-reauth | Nicolas Fort | |
| 2022-01-11 | firewall: T2199: Add ipv6-range support to IPv6 address group | sarthurdev | |
| 2022-01-11 | policy: T4170: rename "policy ipv6-route" -> "policy route6" | Christian Poessinger | |
| In order to have a consistent looking CLI we should rename this CLI node. There is: * access-list and access-list6 (policy) * prefix-list and prefix-list6 (policy) * route and route6 (static routes) | |||
| 2022-01-11 | policy: T2199: add missing rule constraints | Christian Poessinger | |
| 2022-01-10 | Merge pull request #1152 from sarthurdev/firewall_validators | Christian Poessinger | |
| firewall: validators: T4148: Improve validators and firewall validator usage | |||
| 2022-01-10 | conntrack: T3579: make the timeout tree re-usable as XML include | Christian Poessinger | |
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) |
| summaryrefslogtreecommitdiff |
path: root/interface-definitions