summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2023-08-11T5160: firewall refactor: change default value for <default-action> from ↵Nicolas Fort
<drop> to <accept> if default-action is not specified in base chains
2023-08-11T5160: firewall refactor: move <set firewall ipv6 ipv6-name ...> to <set ↵Nicolas Fort
firewall ipv6 name ...> . Also fix some unexpected behaviour with geoip.
2023-08-11T5160: firewall refactor: change firewall ip to firewall ipv4Nicolas Fort
2023-08-11T5160: firewall refactor: new cli structure. Update only all xmlNicolas Fort
2023-08-10Merge pull request #2140 from sever-sever/T5448Daniil Baturin
T5448: Add service zabbix-agent
2023-08-09openvpn: T5271: add peer certificate fingerprint optionDaniil Baturin
2023-08-09T5448: Add service zabbix-agent version 2Viacheslav Hletenko
Add service zabbix-agent set service zabbix-agent directory '/config/zabbix/' set service zabbix-agent limits buffer-flush-interval '8' set service zabbix-agent limits buffer-size '120' set service zabbix-agent log debug-level 'warning' set service zabbix-agent log size '1' set service zabbix-agent server '192.0.2.5' set service zabbix-agent server-active 192.0.2.5 port '10051' set service zabbix-agent server-active 2001:db8::123
2023-08-08Merge pull request #2119 from nicolas-fort/T5014-dnatChristian Breunig
T5014: nat: add source and destination nat options for configuring lo…
2023-08-07T5446: BGP: change <bgp paramater bestpath med> from node to leafNode, in ↵Nicolas Fort
order to avoid empty value and problems when removing such parameters
2023-08-06dyndns: T5445: add possibility to specify update interval (timeout)Christian Breunig
set service dns dynamic timeout <60-3600>
2023-08-02dhcp: T5414: improve bootfile-name constraintxChristian Breunig
Extend list of allowed characters for the bootfile-option.
2023-08-02Merge pull request #2122 from aapostoliuk/T5413Christian Breunig
wireguard: T5413: Blocked adding the peer with the router's public key
2023-08-02wireguard: T5413: Blocked adding the peer with the router's public keyaapostoliuk
Disabeled adding the peer with the same public key as the router has. Added smoketest
2023-08-01Merge pull request #2113 from jvoss/container_priorityChristian Breunig
container: T5407: increase priority before protocol static
2023-08-01T5374: Add system option time-format 12 or 24 hoursViacheslav Hletenko
Ability to set locate time format 12|24-hour set system option time-format 12-hour|24-hour $ date Tue Aug 1 12:33:45 PM EEST 2023 $ date Tue 1 Aug 12:34:09 EEST 2023
2023-07-31Merge branch 'current' into T5014-dnatNicolás Fort
2023-07-31T5014: fix conflicts. Add code for redirection, which is causing conflicts. ↵Nicolas Fort
Change code for new syntax
2023-07-31T5014: nat: add source and destination nat options for configuring load ↵Nicolas Fort
balance within a single rule.
2023-07-31dhcpv6-pd: T5387: add support for no-release flag1vivy
When no-release is specified, dhcp6c client will not release allocated address or prefix on client exit. vyos.ifconfig: dhcpv6: T5387: re-use options_file for no release flag [WIP] * Todo: render Jinja2 template and fill it vyos.ifconfig: dhcpv6: T5387: finish options_file and no release flag in cli vyos.ifconfig: dhcpv6: T5387: fix missing/wrong end tag vyos.ifconfig: dhcpv6: T5387: fix options, no var for -n dhcpv6-client: T5387: fix missing / from filepaths
2023-07-27Merge pull request #2105 from sever-sever/T5368Daniil Baturin
T5368: service ids ddos-protection add support sflow mode
2023-07-27openvpn: T4974: move CLI node "enable-dco" -> "offload dco" to match other ↵Christian Breunig
inetfaces Keep a common CLI structure by re-using the already established offload node from ethernet.
2023-07-26container: T5407: increase priority before protocol staticJonathan Voss
2023-07-26Merge pull request #2078 from nicolas-fort/T5154Viacheslav Hletenko
T5154: NTP: allow maximum of one ipv4 and one ipv6 address on paramet…
2023-07-25T5154: NTP: allow maximum of one ipv4 and one ipv6 address on parameter ↵Nicolas Fort
<listen-address>. Also allow only one single value <interface>.
2023-07-22Merge pull request #2100 from nicolas-fort/T4889Christian Breunig
T4889: NAT Redirect: adddestination nat redirection (to local host) feature.
2023-07-22Merge pull request #2107 from fett0/T4974Christian Breunig
T4974:add/fixed enable ovpn-dco by default
2023-07-21 T4974:add/fixed enable ovpn-dco by defaultfett0
2023-07-21ospf: T5377: add "capability opaque" supportChristian Breunig
2023-07-21T5368: service ids ddos-protection add support sflow modeViacheslav Hletenko
sFlow mode requires fewer resources then mode "mirror" Integrate it into configuration mode set service ids ddos-protection mode 'sflow' set service ids ddos-protection sflow listen-address '127.0.0.1' set service ids ddos-protection sflow port '6343'
2023-07-20ospf: T5377: add graceful restart FRR feature (RFC 3623)Christian Breunig
New CLI commands: * set protocols ospf graceful-restart grace-period 300 * set protocols ospf graceful-restart helper planned-only * set protocols ospf graceful-restart helper no-strict-lsa-checking * set protocols ospf graceful-restart helper supported-grace-time 400 * set protocols ospf graceful-restart helper enable router-id 192.0.2.1 * set protocols ospf graceful-restart helper enable router-id 192.0.2.2 * set protocols ospfv3 graceful-restart grace-period 300 * set protocols ospfv3 graceful-restart helper planned-only * set protocols ospfv3 graceful-restart helper lsa-check-disable * set protocols ospfv3 graceful-restart helper supported-grace-time 400 * set protocols ospfv3 graceful-restart helper enable router-id 192.0.2.1 * set protocols ospfv3 graceful-restart helper enable router-id 192.0.2.2
2023-07-19T4899: NAT Redirect: adddestination nat redirection (to local host) feature.Nicolas Fort
2023-07-13T5059: relay: add disable options for dhcp-relay and dhcpv6-relay. Also add ↵Nicolas Fort
validor for dhcpv6-relay which was missing.
2023-07-12bgp: T5338: simplify XML and code handlingChristian Breunig
2023-07-12bgp: T2387: re-use XML building blocks to simplify CLI definitionChristian Breunig
2023-07-12Merge pull request #2085 from aapostoliuk/T5338-sagittaChristian Breunig
bgp: T5338: Added 'protocols bgp interface <int> mpls forwarding' feature
2023-07-11bgp: T5338: Added 'protocols bgp interface <int> mpls forwarding' featureaapostoliuk
Added 'protocols bgp interface <int> mpls forwarding' feature. It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected.
2023-07-11T5341: HA migrate virtual-server tag to node addressViacheslav Hletenko
Migrate: high-availability virtual-server 203.0.113.1 to: high-availability virtual-server <name> address 203.0.113.1
2023-07-09mpls: T5346: Set priority 490 for MPLS config after all interfacesJonathan Voss
2023-07-08Merge pull request #2077 from jvoss/jvoss/bgp_pg_vpn_afiChristian Breunig
bgp: T5343: add ipv4-vpn and ipv6-vpn config options to peer-group
2023-07-07Merge pull request #2042 from sever-sever/T775Viacheslav Hletenko
T775: Add service config-sync between 2 routers
2023-07-06bgp: T5343: add ipv4-vpn and ipv6-vpn config options to peer-groupJonathan Voss
2023-07-05geneve: T5339: add option to use ipv4 instead of ethernetfett0
2023-07-05T5336: Add Swedish keyboard-layoutApachez
2023-07-03ospf: T5334: add support for external route summarisation Type-5 and Type-7 LSAsChristian Breunig
* set protocols ospf aggregation timer <seconds> * set protocols ospf summary-address x.x.x.x/x [tag 1-4294967295] * set protocols ospf summary-address x.x.x.x/x no-advertise
2023-07-03xml: policy: T2425: create building block for "tag" nodeChristian Breunig
2023-07-03VPP: T1797: Added interfaces reinitializationzsdc
After an interface is added/removed from VPP, it will be reinitialized, which allows reconfiguring IP addresses on it. Also modified VPP load priority to start before interfaces, and avoid reconfiguration during boot.
2023-06-30T5329 : priority: tunnel config is committed before wireguardsrividya0208
2023-06-30T775: Add service config-sync between 2 routersViacheslav Hletenko
Service config-sync allows synchronizing a section of the configuration. As PoC allow only nat, nat66 and firewall sections Rertreive the configuration for a section from self node and send this configuration to the section of the 'secondary' node. This feature adds a symlink from helper 'vyos_config_sync.py' to '/config/scripts/commit/post-hooks.d' and config that is located in '/run/config_sync_conf.conf' It will synchronyze the config only if the setcion was changed. set service config-sync secondary address 192.0.2.11 set service config-sync secondary key xxx set service config-sync section nat set service config-sync section nat66 set service config-sync section firewall set service config-sync mode load
2023-06-29Merge pull request #2059 from sever-sever/T1797-vppChristian Breunig
T1797: Add initial vpp configuration
2023-06-29policy: T4329: Fix regex for extcommunity rt #2Christian Breunig
The previous implementation did not iterate over the communit list, so only one match criteria was supported. set policy route-map FOO rule 10 action 'permit' set policy route-map FOO rule 10 set extcommunity rt '1111:2222222' worked but on the other hand this failed: set policy route-map FOO rule 20 action 'permit' set policy route-map FOO rule 20 set extcommunity rt '6500:24 6500:23 192.168.0.1:111 192.168.0.1:222'