summaryrefslogtreecommitdiff
path: root/interface-definitions
AgeCommit message (Collapse)Author
2022-11-21T4832: dhcp: Add IPv6-only dhcp option support (RFC 8925)Yuxiang Zhu
Clients supporting this DHCP option (DHCP option 108, RFC 8925) will disable its IPv4 network stack for configured number of seconds and operate in IPv6-only mode. This option is known to work on iOS 15+ and macOS 12.0.1+. Example command: ```sh set service dhcp-server shared-network-name LAN6 subnet 192.168.64.0/24 ipv6-only-preferred 0 ```
2022-11-18T4826: Fix login pubkey key type ed25519-sk ecdsa-skViacheslav Hletenko
Requires full key type name like sk-ecdsa-sha2-nistp256@openssh.com and sk-ssh-ed25519@openssh.com
2022-11-17Merge pull request #1654 from sarthurdev/pbr_refactorChristian Poessinger
policy: T2199: T4605: Migrate policy route interface node
2022-11-13T4813: add l3vpn over gre option from route-mapfett0
2022-11-13l3VPN : T4182: add l3vpn over gre option from route-mapfett0
2022-11-11policy: T2199: T4605: Migrate policy route interface to `policy route|route6 ↵sarthurdev
<name> interface <ifname>` * Include refactor to policy route to allow for deletion of mangle table instead of complex cleanup * T4605: Rename mangle table to vyos_mangle
2022-11-10dns: T738: add CLI option for PowerDNS local-portZen3515
2022-11-05container: T4802: support per container shared-memory size configurationChristian Poessinger
Size of /dev/shm within a container can be defined via --shm-size when invoking the container. Add corresponding CLI node.
2022-11-03Merge pull request #1633 from sarthurdev/fqdnChristian Poessinger
firewall: T970: T1877: Add source/destination fqdn, refactor domain resolver, firewall groups in NAT
2022-11-03nat: T1877: T970: Add firewall groups to NATsarthurdev
2022-11-03firewall: T970: Refactor domain resolver, add firewall source/destination ↵sarthurdev
`fqdn` node
2022-11-03validators: T4795: migrate mac-address python validator to validate-valueChristian Poessinger
Instead of spawning the Python interpreter for every mac-address to validate, rather use the base validate-value OCaml implementation which is much faster. This removes redundant code and also makes the CLI more responsive. Validator is moved out to a dedicated file instead of using XML inlined <regex> for the reason of re-usability. So if that regex needs to be touched again - it can all happen in one single file.
2022-11-03xml: T4795: superseed allowed-vlan validator by numeric range validatorChristian Poessinger
Reduce CPU time when spawning the python interpreter. Same can be done by the numeric validator.
2022-11-03xml: T4795: provide common and re-usable XML definitions for policyChristian Poessinger
Remove duplicated code and move to single-source of truth.
2022-11-01login: T4750: add ecdsa-sk and ed25519-sk as supported public key typeChristian Poessinger
2022-10-31ipsec: T4787: add support for road-warrior/remote-access RADIUS timeoutChristian Poessinger
This enabled users to also use 2FA/MFA authentication with a radius backend as there is enough time to enter the second factor.
2022-10-30snmp: T4785: allow @, * and # in SNMP community nameChristian Poessinger
2022-10-29snmp: T4785: allow ! in community nameChristian Poessinger
2022-10-29static: T4784: add description node for static route/route6 tagNodesChristian Poessinger
2022-10-25graphql: T4574: add interface definitions for authentication settingsJohn Estabrook
2022-10-21graphql: T4768: change name of api child node from 'gql' to 'graphql'John Estabrook
2022-10-17ssh: T4720: Ability to configure SSH-server HostKeyAlgorithmsViacheslav Hletenko
Ability to configure SSH-server HostKeyAlgorithms. Specifies the host key signature algorithms that the server offers. Can accept multiple values.
2022-10-14login: 2fa: T874: fix Google authenticator issuesChristian Poessinger
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos'
2022-10-13T4739: OSPF segment routing being refactoredCheeze_It
2022-10-13T4739: ISIS segment routing being refactoredCheeze_It
2022-10-13monitoring: T4312: Ability to set IP address in the URLViacheslav Hletenko
Use common "url.xml" which allow URL as domain name or IP entrie
2022-10-12Merge pull request #1555 from goodNETnick/ssh_otpChristian Poessinger
system login: T874: add 2FA support for local and ssh authentication
2022-10-11system login: T874: add 2FA support for local and ssh authenticationgoodNETnick
2022-10-11xml: ospf: isis: T4739: merge include files for MPLS segment-routingChristian Poessinger
2022-10-11Merge pull request #1574 from Cheeze-It/currentChristian Poessinger
isis: T4739: ISIS segment routing being refactored
2022-10-11Merge pull request #1547 from initramfs/current-limiter-actionsChristian Poessinger
qos: T4688: add xml template for limiter actions
2022-10-11isis: T4739: ISIS segment routing being refactoredCheeze_It
This is to refactor ISIS segment routing to match up with OSPF segment routing.
2022-10-10Merge pull request #1577 from sarthurdev/T4741Christian Poessinger
firewall: policy: T4741: T4742: Verify zone `from` is defined, autocomplete policy route tables
2022-10-10Merge pull request #1563 from sever-sever/T4716Christian Poessinger
ssh: T4716: Ability to configure RekeyLimit data and time
2022-10-10policy: T4742: Add policy route table auto-completesarthurdev
2022-10-10ssh: T4716: Ablity to configure RekeyLimit data and timeViacheslav Hletenko
Ability to configure SSH RekeyLimit data (in Megabytes) and time (in Minutes) set service ssh rekey data 1024 set service ssh rekey time 60
2022-10-09firewall: T3907: Fix firewall state-policy loggingsarthurdev
When log-level was introduced node `state-policy x log` was removed without migrator. This commit adds it back and improves log handling.
2022-10-07Merge pull request #1572 from Cheeze-It/currentChristian Poessinger
ospf: T4707: Add OSPF segment routing for FRR
2022-10-07Merge branch 'current' into radius-rate-limit-compChristian Poessinger
2022-10-06ospf: T4707: Add OSPF segment routing for FRRCheeze_It
In this commit we add OSPF segment routing, smoke tests, handlers, FRR template changes, and CLI commands.
2022-10-06xml: T4722: radius: remove superfluous "default" help stringChristian Poessinger
vyos-1x automatically adds a "(default: ...)" hint to the CLI help if the <defaultValue> XML tag is used. No need to specify this manually.
2022-10-06Merge pull request #1567 from aapostoliuk/T4660-sagittaChristian Poessinger
policy: T4660: Changed CLI syntax in route-map set community
2022-10-06T4727: add support for RADIUS rate limiting to PPTP (#1570)Daniil Baturin
2022-10-03T4726: add completion help and validation for accel-ppp vendor optionDaniil Baturin
2022-10-03policy: T4660: Changed CLI syntax in route-map set communityaapostoliuk
Changed CLI syntax in route-map set community, set large-community, set extcommunity Allows to add multiple communities, large-communities and extcommunities in clear view. Added new well-known communities. Added non-transitive feature in extcommunities. Fixed community's validators.
2022-10-01T4722: consistently use the "RADIUS" spelling for the RADIUS protocolDaniil Baturin
2022-09-30bgp: evpn: T1315: add route-target CLI node <multi/> propertyChristian Poessinger
FRR supports multiple route-targets to be used for import/export: address-family l2vpn evpn route-target import 20:10 route-target import 20:11 route-target import 20:12 route-target import 40:40 route-target export 1:2 route-target export 1:3 route-target export 40:40 exit-address-family Thus the <multi/> property is added to the relevant CLI nodes.
2022-09-28Merge pull request #1561 from sever-sever/T4715Christian Poessinger
login: T4715: Auto logout user after inactivity
2022-09-28ids: T4557: Update xml-component-versionViacheslav Hletenko
2022-09-28login: T4715: Auto logout user after inactivityViacheslav Hletenko
Ability to terminate interactive sessions (TTY/PTS) after a period of inactivity. set system login timeout '300'