| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-02-21 | smoketest: vxlan: T4120: verify support for multiple remote addresses | Christian Poessinger | |
| 2022-02-21 | vxlan: T4120: code cleanup for multiple remotes | Christian Poessinger | |
| 2022-02-20 | vxlan: T4120: add ability to set multiple remotes (PR #1127) | Andreas | |
| VXLAN does support using multiple remotes but VyOS does not. Add the ability to set multiple remotes and add their flood lists using "bridge" command. | |||
| 2022-02-20 | static: T4203: obey interface dhcp default route distance | Christian Poessinger | |
| Commit 05aa22dc ("protocols: static: T3680: do not delete DHCP received routes") added a bug whenever a static route is modified - the DHCP interface will always end up with metric 210 - if there was a default route over a DHCP interface. | |||
| 2022-02-20 | interface: T4203: prevent DHCP client restart if not necessary | Christian Poessinger | |
| In the past whenever a change happened to any interface and it was configured as a DHCP client, VyOS always had a breif outage as DHCP released the old lease and re-aquired a new one - bad! This commit changes the behavior that DHCP client is only restarted if any one of the possible options one can set for DHCP client under the "dhcp-options" node is altered. | |||
| 2022-02-17 | pki: eapol: T4245: Add full CA and client cert chains to wpa_supplicant PEM ↵ | Andrew Gunnerson | |
| files This commit updates the eapol code so that it writes the full certificate chains for both the specified CA and the client certificate to `<iface>_ca.pem` and `<iface>_cert.pem`, respectively. The full CA chain is necessary for validating the incoming server certificate when it is signed by an intermediate CA and the intermediate CA cert is not included in the EAP-TLS ServerHello. In this scenario, wpa_supplicant needs to have both the intermediate CA and the root CA in its `ca_file`. Similarly, the full client certificate chain is needed when the ISP expects/requires that the client (wpa_supplicant) sends the client cert + the intermediate CA (or even + the root CA) as part of the EAP-TLS ClientHello. Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com> | |||
| 2022-02-17 | vyos.configverify: T4255: fix unexpected print of dictionary instead of key | Christian Poessinger | |
| 2022-02-16 | xml: T3474: get component version dictionary from xml cache, not legacy | John Estabrook | |
| 2022-02-16 | xml: T3474: add smoketest to check xml component versions are maintained | John Estabrook | |
| Add smoketest to catch updates to a component version in legacy curver_DATA that is not present in xml syntaxVersion. | |||
| 2022-02-16 | xml: T3474: add component version include files | John Estabrook | |
| Add the include files containing the syntaxVersion element defining the version of the respective component; these files are included by the top level file 'xml-component-versions.xml.in'. Processing of these elements was previously added to the python xml lib in commit 40f5359d. This will replace the use of 'curver_DATA' in vyatta-cfg-system and other legacy packages. | |||
| 2022-02-16 | wireless: T4240: bugfix interface bridging | Christian Poessinger | |
| VLAN isolation can not be "set" when interface is of type wifi. | |||
| 2022-02-14 | pki: eapol: T4244: Fix KeyError when CA cert name differs from client cert name | Andrew Gunnerson | |
| This commit fixes a small typo where the client cert name was being used to index the CA configuration dict. Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com> | |||
| 2022-02-13 | ethernet: T4242: speed/duplex can never be switched back to auto/auto | Christian Poessinger | |
| 2022-02-13 | vyos.util: T4191: add new sysctl() helper function | Christian Poessinger | |
| 2022-02-08 | configtree: T4235: encapsulate config tree diff function | John Estabrook | |
| 2022-02-06 | config: T4228: is_member() must return all instances not only the last one | Christian Poessinger | |
| 2022-02-04 | firewall: T4209: Fix support for rule `recent` matches | sarthurdev | |
| 2022-02-03 | firewall: T4178: Fix only inverse matching on tcp flags | sarthurdev | |
| 2022-01-31 | Merge pull request #1199 from sarthurdev/T4218 | Christian Poessinger | |
| firewall: T4218: T4216: Add prefix to user defined chains, support negated groups, fixes | |||
| 2022-01-31 | Merge pull request #1198 from vyos/force_to_list | Christian Poessinger | |
| T4221: add force_to_list Jinja2 filter | |||
| 2022-01-31 | T4221: add force_to_list Jinja2 filter | Daniil Baturin | |
| 2022-01-29 | firewall: T4216: Add support for negated firewall groups | sarthurdev | |
| 2022-01-29 | firewall: T4218: Adds a prefix to all user defined chains | sarthurdev | |
| 2022-01-29 | firewall: T4178: Fix dict_keys issue with tcp flags | sarthurdev | |
| 2022-01-27 | firewall: T4178: Fix tcp flags output when `not` isn't used | sarthurdev | |
| 2022-01-26 | pki: T4212: Catch `install_into_config` errors and output for manual command ↵ | sarthurdev | |
| entry | |||
| 2022-01-20 | firewall: T2199: Add log prefix to match legacy perl behaviour | sarthurdev | |
| Example syslog: [FWNAME-default-D] ... * Also clean-up firewall default-action | |||
| 2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
| 2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
| * Add support for ECN and CWR flags | |||
| 2022-01-14 | firewall: T4178: Use lowercase for TCP flags and add an validator | sarthurdev | |
| 2022-01-12 | firewall: T4160: Fix support for inverse matches | sarthurdev | |
| 2022-01-11 | remote: T3950: Gracefully handle chained exceptions | erkin | |
| 2022-01-10 | frr: T4166: move log debug setting to init function for vyos-configd | John Estabrook | |
| frr.py debugging is set True if the file '/tmp/vyos.frr.debug' exists; this check needs to be called within an init function, as frr.py will have already been loaded by vyos-configd before the /tmp/*.debug files are created by vyos-router, or by call to 'touch'. | |||
| 2022-01-10 | Merge pull request #1151 from sarthurdev/firewall | Christian Poessinger | |
| firewall: policy: T4149: T4155: Fix incorrect table variable, fix handling of deleted base firewall node | |||
| 2022-01-09 | policy: T4155: Fix using incorrect table variable | sarthurdev | |
| 2022-01-05 | config: T3785: drop restriction to ascii in decode | John Estabrook | |
| Following the update to vyos1x-config, commit 64263617, UTF-8 characters are supported within the config file, hence in the output of showConfig. | |||
| 2022-01-05 | op-mode: T4142: Fix for show input ifbX interfaces | Viacheslav | |
| Ability to see interface type "input" ifbX from op-mode | |||
| 2022-01-05 | firewall: zone-policy: T2199: T4130: Fixes for firewall, state-policy and ↵ | sarthurdev | |
| zone-policy | |||
| 2022-01-04 | Merge pull request #1130 from sarthurdev/firewall | Christian Poessinger | |
| firewall: T4130: Fix firewall state-policy errors | |||
| 2022-01-04 | firewall: T4130: Fix firewall state-policy errors | sarthurdev | |
| Also fixes: * Issue with multiple state-policy rules being created on firewall updates * Prevents interface rules being inserted before state-policy | |||
| 2021-12-31 | Merge branch 'firewall' of https://github.com/sarthurdev/vyos-1x into current | Christian Poessinger | |
| * 'firewall' of https://github.com/sarthurdev/vyos-1x: zone_policy: T3873: Implement intra-zone-filtering policy: T2199: Migrate policy route op-mode to XML/Python policy: T2199: Migrate policy route to XML/Python zone-policy: T2199: Migrate zone-policy op-mode to XML/Python zone-policy: T2199: Migrate zone-policy to XML/Python firewall: T2199: Migrate firewall op-mode to XML/Python firewall: T2199: Migrate firewall to XML/Python | |||
| 2021-12-30 | snmp: T4124: migrate to get_config_dict() | Christian Poessinger | |
| 2021-12-28 | ipsec: T4111: Fix for swanctl configuration IPV6 peers | Viacheslav | |
| Peer name must not contain dots and colons, otherwise swanct can't generate correct configuration for swanctl.conf This is used in connection names and child SA names Add filter 'dot_colon_to_dash' which replace dots and colons | |||
| 2021-12-21 | interface: T4056: Fix unexpected delete tc qdisc | Viacheslav | |
| Traffic-policy rules are generated by old Perl code This commit prevents to unexpected override this code by python. | |||
| 2021-12-19 | vxlan: T3700: add support for Generic Protocol extension (VXLAN-GPE) | Christian Poessinger | |
| 2021-12-16 | remote: T3356: Remove incomplete HTTP upload progressbar support | erkin | |
| 2021-12-16 | Merge branch 'vyos:current' into current | Lulu Cathrinus Grimalkin | |
| 2021-12-16 | Merge branch 'current' of https://github.com/erkin/vyos-1x into current | erkin | |
| 2021-12-16 | remote: T4037: Report the final URL when following redirects | erkin | |
| 2021-12-13 | http-api: T4071: allow API to bind to unix domain socket | John Estabrook | |
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) |
| summaryrefslogtreecommitdiff |