| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-09-26 | ids: T4557: Migrate threshold and add new threshold types | Viacheslav Hletenko | |
| Migrate "service ids ddos-protection threshold xxx" to "service ids ddos-protection general threshold xxx" Add new threshold types: set service ids ddos-protection threshold tcp xxx set service ids ddos-protection threshold udp xxx set service ids ddos-protection threshold icmp xxx | |||
| 2022-09-14 | firewall: nat66: policy: T2199: Fix smoketests for nftables updated output | sarthurdev | |
| 2022-09-14 | Merge pull request #1534 from sarthurdev/firewall_interfaces | Christian Poessinger | |
| firewall: zone-policy: T2199: T4605: Refactor firewall, migrate zone-policy | |||
| 2022-09-13 | isis: T4693: Fix ISIS segment routing configurations | Cheeze_It | |
| This change is to fix a bug in which ISIS segment routing was broken due to a refactor. This change also is going to introduce a smoketest to make sure this is caught in the future. | |||
| 2022-09-13 | zone-policy: T2199: Migrate zone-policy to firewall node | sarthurdev | |
| 2022-09-13 | policy: T2199: Typo in policy route smoketest teardown | sarthurdev | |
| 2022-09-13 | firewall: T4605: Rename filter tables to vyos_filter | sarthurdev | |
| 2022-09-13 | firewall: T2199: Refactor firewall + zone-policy, move interfaces under ↵ | sarthurdev | |
| firewall node * Refactor firewall and zone-policy rule creation and cleanup * Migrate interface firewall values to `firewall interfaces <name> <direction> name/ipv6-name <name>` * Remove `firewall-interface.py` conf script | |||
| 2022-09-12 | Revert "rfs: T4689: Support RFS(Receive Flow Steering)" | Christian Poessinger | |
| This reverts commit 53355271a2864d844daca89a064c21e514e10adb. | |||
| 2022-09-12 | rfs: T4689: Support RFS(Receive Flow Steering) | jack9603301 | |
| 2022-09-07 | T1024: Firewall and Policy route: add option to match dscp value, both on ↵ | Nicolas Fort | |
| firewall and in policy route | |||
| 2022-09-06 | T4670: policy route: extend matching criteria for policy route and route6. ↵ | Nicolas Fort | |
| Matching criteria added: ttl/hoplimit and packet-length | |||
| 2022-09-03 | firewall: T4651: re-implement packet-length CLI option to use <multi/> | Christian Poessinger | |
| 2022-09-03 | smoketest: firewall: add re-usable variables when running testcases | Christian Poessinger | |
| 2022-09-02 | Merge branch 'T4651' of https://github.com/nicolas-fort/vyos-1x into firewall | Christian Poessinger | |
| * 'T4651' of https://github.com/nicolas-fort/vyos-1x: Firewall: T4651: Change proposed cli from ip-length to packet-length Firewall: T4651: Add options to match packet size on firewall rules. | |||
| 2022-09-01 | Firewall: T4651: Change proposed cli from ip-length to packet-length | Nicolas Fort | |
| 2022-08-29 | smoketest: config: drop almost empty https service test | Christian Poessinger | |
| 2022-08-28 | smoketest: T4652: upgrade PowerDNS recursor to 4.7 series | Christian Poessinger | |
| 2022-08-28 | smoketest: T4643: bind sstp service to port 8443 | Christian Poessinger | |
| 2022-08-27 | Firewall: T4651: Add options to match packet size on firewall rules. | Nicolas Fort | |
| 2022-08-27 | smoketest: T4643: create individual configs fot https service and sstp vpn | Christian Poessinger | |
| 2022-08-27 | Revert "smoketest: T4643: Change openconnect default port" | Christian Poessinger | |
| This reverts commit fa91f567b7b5f009aaaed569b3f5e5db4b638d39. | |||
| 2022-08-27 | Revert "smoketest: T4643: Delete vpn sstp from config as we have HTTP" | Christian Poessinger | |
| This reverts commit c2fc87c02dd556dd1569ff2fd81c9e2485a80459. | |||
| 2022-08-26 | Merge pull request #1482 from sever-sever/T4631 | Christian Poessinger | |
| nat66: T4631: Add port and protocol to nat66 conf | |||
| 2022-08-26 | smoketest: T4631: Extend smoketes fot nat66 protocol | Viacheslav Hletenko | |
| 2022-08-26 | smoketest: T4643: Delete vpn sstp from config as we have HTTP | Viacheslav Hletenko | |
| HTTP and sstp cannot work together and in the test config 1.4-rolling-202106290839 we didnot have configurable port for such services So we shoud delete sstp from this smoketest config test In fact it is never working at all 'smoketest/configs/pki-misc' It commits without errors before but in the real life we get 3 services (https openconnect sstp) that bound the same port | |||
| 2022-08-25 | telegraf: T4617: add VRF support | Christian Poessinger | |
| 2022-08-25 | smoketest: T4643: Change openconnect default port | Viacheslav Hletenko | |
| Change openconnect port as both ocserv and sstp bind by default the same port 443 | |||
| 2022-08-25 | Merge pull request #1478 from sever-sever/T4622 | Christian Poessinger | |
| firewall: T4622: Add TCP MSS option | |||
| 2022-08-24 | smoketest: bgp: T4634: validate "disable-connected-check" option | Christian Poessinger | |
| 2022-08-22 | bridge: T4632: vlan aware bridge lacks CPU forwarding | Christian Poessinger | |
| The VLAN aware bridge was forwarding traffic between member ports, but traffic destined torwards the CPU was dropped. This resulted in a gateway not reachable or DHCP leases that could not be handed out. Tested via: VyOS set interfaces bridge br0 enable-vlan set interfaces bridge br0 member interface eth1 allowed-vlan '10' set interfaces bridge br0 member interface eth1 allowed-vlan '20' set interfaces bridge br0 member interface eth1 allowed-vlan '30' set interfaces bridge br0 member interface eth1 allowed-vlan '40' set interfaces bridge br0 member interface eth1 native-vlan '40' set interfaces bridge br0 member interface eth2 allowed-vlan '30' set interfaces bridge br0 member interface eth2 allowed-vlan '20' set interfaces bridge br0 member interface eth2 allowed-vlan '10' set interfaces bridge br0 member interface eth2 allowed-vlan '40' set interfaces bridge br0 vif 10 address '10.0.10.1/24' set interfaces bridge br0 vif 20 address '10.0.20.1/24' set interfaces bridge br0 vif 30 address '10.0.30.1/24' set interfaces bridge br0 vif 40 address '10.0.40.1/24' Arista vEOS vlan 10,20,30,40 interface Ethernet1 switchport trunk allowed vlan 10,20,30,40 interface Vlan10 ip address 10.0.10.2/24 interface Vlan20 ip address 10.0.20.2/24 interface Vlan30 ip address 10.0.30.2/24 interface Vlan40 ip address 10.0.40.2/24 interface Ethernet1 switchport trunk allowed vlan 10,20,30,40 switchport mode trunk spanning-tree portfast Cisco vIOS interface GigabitEthernet0/0 ip address 10.0.40.3 255.255.255.0 duplex auto speed auto media-type rj45 ! interface GigabitEthernet0/0.10 encapsulation dot1Q 10 ip address 10.0.10.3 255.255.255.0 ! interface GigabitEthernet0/0.20 encapsulation dot1Q 20 ip address 10.0.20.3 255.255.255.0 ! interface GigabitEthernet0/0.30 encapsulation dot1Q 30 ip address 10.0.30.3 255.255.255.0 ! | |||
| 2022-08-18 | firewall: T4622: Add TCP MSS option | Viacheslav Hletenko | |
| Ability to drop|accept packets based on TCP MSS size set firewall name <tag> rule <tag> tcp mss '501-1460' | |||
| 2022-08-15 | ocserv: openconnect: T4614: add support for split-dns | Christian Poessinger | |
| set vpn openconnect network-settings split-dns <domain> | |||
| 2022-08-15 | smoketest: ocserv: implement config file validation | Christian Poessinger | |
| 2022-08-05 | nat66: T4598: Add exclude options in nat66 | Nicolas Fort | |
| 2022-08-05 | bgp: T4257: bugfixes after renaming "local-as" to "system-as" | Christian Poessinger | |
| 2022-08-04 | Merge https://github.com/Cheeze-It/vyos-1x into current | Christian Poessinger | |
| * https://github.com/Cheeze-It/vyos-1x: bgp: T4257: Changing BGP "local-as" to "system-as" | |||
| 2022-08-04 | smoketest: macsec: T4537: validate macsec_csindex for both AES-GCM-128 and ↵ | Christian Poessinger | |
| AES-GCM-256 | |||
| 2022-08-04 | smoketest: macsec: T4537: verify macsec_csindex | Christian Poessinger | |
| 2022-08-03 | Merge pull request #1369 from nicolas-fort/T4480 | Daniil Baturin | |
| T4480: webproxy: Add safe-ports and ssl-safe-ports for acl squid config | |||
| 2022-07-31 | smoketest: bridge: T4565: changes to lower interfaces must not destroy VLAN ↵ | Christian Poessinger | |
| aware bridge | |||
| 2022-07-30 | bgp: T4257: Changing BGP "local-as" to "system-as" | Cheeze_It | |
| bgp: T4257: Changing BGP "local-as" to "system-as" This change is to change the global BGP name for the node "local-as" to "system-as" This is needed so that there's less ambiguity with the local-as feature per neighbor. bgp: T4257: Changing BGP "local-as" to "system-as" bgp: T4257: Changing BGP "local-as" to "system-as" This change is to change the global BGP name for the node "local-as" to "system-as" This is needed so that there's less ambiguity with the local-as feature per neighbor. | |||
| 2022-07-25 | bgp: T4560: neighbor/peer-group local-as option is only allowed for eBGP | Christian Poessinger | |
| 2022-07-25 | fastnetmon: T4556: Allow configure white_list_path and populate with ↵ | Adrian Almenar | |
| hosts/networks that should be ignored. | |||
| 2022-07-24 | graphql: T3993: add smoketest for GraphQL key authorization | John Estabrook | |
| 2022-07-22 | smoketest: router-advert: T4550: test deprecate-prefix & decrement-lifetime ↵ | Christian Poessinger | |
| CLI option | |||
| 2022-07-22 | smoketest: router-advert: use setUpClass() | Christian Poessinger | |
| 2022-07-21 | smoketest: fastnetmon: T4555: add IPv6 support | Christian Poessinger | |
| 2022-07-21 | fastnetmon: T2659: move configuration files to /run | Christian Poessinger | |
| 2022-07-21 | fastnetmon: T4555: add IPv6 support | Christian Poessinger | |
 |
index : vyos-1x.git | |
| VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) |
| summaryrefslogtreecommitdiff |