Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-04-18 | ipsec: T2317: Fix adding params to ipsec configuration files | DmitriyEshenko | |
2020-04-17 | wireless: T2306: Add new cipher suites to the WiFi configuration | Alain Lamar | |
Yet, VyOS knows these two encryption schemes for WiFi: 1. CCMP = AES in Counter mode with CBC-MAC (CCMP-128) 2. TKIP = Temporal Key Integrity Protocol These encryption schemes are new and especially the Galois counter mode cipher suites are very desirable! 1. CCMP-256 = AES in Counter mode with CBC-MAC with 256-bit key 2. GCMP = Galois/counter mode protocol (GCMP-128) 3. GCMP-256 = Galois/counter mode protocol with 256-bit key CCMP is supported by all WPA2 compatible NICs, so this remains the default cipher for bidirectional and group packets while using WPA2. Use 'iw list' to figure out which cipher suites your cards support prior to configuring other cipher suites than CCMP. AP NICs and STA NICs must both support at least one common cipher in a given list in order to associate successfully. | |||
2020-04-17 | flow-accounting: T2275: fix NameError: name 'stdout' is not defined | Christian Poessinger | |
2020-04-17 | flow-accounting: T2275: import render template from correct library | Christian Poessinger | |
2020-04-17 | Merge pull request #341 from thomas-mangin/T2223 | Christian Poessinger | |
op_mode: T2223: convert vyatta-show-interfaces.pl to show_interfaces.py | |||
2020-04-16 | Merge pull request #342 from jjakob/openvpn-ipv6 | Christian Poessinger | |
openvpn: T149: IPv6 support | |||
2020-04-16 | Merge pull request #347 from DmitriyEshenko/fix-ipoe | Christian Poessinger | |
ipoe: T2294: Fix templates and migrate to systemd | |||
2020-04-16 | ipoe: T2294: Migrate to systemd | DmitriyEshenko | |
2020-04-16 | openvpn: T149: IPv6 support | Jernej Jakob | |
- allow configuring IPv6 server addresses and push options - add IPv6 server client IP pool - add IPv6 push dhcp-option DNS6 - allow configuring IPv6 server client addresses - allow configuring IPv6 site-to-site addresses - validate all IPv6 options and addresses - use protos that explicitely open an IPv6 listening socket (tcp6-server, tcp6-client, udp6) as the default on Linux listens on IPv4 only (https://community.openvpn.net/openvpn/ticket/360) - add validator for any IPv6 address, host or network (used by pool) | |||
2020-04-15 | Merge pull request #349 from jjakob/openvpn-pool | Christian Poessinger | |
openvpn: T2335: allow disabling client-ip-pool | |||
2020-04-15 | login: T2295: move from calling an os binary to Python crypt() function | Christian Poessinger | |
2020-04-15 | dns-forwarding: T2298: remove wrongly added number | Christian Poessinger | |
Commit 16b2fc8 ("dns-forwarding: T2298: fix path to control file") added a wrong prefix to the line before executing 'systemctl restart snmpd.service'. | |||
2020-04-15 | dns-forwarding: T2298: fix path to control file | Christian Poessinger | |
After migrating PowerDNS to systemd and also its configuration files to a volatile directory in commit 77d725f ("dns-forwarding: T2185: move configuration files to volatile /run directory") the path for the control file has not been altered and pushed to the client rec_control binary" | |||
2020-04-15 | openvpn: T2335: allow disabling client-ip-pool | Jernej Jakob | |
2020-04-15 | Merge pull request #346 from thomas-mangin/T31-vrf-exists | Christian Poessinger | |
tunnel: T31: check that the assigned VRF exists | |||
2020-04-15 | openvpn: T2293: fix UnboundLocalError if server subnet is unset | Jernej Jakob | |
2nd part of this fix, first commit 9b6a369 didn't fix it. | |||
2020-04-15 | tunnel: T31: check that the assigned VRF exists | Thomas Mangin | |
2020-04-14 | openvpn: T2293: fix UnboundLocalError if server subnet is unset | Jernej Jakob | |
Commit bb36bde introduced a bug when server subnet is unset, this fixes it. | |||
2020-04-14 | vrrp: T2223: move VRRP within ifconfig | Thomas Mangin | |
Tidied up the code and moved it under VRRP in view to use with show-interface (which has VRRP filtering) No change in functionality | |||
2020-04-13 | service https: T1585: call to sudo can be omitted | Christian Poessinger | |
2020-04-13 | service https: T1585: bugfix typo in systemd name | Christian Poessinger | |
2020-04-13 | syslog: T2185: explicitly specify systemd service | Christian Poessinger | |
2020-04-13 | tftp-server: T2185: explicitly specify systemd service | Christian Poessinger | |
2020-04-13 | broadcast-relay: T2185: explicitly specify systemd service | Christian Poessinger | |
2020-04-13 | mdns-repeater: T2185: explicitly specify systemd service | Christian Poessinger | |
2020-04-13 | flow-accounting: T2185: explicitly specify systemd service | Christian Poessinger | |
2020-04-13 | dns-forwarding: T2185: move configuration files to volatile /run directory | Christian Poessinger | |
2020-04-13 | dns-forwarding: T2185: migrate from SysVinit to systemd | Christian Poessinger | |
2020-04-13 | ddclient: T2185: migrate from SysVinit to systemd | Christian Poessinger | |
2020-04-13 | Merge pull request #325 from jjakob/openvpn-pool | Christian Poessinger | |
openvpn: T2235: add custom server pool handling | |||
2020-04-13 | openvpn: T2235: add custom server pool handling | jjakob | |
- add config options and logic for server client-ip-pool - add function for determining default IPs for the server in different configurations - verify for pool IPs and maximum subnet prefix length - move remote netmask logic for client ifconfig-push to use new function - add topology 'net30' , set it as default (as it already was) - replace generic ip_* with IPv4* where necessary - print warning to console when server client IP is in server pool - fix server subnet help field | |||
2020-04-13 | openvpn: T2235: use IPv4Network where input is already validated | jjakob | |
2020-04-13 | Merge pull request #339 from jjakob/openvpn-dir-fix | Christian Poessinger | |
openvpn: T2283: move ccd to /run/openvpn | |||
2020-04-13 | dhcp-relay: T2185: migrate from SysVinit to systemd | Christian Poessinger | |
2020-04-13 | openvpn: T2283: move ccd to /run/openvpn | jjakob | |
Commit a457c9d2 moved the config directory to /run/openvpn but didn't move the client-config-dir in the template. | |||
2020-04-13 | dhcpv6-relay: T2185: fix wrong call to os library | Christian Poessinger | |
Commit 5892d51 ("dhcpv6-relay: T2185: migrate from SysVinit to systemd") accidently called the non existent function os.file.exists instead of os.path.exists. | |||
2020-04-13 | dhcpv6-relay: T2185: migrate from SysVinit to systemd | Christian Poessinger | |
2020-04-13 | wireless: T2185: add wrongly removed argument to get_conf_file() | Christian Poessinger | |
Commit c0629296bb ("wireless: T2185: migrate from SysVinit to systemd") remove a required argument to get_conf_file() | |||
2020-04-13 | Merge pull request #338 from thomas-mangin/T2028-boot | Christian Poessinger | |
tunnel: T2028: fix issue when booting without gre remote | |||
2020-04-12 | tunnel: T2028: fix issue when booting without gre remote | Thomas Mangin | |
2020-04-12 | dhcp-server: T2185: add comment on config dir generation | Christian Poessinger | |
2020-04-12 | dhcpv6-server: T2185: migrate from SysVinit to systemd | Christian Poessinger | |
2020-04-12 | dhcp-server: T2185: create directories in /run on-demand | Christian Poessinger | |
Commit bc68244 ("dhcp-server: T2185: migrate from SysVinit to systemd") migrated the DHCP subsystem to systemd, necessary directories in the volatile /run directory have not been created. | |||
2020-04-12 | dhcp-server: T2185: fixup ConditionPathExists variable | Christian Poessinger | |
Commit bc68244 ("dhcp-server: T2185: migrate from SysVinit to systemd") migrated the DHCP subsystem to systemd, but on the test-system there was still the old configuration file present not triggering this condition. | |||
2020-04-12 | dhcp-server: T2185: migrate from SysVinit to systemd | Christian Poessinger | |
2020-04-12 | ntp: T2230: fix wrong import after template migration | Christian Poessinger | |
Commit 1fbaa2c ("template: T2230: use render to generate templates") did try to import render from the wrong module. | |||
2020-04-12 | template: T2230: use render to generate templates | Thomas Mangin | |
convert all call to jinja to use template.render | |||
2020-04-12 | vpn: l2tp: T2185: move generated files to volatile /run/accel-ppp directory | Christian Poessinger | |
2020-04-12 | vpn: sstp: T2185: move generated files to volatile /run/accel-ppp directory | Christian Poessinger | |
2020-04-12 | vpn: sstp: T2008: bugfix chap-secrets generation | Christian Poessinger | |
Commit 13510cac5a4a ("vpn: sstp: T2008: migrate from SysVinit -> systemd") unfortunately wrote the filename into the chap-secrets file instead of the rendered secrets. |