summaryrefslogtreecommitdiff
path: root/src/conf_mode
AgeCommit message (Collapse)Author
2021-01-21bgp: T1875: validate() that peer-group specified via listen range existsChristian Poessinger
2021-01-21Merge pull request #690 from Cheeze-It/currentChristian Poessinger
bgp: T1875: Adding BGP listen range FRR feature
2021-01-20bgp: T1875: Adding BGP listen range FRR featureCheeze_It
In this commit we are adding the FRR BGP listen range feature. Specifically it is useful for being able to specify a range in which BGP peers can connect to the local router.
2021-01-20ospf: add skeleton for new XML/Python based implementationChristian Poessinger
2021-01-19nat: T2947: add many-many translationChristian Poessinger
Support a 1:1 or 1:n prefix translation. The following configuration will NAT source addresses from the 10.2.0.0/16 range to an address from 192.0.2.0/29. For this feature to work a Linux Kernel 5.8 or higher is required! vyos@vyos# show nat source { rule 100 { outbound-interface eth1 source { address 10.2.0.0/16 } translation { address 192.0.2.0/29 } } } This results in the nftables configuration: chain POSTROUTING { type nat hook postrouting priority srcnat; policy accept; oifname "eth1" counter packets 0 bytes 0 snat ip prefix to ip saddr map { 10.2.0.0/16 : 192.0.2.0/29 } comment "SRC-NAT-100" }
2021-01-18bgp: T2174: fix validator for neighbor interface configChristian Poessinger
2021-01-18options: T3231: bugfix ctrl-alt-delete option was not workingChristian Poessinger
Bug introduced in commit 193323ba5d (system: T3078: rename "system options" -> "system option") as the new key used in the dict was not migrated.
2021-01-18options: T1919: beautify with open() for reboot on panicChristian Poessinger
2021-01-18bgp: T2174: print debug output before passing config down to FRRChristian Poessinger
2021-01-17bgp: T2174: add debug optionChristian Poessinger
2021-01-17openvpn: T2994: proper cleanup all files on interface deletionChristian Poessinger
2021-01-17ssh: T671: generate rsa, dsa and ed25519 keys on demandChristian Poessinger
2021-01-17ntp: T2185: store configuration in volatile /run areaChristian Poessinger
2021-01-16vrf: T31: add support for - and _ in VRF namesChristian Poessinger
2021-01-16vyos.configdict: node_changed() now accepts key mangling parameterChristian Poessinger
2021-01-16vrf: T31: migrate to get_config_dict()Christian Poessinger
2021-01-16Merge pull request #677 from jack9603301/T3137Christian Poessinger
bridge: T3137: Let VLAN aware bridge approach the behavior of professional equipment
2021-01-16bridge: T3137: Improved verification logicjack9603301
2021-01-15tunnel: T3173: path MTU discovery option should be valuelessChristian Poessinger
2021-01-15Merge branch 'T3173' of https://github.com/sever-sever/vyos-1x into pmtuChristian Poessinger
* 'T3173' of https://github.com/sever-sever/vyos-1x: tunnel: T3173: Add nopmtudisc parameter for tunnels conf-mode
2021-01-15bridge: T3137: Better implementation of VLAN aware Bridgejack9603301
2021-01-15bridge: T3137: Let VLAN aware bridge approach the behavior of professional ↵jack9603301
equipment According to the consensus, the specific behavior of a VLAN aware bridge should conform to the behavior of professional equipment. This commit makes a significant change to the behavior of VLAN aware bridge, and has the following behaviors: 1. Disable `vif 1` configuration 2. When the VLAN aware bridge is enabled, the parent interface is always VLAN 1 3. When `native-vlan` is not configured, the default behavior of the device is `native-vlan 1` 4. The VLAN ids forwarded by the bridge are determined by `vif` 5. It has an `enable-vlan` node to enable VLAN awareness 6. VLAN configuration is allowed only when VLAN aware bridge is activated
2021-01-14bgp: T2174: remove invalid "no bgp default ipv4-unicast" from default configChristian Poessinger
2021-01-14bgp: T2174: enable new implementationChristian Poessinger
2021-01-13ssh: T3212: do not make /run/sshd directory disappear on failureChristian Poessinger
2021-01-13bgp: T2174: bugfix FRR template generationChristian Poessinger
2021-01-12bgp: T2174: bail out early if config node does not existChristian Poessinger
2021-01-11nat: T3206: unable to delete only rules but keep destination nodeChristian Poessinger
2021-01-11login: T3208: fix wrong string formatting on my_setvyos/1.4dev0Christian Poessinger
Commit e8a1c291 ("login: radius: T3192: migrate to get_config_dict()") did an invalid forward of the newly encrypted passwort to my_set to store it inside the config.
2021-01-10tunnel: T3173: Add nopmtudisc parameter for tunnels conf-modesever-sever
2021-01-09login: radius: T3192: remove debug print()Christian Poessinger
2021-01-07smoketest: ethernet: verify() speed/duplex must both be auto or discreteChristian Poessinger
2021-01-07vyos.configverify: provide generic helper to check for interface existenceChristian Poessinger
2021-01-07login: radius: T3192: migrate to get_config_dict()Christian Poessinger
2021-01-07ssh: T2635: harden Jinja2 template and daemon startupChristian Poessinger
2021-01-07ssh: T2635: change sshd_config path to /run/sshdChristian Poessinger
2021-01-07login: radius: T3192: support IPv6 server(s) and source-addressChristian Poessinger
2021-01-07bgp: T2174: verify() existence of route-map and prefix-listChristian Poessinger
2021-01-06bgp: T2174: verify() proper existance of remote-asChristian Poessinger
2021-01-05Merge pull request #667 from Cheeze-It/currentChristian Poessinger
ISIS: T3156: Adding segment routing for ISIS
2021-01-05ISIS: T3156: Adding segment routing for ISISCheeze_It
In this commit we add the segment routing portion for ISIS. There's also an additional check that is added so that the global block label ranges are properly configured. Also added traffic engineering configurations as well.
2021-01-03mirror: add verify() check so we can not mirror back to our selfChristian Poessinger
2021-01-03dhcp: T2562: harden implementation for non existing shared-subnetsChristian Poessinger
2021-01-03dhcp: T3180: bugfix assignment of sliced ranges to config dictChristian Poessinger
A reference to a dictionary key obtained by a for loop can not be used to update values inside that dictionaries key. You must use the original path to the nested dictionaries key.
2021-01-03dhcp: T3180: bugfix NameError when slicing server rangesChristian Poessinger
Introduced in commit e46def834483e ("dhcp: T3100: re-add range slicing support when exclude addresses are used") by not obeying the move from list to dict and still relying on the old list names variables.
2021-01-02vrf: T2321: assign loopback IP addresses to individual VRF interfacesChristian Poessinger
47: bar: <NOARP,MASTER,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP group default qlen 1000 link/ether 76:7d:c0:53:6d:89 brd ff:ff:ff:ff:ff:ff inet 127.0.0.1/8 scope host bar valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever
2021-01-01ethernet: T3171: add CLI option to enable RPS (Receive Packet Steering)Christian Poessinger
set interfaces ethernet <interface> offload rps
2020-12-31openvpn: T2994: fix ipv6 server modeChristian Poessinger
2020-12-29ethernet: T1466: add EAPoL supportChristian Poessinger
2020-12-28webproxy: T563: squidguard: support default rulesetChristian Poessinger