Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-01-21 | bgp: T1875: validate() that peer-group specified via listen range exists | Christian Poessinger | |
2021-01-21 | Merge pull request #690 from Cheeze-It/current | Christian Poessinger | |
bgp: T1875: Adding BGP listen range FRR feature | |||
2021-01-20 | bgp: T1875: Adding BGP listen range FRR feature | Cheeze_It | |
In this commit we are adding the FRR BGP listen range feature. Specifically it is useful for being able to specify a range in which BGP peers can connect to the local router. | |||
2021-01-20 | ospf: add skeleton for new XML/Python based implementation | Christian Poessinger | |
2021-01-19 | nat: T2947: add many-many translation | Christian Poessinger | |
Support a 1:1 or 1:n prefix translation. The following configuration will NAT source addresses from the 10.2.0.0/16 range to an address from 192.0.2.0/29. For this feature to work a Linux Kernel 5.8 or higher is required! vyos@vyos# show nat source { rule 100 { outbound-interface eth1 source { address 10.2.0.0/16 } translation { address 192.0.2.0/29 } } } This results in the nftables configuration: chain POSTROUTING { type nat hook postrouting priority srcnat; policy accept; oifname "eth1" counter packets 0 bytes 0 snat ip prefix to ip saddr map { 10.2.0.0/16 : 192.0.2.0/29 } comment "SRC-NAT-100" } | |||
2021-01-18 | bgp: T2174: fix validator for neighbor interface config | Christian Poessinger | |
2021-01-18 | options: T3231: bugfix ctrl-alt-delete option was not working | Christian Poessinger | |
Bug introduced in commit 193323ba5d (system: T3078: rename "system options" -> "system option") as the new key used in the dict was not migrated. | |||
2021-01-18 | options: T1919: beautify with open() for reboot on panic | Christian Poessinger | |
2021-01-18 | bgp: T2174: print debug output before passing config down to FRR | Christian Poessinger | |
2021-01-17 | bgp: T2174: add debug option | Christian Poessinger | |
2021-01-17 | openvpn: T2994: proper cleanup all files on interface deletion | Christian Poessinger | |
2021-01-17 | ssh: T671: generate rsa, dsa and ed25519 keys on demand | Christian Poessinger | |
2021-01-17 | ntp: T2185: store configuration in volatile /run area | Christian Poessinger | |
2021-01-16 | vrf: T31: add support for - and _ in VRF names | Christian Poessinger | |
2021-01-16 | vyos.configdict: node_changed() now accepts key mangling parameter | Christian Poessinger | |
2021-01-16 | vrf: T31: migrate to get_config_dict() | Christian Poessinger | |
2021-01-16 | Merge pull request #677 from jack9603301/T3137 | Christian Poessinger | |
bridge: T3137: Let VLAN aware bridge approach the behavior of professional equipment | |||
2021-01-16 | bridge: T3137: Improved verification logic | jack9603301 | |
2021-01-15 | tunnel: T3173: path MTU discovery option should be valueless | Christian Poessinger | |
2021-01-15 | Merge branch 'T3173' of https://github.com/sever-sever/vyos-1x into pmtu | Christian Poessinger | |
* 'T3173' of https://github.com/sever-sever/vyos-1x: tunnel: T3173: Add nopmtudisc parameter for tunnels conf-mode | |||
2021-01-15 | bridge: T3137: Better implementation of VLAN aware Bridge | jack9603301 | |
2021-01-15 | bridge: T3137: Let VLAN aware bridge approach the behavior of professional ↵ | jack9603301 | |
equipment According to the consensus, the specific behavior of a VLAN aware bridge should conform to the behavior of professional equipment. This commit makes a significant change to the behavior of VLAN aware bridge, and has the following behaviors: 1. Disable `vif 1` configuration 2. When the VLAN aware bridge is enabled, the parent interface is always VLAN 1 3. When `native-vlan` is not configured, the default behavior of the device is `native-vlan 1` 4. The VLAN ids forwarded by the bridge are determined by `vif` 5. It has an `enable-vlan` node to enable VLAN awareness 6. VLAN configuration is allowed only when VLAN aware bridge is activated | |||
2021-01-14 | bgp: T2174: remove invalid "no bgp default ipv4-unicast" from default config | Christian Poessinger | |
2021-01-14 | bgp: T2174: enable new implementation | Christian Poessinger | |
2021-01-13 | ssh: T3212: do not make /run/sshd directory disappear on failure | Christian Poessinger | |
2021-01-13 | bgp: T2174: bugfix FRR template generation | Christian Poessinger | |
2021-01-12 | bgp: T2174: bail out early if config node does not exist | Christian Poessinger | |
2021-01-11 | nat: T3206: unable to delete only rules but keep destination node | Christian Poessinger | |
2021-01-11 | login: T3208: fix wrong string formatting on my_setvyos/1.4dev0 | Christian Poessinger | |
Commit e8a1c291 ("login: radius: T3192: migrate to get_config_dict()") did an invalid forward of the newly encrypted passwort to my_set to store it inside the config. | |||
2021-01-10 | tunnel: T3173: Add nopmtudisc parameter for tunnels conf-mode | sever-sever | |
2021-01-09 | login: radius: T3192: remove debug print() | Christian Poessinger | |
2021-01-07 | smoketest: ethernet: verify() speed/duplex must both be auto or discrete | Christian Poessinger | |
2021-01-07 | vyos.configverify: provide generic helper to check for interface existence | Christian Poessinger | |
2021-01-07 | login: radius: T3192: migrate to get_config_dict() | Christian Poessinger | |
2021-01-07 | ssh: T2635: harden Jinja2 template and daemon startup | Christian Poessinger | |
2021-01-07 | ssh: T2635: change sshd_config path to /run/sshd | Christian Poessinger | |
2021-01-07 | login: radius: T3192: support IPv6 server(s) and source-address | Christian Poessinger | |
2021-01-07 | bgp: T2174: verify() existence of route-map and prefix-list | Christian Poessinger | |
2021-01-06 | bgp: T2174: verify() proper existance of remote-as | Christian Poessinger | |
2021-01-05 | Merge pull request #667 from Cheeze-It/current | Christian Poessinger | |
ISIS: T3156: Adding segment routing for ISIS | |||
2021-01-05 | ISIS: T3156: Adding segment routing for ISIS | Cheeze_It | |
In this commit we add the segment routing portion for ISIS. There's also an additional check that is added so that the global block label ranges are properly configured. Also added traffic engineering configurations as well. | |||
2021-01-03 | mirror: add verify() check so we can not mirror back to our self | Christian Poessinger | |
2021-01-03 | dhcp: T2562: harden implementation for non existing shared-subnets | Christian Poessinger | |
2021-01-03 | dhcp: T3180: bugfix assignment of sliced ranges to config dict | Christian Poessinger | |
A reference to a dictionary key obtained by a for loop can not be used to update values inside that dictionaries key. You must use the original path to the nested dictionaries key. | |||
2021-01-03 | dhcp: T3180: bugfix NameError when slicing server ranges | Christian Poessinger | |
Introduced in commit e46def834483e ("dhcp: T3100: re-add range slicing support when exclude addresses are used") by not obeying the move from list to dict and still relying on the old list names variables. | |||
2021-01-02 | vrf: T2321: assign loopback IP addresses to individual VRF interfaces | Christian Poessinger | |
47: bar: <NOARP,MASTER,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP group default qlen 1000 link/ether 76:7d:c0:53:6d:89 brd ff:ff:ff:ff:ff:ff inet 127.0.0.1/8 scope host bar valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever | |||
2021-01-01 | ethernet: T3171: add CLI option to enable RPS (Receive Packet Steering) | Christian Poessinger | |
set interfaces ethernet <interface> offload rps | |||
2020-12-31 | openvpn: T2994: fix ipv6 server mode | Christian Poessinger | |
2020-12-29 | ethernet: T1466: add EAPoL support | Christian Poessinger | |
2020-12-28 | webproxy: T563: squidguard: support default ruleset | Christian Poessinger | |