vyos-1x.git - VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git)

Age	Commit message (Collapse)	Author
2021-07-17	VRF: T3655: proper connection tracking for VRFs	zsdc
	Currently, all VRFs share the same connection tracking table, which can lead to problems: - traffic leaks to a wrong VRF - improper NAT rules handling when multiple VRFs contain the same IP networks - stateful firewall rules issues The commit implements connection tracking zones support. Each VRF utilizes its own zone, so connections will never mix up. It also adds some restrictions to VRF names and assigned table numbers, because of nftables and conntrack requirements: - VRF name should always start from a letter (interfaces that start from numbers are not supported in nftables rules) - table number must be in the 100-65535 range because conntrack supports only 65535 zones
2021-06-13	wwan: T3620: rename "wirelessmodem wlm" interfaces to new wwan interface tree	Christian Poessinger

2020-05-30	vrf: T2530: instance name must be 15 characters or less	Christian Poessinger

2020-05-06	validator: T2417: try to make the code clearer	Thomas Mangin

2020-04-03	vrf: T31: Allow vrf name to look more like interface name	Runar Borge
	Fix the regex to allow vrf instances like "eth0vrf" but not to allow "eth0"
2020-04-03	vrf: T31: name of isntance is not allowed to mimic an interface name	Christian Poessinger
	Every VRF that's created is not allowed to be named like any interface that can be active on the system. This includes eth, lan, br, dum, lo .... In theoriy this would work but as soon as such a regular interface is created things will go sideways rather quick thus we limit the namespace which can be used to create a VRF. Appending an interface name is still possible like coolvrf-eth0.