Age | Commit message (Collapse) | Author |
|
|
|
It allows IP protocol numbers 0-255, protocol names e.g. tcp, ip, ipv6 and the
negated form with a leading "!".
|
|
Exclude validators are required to support the ! (not) operator on the CLI to
exclude addresses from NAT.
|
|
|
|
|
|
|
|
|
|
$ time for i in {1..1000}; do /usr/libexec/vyos/validators/numeric --range 1-9999 666; done
real 0m56.933s
user 0m48.045s
sys 0m9.064s
$ time for i in {1..1000}; do /usr/libexec/vyos/validators/numeric--range 1-9999 666; done
real 0m44.552s
user 0m37.760s
sys 0m6.989s
This is a performance improvement of 21%, running in an ESXi VM with Quad
Intel(R) Xeon(R) CPU E5-2630L v3 @ 1.80GHz.
|
|
- allow configuring IPv6 server addresses and push options
- add IPv6 server client IP pool
- add IPv6 push dhcp-option DNS6
- allow configuring IPv6 server client addresses
- allow configuring IPv6 site-to-site addresses
- validate all IPv6 options and addresses
- use protos that explicitely open an IPv6 listening socket
(tcp6-server, tcp6-client, udp6) as the default on Linux listens on
IPv4 only (https://community.openvpn.net/openvpn/ticket/360)
- add validator for any IPv6 address, host or network (used by pool)
|
|
|
|
Fix the regex to allow vrf instances like "eth0vrf" but not to allow
"eth0"
|
|
|
|
Every VRF that's created is not allowed to be named like any interface that
can be active on the system. This includes eth, lan, br, dum, lo ....
In theoriy this would work but as soon as such a regular interface is created
things will go sideways rather quick thus we limit the namespace which can
be used to create a VRF.
Appending an interface name is still possible like coolvrf-eth0.
|
|
|
|
The current node.def based implementtion should be migrated from
vyatta-cfg-system to vyos-1x. During the migration also provide a migration
script which transforms some ole timezones like "Los_Angeles" into a proper
IANA assigned timezone which should be "America/Los_Angeles".
|
|
|
|
Verify if a file exists or not on the system. Can be called by:
<constraint>
<validator name="file-exists" argument="--directory /config/auth"/>
</constraint>
The --directory option is used to ensure a given file path lies under this
(mandatory) directory. A directory can be mandatory when the optional argument
-e, --error is used. This will return '1' instead of '0'.
|
|
|
|
- added a validator for checking if the address is any cidr noted address
|
|
|
|
https://phabricator.vyos.net/T772
|
|
|
|
|
|
|
|
|
|
|