summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2024-09-19Merge pull request #4061 from c-po/syslog-T5367Daniil Baturin
syslog: T5367: add format option to include timezone in message
2024-09-17T6716: don't automatically set ethernet offloadDave Vogel
Remove the lines of code that checked if the kernel had offloading enabled and was then forcing the config to set it to "on." The behavior now mirrors the config and offloading will only be enabled if the config is explicitly set to enabled. Note: the code is still present to disable the offloading, in the config, if the kernel doesn't support it. Note(2): Allow the previous behavior where the offload settings get set, based on the Kernel, if the boot is a live boot.
2024-09-16Merge pull request #4020 from c-po/secure-bootChristian Breunig
T861: op-mode: initial parts for UEFI secure boot CLI
2024-09-16T861: op-mode: add "show secure-boot [keys]" CLI commandChristian Breunig
Support getting current system secure boot state. In addition add optional suppor tto list all enrolled MOK (Machine Owner Keys) in the UEFI variable store.
2024-09-16T861: op-mode: "show version" will display secure boot stateChristian Breunig
vyos@vyos:~$ show ver ... Architecture: x86_64 Boot via: installed image System type: KVM guest Secure Boot: enabled ...
2024-09-16Merge pull request #4069 from c-po/eapol-bondChristian Breunig
bond: T6709: add EAPoL support
2024-09-15Merge pull request #4057 from natali-rs1985/T6682-currentDaniil Baturin
op-mode: T6682: Fix for show vpn ike sa peer that always shows all SAs
2024-09-15bond: T6709: add EAPoL supportChristian Breunig
2024-09-14ethernet: T6709: move EAPoL support to common frameworkChristian Breunig
Instead of having EAPoL (Extensible Authentication Protocol over Local Area Network) support only available for ethernet interfaces, move this to common ground at vyos.ifconfig.interface making it available for all sorts of interfaces by simply including the XML portion #include <include/interface/eapol.xml.i>
2024-09-12syslog: T5367: add format option to include timezone in messageChristian Breunig
Add CLI option to include the systems timezone in the syslog message sent to a collector. This can be enabled using: set system syslog host <hostname> format include-timezone
2024-09-12Merge pull request #4047 from natali-rs1985/T6676-currentChristian Breunig
policy: T6676: Invalid route-map caused bgpd to crash
2024-09-12Merge pull request #4046 from nvollmar/T6703Christian Breunig
T6703: Adds option to configure AMD pstate driver
2024-09-12Merge pull request #4021 from natali-rs1985/T6652-currentDaniil Baturin
openfabric: T6652: Add support for OpenFabric protocol
2024-09-12op-mode: T6682: Fix for show vpn ike sa peer always shows all SAsNataliia Solomko
2024-09-12T6711: Fix restart vrrp missed comma between servicesViacheslav Hletenko
Missing comma in the list between services 'ssh', 'suricata' 'vrrp', 'webproxy' Fix it
2024-09-12Merge pull request #4042 from natali-rs1985/T6694-currentChristian Breunig
op-mode: T6694: Move some op-mode commands to the "execute" family
2024-09-12Merge pull request #4032 from dvlogic/Allow_Container_DNS_DisableChristian Breunig
T6701: Added ability to disable the container DNS plugin
2024-09-11policy: T6676: Invalid route-map caused bgpd to crashNataliia Solomko
2024-09-11T6703: fix unrelated lint issuesNicolas Vollmar
2024-09-11T6703: Adds option to configure AMD pstate driverNicolas Vollmar
2024-09-11T6294: Service dns forwarding add the ability to configure ZonetoCachekhramshinr
2024-09-11Merge pull request #4023 from nvollmar/T6679Christian Breunig
T6679: add group option for nat66
2024-09-11container: T6701: add support to disable container network DNS supportDave Vogel
Add ability to set the container network with a disable-dns setting to disable the DNS plugin that is on be default. set container network <network> no-name-server
2024-09-10Merge pull request #4038 from natali-rs1985/T6181-currentDaniil Baturin
op_mode: T6181: A feature for checking ports
2024-09-10op-mode: T6694: Move some op-mode commands in the "execute" familyNataliia Solomko
'force netns' — move to 'execute shell netns'. 'force vrf'— move to 'execute shell vrf'. 'force owping' — move to 'execute owping'. 'force twping' — move to 'execute twping'. 'monitor bandwidth-test' — move to 'execute bandwidth-test`. 'telnet' — move to 'execute telnet'
2024-09-10op_mode: T6181: A feature for checking portsNataliia Solomko
2024-09-06container: T6702: re-add missing UNIX API socketChristian Breunig
During podman upgrade and a build from the original source the UNIX socket definition for systemd got lost in translation. This commit re-adds the UNIX socket which is started on boot to interact with Podman. Example: curl --unix-socket /run/podman/podman.sock -H 'content-type: application/json' \ -sf http://localhost/containers/json
2024-09-04openfabric: T6652: Add support for OpenFabric protocolNataliia Solomko
OpenFabric is a routing protocol providing link-state routing with efficient flooding for topologies like spine-leaf networks. FRR implements OpenFabric in a daemon called fabricd
2024-09-02T6679: add destination groupsNicolas Vollmar
2024-08-25configd: T6671: track scripts proposed and scripts calledJohn Estabrook
2024-08-24dhclient: T6667: Added workaround for communication with FRRzsdc
To increase the chance for dhclient to configure routes in FRR, added a workaround. Now 10 attempts are performed with 1 second delay and only after this dhclient gives up.
2024-08-22T6561: Add vrf aware for show ntpViacheslav Hletenko
2024-08-21T6672: Fix system option ssh-client source-interfaceViacheslav Hletenko
Fix for system option ssh-client source-interface For the `verify_source_interface` the key `ifname` if required
2024-08-20Merge pull request #3975 from lucasec/t6183Christian Breunig
T6183: interfaces openvpn: suppport specifying IP protocol version
2024-08-20Merge pull request #3977 from natali-rs1985/T5743-currentChristian Breunig
T5743: HTTPS API ability to import PKI certificates
2024-08-18op_mode: T3961: Generate PKI expect 2 character country codeNataliia Solomko
2024-08-16Merge pull request #3987 from natali-rs1985/T6649-currentDaniil Baturin
ipoe_server: T6649: Accel-ppp separate vlan-mon from listen interfaces
2024-08-15T6649: Accel-ppp separate vlan-mon from listen interfacesNataliia Solomko
2024-08-14op_mode: T6651: Add a top level op mode word "execute"Nataliia Solomko
2024-08-13T6183: interfaces openvpn: suppport specifying IP protocol versionLucas Christian
2024-08-13T5743: HTTPS API ability to import PKI certificatesNataliia Solomko
2024-08-12suricata: T6624: Fix for service suricata address-groups cannot be used in ↵Nataliia Solomko
each other
2024-08-12T6648: dhcpv6-server: align stateless DHCPv6 options with statefulLucas Christian
2024-08-12configd: T6633: inject missing env vars for configfs utilityJohn Estabrook
2024-08-12configverify: T6642: verify_interface_exists requires config_dict argJohn Estabrook
The function verify_interface_exists requires a reference to the ambient config_dict rather than creating an instance. As access is required to the 'interfaces' path, provide as attribute of class ConfigDict, so as not to confuse path searches of script-specific config_dict instances.
2024-08-08qos: T6638: require interface state existence in verify conditionalJohn Estabrook
2024-08-07configd: T6640: enforce in_session returns False under configdJohn Estabrook
The CStore in_session check is a false positive outside of a config session if a specific environment variable is set with an existing referent in unionfs. To allow extensions when running under configd and avoid confusion, enforce in_session returns False.
2024-08-05sysctl: T3204: restore sysctl setttings overwritten by tunedChristian Breunig
2024-08-05Merge branch 'current' into feature/T4694/gre-match-fieldsChristian Breunig
2024-08-05Merge pull request #3920 from fett0/T6555Christian Breunig
OPENVPN: T6555: add server-bridge options in mode server
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-05 14:39:00 +0000