summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-10-21Merge pull request #147 from jdmac87/currentChristian Poessinger
T1755: Python KeyError exceptions raised with 'show vpn ipsec sa' command under use of certain IPSEC cipher suites.
2019-10-21T1755: fixes issue with 'show vpn ipsec sa' command where lack of keysize ↵Jason McAllister
(encr-keysize) will result in KeyError - such as for CHACHA20_POLY1305
2019-10-21T1755: fixes issue with 'show vpn ipsec sa' command where lack of hash ↵Jason McAllister
(integ-alg) will result in KeyError - such as with GCM based options
2019-10-21Merge pull request #149 from kroy-the-rabbit/wgshow-imphagbard-01
wireguard: T1756 - additional output for WG connection states
2019-10-21T1756 More output for WGkroy
2019-10-19T1749: support multiple ranges in the numeric validator.Daniil Baturin
2019-10-19dhcp-server: T1745: bugfix corner case on static-assignmentsChristian Poessinger
There was a bug when refactoring this with commits 5848a4d ("dhcp-server: T1707: remove DHCP static-mappings from address pool") and 1182b44 ("dhcp-server: T1707: bugfix on subsequent DHCP exclude addresses") that when a static address assignemnt was using the last IP address from the specified range. This triggered the following error: "DHCP range stop address x must be greater or equal to the range start address y!"
2019-10-18system-proxy: T1741 - Add system wide proxy settinghagbard
* removed subprocess as it is not required, script is executed via sudo * pep8 formatted
2019-10-18wireguard - remove endpoint check to enable roaming connectionshagbard
2019-10-18system-proxy: T1741 - Add system wide proxy setting CLI implementationhagbard
2019-10-18Python/ifconfig: T1712: always start DHCP when configuredChristian Poessinger
DHCP was only started when the interface operstate was set to up but this is wrong. An interface can be configured as DHCP interface and DHCP client must be launched even when the physical interface becomes available n-minutes later. DHCP client then can ask for an IP assignemnt by DHCP. Tested by starting DHCP client on a not connected ethernet interface. Address was assigned later on after link became ready.
2019-10-18Python/ifconfig: T1557: get_status() must use admin state not operstateChristian Poessinger
2019-10-17bgp: T1490: fix migrator file permissionsChristian Poessinger
2019-10-17snmp: T1737: add missing completion helpersChristian Poessinger
2019-10-17Merge pull request #145 from zdc/T1490Christian Poessinger
[BGP] T1490: Added migration for obsoleted 'bgp scan-time' parameter
2019-10-16Revert "Python/ifconfig: T1712: wait when changing interface state"Christian Poessinger
This reverts commit 1257d7851866d42287018b38dd871f279b87286a. It will delay network interface configuration everywhere when e.g. no network cable is plugged in. We should find the root cause why DHCPd sometimes did not start.
2019-10-15snmpd: T1705 - High CPU usage by bgpd when snmp is activehagbard
* typo fixed
2019-10-13Revert "snmpd: T1705 - High CPU usage by bgpd when snmp is active"Christian Poessinger
Systems not runing BGP won't boot anymore. Syslog shows: snmpd[5404]: getaddrinfo: inetCidrRouteTable Name or service not known snmpd[5404]: getaddrinfo("inetCidrRouteTable", NULL, ...): Name or service not known snmpd[5404]: Error opening specified endpoint "inetCidrRouteTable" snmpd[5404]: Server Exiting with code 1 snmpd[5401]: Starting SNMP services:: systemd[1]: snmpd.service: control process exited, code=exited status=1 systemd[1]: Failed to start LSB: SNMP agents. systemd[1]: Unit snmpd.service entered failed state. This reverts commit e45648cdd5a52569be7f3ac30473b0c7474a7894.
2019-10-13openvpn: T1548: clean out import statementsChristian Poessinger
2019-10-13ssh.py: check if file exists before deleting itChristian Poessinger
2019-10-13Sync XML interface description source file pattern and conf script nameChristian Poessinger
renamed: interface-bonding.py -> interfaces-bonding.py renamed: interface-bridge.py -> interfaces-bridge.py renamed: interface-dummy.py -> interfaces-dummy.py renamed: interface-ethernet.py -> interfaces-ethernet.py renamed: interface-loopback.py -> interfaces-loopback.py renamed: interface-openvpn.py -> interfaces-openvpn.py renamed: interface-vxlan.py -> interfaces-vxlan.py renamed: interface-wireguard.py -> interfaces-wireguard.py
2019-10-13Python/ifconfig: T1557: add support for DHCPv6 client optionsChristian Poessinger
2019-10-13bonding: T1614: support DHCP options on VLAN interfacesChristian Poessinger
2019-10-13Python/ifconfig: T1557: bugfix when configuring accept_ra on VLAN interfacesChristian Poessinger
2019-10-12conf_mode: bonding/ethernet fix commentsChristian Poessinger
2019-10-11Jenkins: Docker: always pull container from DockerhubChristian Poessinger
2019-10-11wireguard: T1724 - add check for option endpointhagbard
2019-10-11Python/ifconfig: T1723: add flag to specify if we should wait for interface upChristian Poessinger
2019-10-10snmpd: T1705 - High CPU usage by bgpd when snmp is activehagbard
2019-10-09T1430: add dhcp vendor-class-id client optionChristian Poessinger
2019-10-09Python/ifconfig: T1557: add generic support for DHCP client optionsChristian Poessinger
2019-10-08[BGP] T1490: Added migration for obsoleted 'bgp scan-time' parameterzsdc
2019-10-06ipoe-server: XML: run through XMLlintChristian Poessinger
2019-10-06ipoe-server: optimize port completion helper to match all othersChristian Poessinger
2019-10-06Python/ifconfig: T1712: wait when changing interface stateChristian Poessinger
With some interfaces, for example bond vif, it take some time for the state change to really happen. Because of this later code, like starting DHCP client, might not work as expected as get_state() reports the old (real) state. Now when changing state of an interface we are (busy-)waiting up to 12.5 seconds before we inform the user that the interface could not be brought up. This should be more then enough time for any interface to start except when there is really no cable attached.
2019-10-06ethernet: T1637: bugfix on wrong dict key in verify()Christian Poessinger
This resulted in a commit error when Bonding interfaces have been involved.
2019-10-06Python/ifconfig: T1557: add return in front of self._cmd() callsChristian Poessinger
2019-10-06Jenkins: add current Git commit ID to build descriptionChristian Poessinger
2019-10-03dhcp-server: T1707: remove DHCP static-mappings from address poolChristian Poessinger
Previously when static-mappings have been created the address was still within the DHCP pool resulting in log entries as follows: dhcpd: Dynamic and static leases present for 192.0.2.51 dhcpd: Remove host declaration DMZ_PC2 or remove 192.0.2.51 dhcpd: from the dynamic address pool for DMZ (cherry picked from commit 6f954ab56768af9a07d8a1dc086f54ddefa58da7)
2019-10-03dhcp-server: only import ip_address and ip_network from ipaddress classChristian Poessinger
(cherry picked from commit bdf890cca40157b3f2a2386685e043e0fa220fac)
2019-10-03dhcp-server: T1707: bugfix on subsequent DHCP exclude addressesChristian Poessinger
Moved the code for splicing a DHCP range into its dedicated function as this will later be required again. Having subsequent DHCP exclude addresses e.g. 192.0.2.70 and 192.0.2.71 did not work as the previous algorithm created a range whose start address was after the end address. (cherry picked from commit 0f0f9f2835cf85c1fd3652ec83368528754764cd)
2019-10-03OpenVPN: T1689: Add full restart on 'reset openvpn interface <interface>'Christian Poessinger
2019-10-01[wireguard] - T1706: wireguard broken in latest rollinghagbard
2019-10-01Merge pull request #144 from jestabro/rev-load-configDaniil Baturin
Rev load config
2019-10-01T1424: Rewrite the config load scriptJohn Estabrook
Rewrite of the load functionality of vyatta-load-config.pl, removing the dependency on Vyatta::Config.
2019-10-01T1424: Check for http error or redirect, when loading remote files.John Estabrook
(ported from vyatta-cfg f051e369)
2019-10-01Revert "wireguard: T1700 - Wireguard FQDN endpoint doesn't work after reboot"hagbard
This reverts commit daf2e29e3693a7eb2d8b6fc378d984b9a17d2aa3. It had unknown side effects, undiscovered during testing
2019-09-30wireguard: T1700 - Wireguard FQDN endpoint doesn't work after reboothagbard
2019-09-30Merge pull request #143 from vindenesen/current-T1688Christian Poessinger
[OpenVPN]: T1688: Add support for using encryption aes128gcm, aes192gcm and aes25gcm
2019-09-30[OpenVPN]: T1688: Added check to see if encryption gcm is used in ↵vindenesen
combination with shared-secret-key-file, which is not supported (OpenVPN throws error message)