summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-10-18openvpn: T2969: ensure interface is always removedChristian Poessinger
2020-10-18openvpn: T2969: force creation of tunnel interfacesChristian Poessinger
A lot of VyOS code requires the Kernel interface to be present in order to properly work and adjust the interface to the users CLI intends (alias, ipv6, vrf - just to name a few). OpenVPN - when run in client mode - only creates the interface (e.g. vtun1) when the connection to the OpenVPN server was successful. This can't be always the case due to e.g. software-updates or routing issues to the remote side. This will in the end result in a zombie OpenVPN client interface where some config items might not have been set when the interface finally comes up - imagine a wrong assigned VRF instance. By always creating the OpenVPN interface manuall we ensure that all the CLI settings are properly configured in the OS kernel.
2020-10-18Merge pull request #578 from bmhughes/fix-show-lldp-neighborsDaniil Baturin
op-mode: lldp: T2993: Fixup 'show lldp neighbors'
2020-10-18op-mode: lldp: T2993: Fixup 'show lldp neighbors'Benjamin M. Hughes
Check that interfaces have been returned from lldpcli to prevent trace when no interfaces are enabled for lldp.
2020-10-18Merge pull request #577 from bmhughes/fix-show-lldp-neighborsDaniil Baturin
op-mode: lldp: T2993: Fix 'show lldp neighbors'
2020-10-18op-mode: lldp: T2993: Fix 'show lldp neighbors'Benjamin M. Hughes
'show lldp neighbors' fails with: Traceback (most recent call last): File "./lldp_op.py", line 122, in <module> config_text = tmpl.render(parse_data(neighbors)) File "./lldp_op.py", line 51, in parse_data for local_if, values in tmp.items(): AttributeError: 'str' object has no attribute 'items' `parse_data` was expecting data to be provided as a dict within an array which doesn't match the format from the parsed json output of lldpcli. Change `parse_data` and `main` to use a dict alone for passing interface neighbors for rendering.
2020-10-18smoketest: openvpn: add initial client testChristian Poessinger
2020-10-18smoketest: sstp: remove unused variableChristian Poessinger
2020-10-18ifconfig: T2985: remove no longer available vyos.ifconfig.stp includeChristian Poessinger
almost every interface can be part of a bridge thus the code for changing STP cost is best part of the Interface() base class itself. Commit b5ef10cf ("ifconfig: T2985: support on demand bridge creation") implemented this change but the STP file was not removed on the test devices causing tests to pass.
2020-10-17Merge branch 'bridge' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 'bridge' of github.com:c-po/vyos-1x: smoketest: add IPv6 option tests to BasicInterfaceTest ifconfig: T2985: support on demand bridge creation geneve: T1799: add IPv6 CLI options op-mode: add "show arp" command
2020-10-17smoketest: add IPv6 option tests to BasicInterfaceTestChristian Poessinger
2020-10-17ifconfig: T2985: support on demand bridge creationChristian Poessinger
The current implementation for bridge based interfaces has an issue which is caused by priority inheritance. We always assumed that the bridge interface will be created last, but this may not be true in all cases, where some interfaces will be created "on demand" - e.g. OpenVPN or late (VXLAN, GENEVE). As we already have a bunch of verify steps in place we should not see a bridge interface leak to the underlaying infrastructure code. This means, whenever an interface will be member of a bridge, and the bridge does yet not exist, we will create it in advance in the interface context, as the bridge code will be run in the same commit but maybe sooner or later. This will also be the solution for T2924.
2020-10-17geneve: T1799: add IPv6 CLI optionsChristian Poessinger
2020-10-17op-mode: add "show arp" commandChristian Poessinger
2020-10-17Merge pull request #576 from sever-sever/T752Christian Poessinger
sysctl-forwarding: T752: Add disable forwarding for ipv4
2020-10-17sysctl-forwarding: T752: Add disable forwarding for ipv4sever-sever
2020-10-17Merge pull request #573 from sever-sever/T2938Christian Poessinger
conf-mode: T2938: Add format octet-counted for syslog
2020-10-17syslog: T2938: Add format octet-counted for syslog conf-modesever-sever
2020-10-17Merge pull request #575 from DmitriyEshenko/ipoe-fix-issue01Christian Poessinger
ipoe-server: T2978: Add required proxy-arp by default
2020-10-16ipoe-server: T2978: Add required proxy-arp by defaultDmitriyEshenko
2020-10-16Merge pull request #574 from Cheeze-It/currentChristian Poessinger
T2981, Adding MPLS LDP Neighbor Reset functionality
2020-10-16T2981, Adding MPLS LDP Neighbor Reset functionalityCheeze_It
Configuration was actually made by Viacheslav. I just added it in here, and tested it. It does test. Viacheslav tested it as well. I cannot take credit for this, even though he's giving me PR. Thanks goes to him.
2020-10-16Merge pull request #572 from sever-sever/T2965Christian Poessinger
op-mode: T2965: Add CLI protocols bfd peers
2020-10-16op-mode: T2965: Add CLI protocols bfd peerssever-sever
2020-10-16Merge pull request #571 from sever-sever/T915_holdtime_explicitChristian Poessinger
conf-mode: T915: Add mpls ldp explicit and holdtime commands
2020-10-15conf-mode: T915: Add mpls ldp explicit and holdtime commandssever-sever
2020-10-13Merge pull request #566 from DmitriyEshenko/incr-pppoe-shaperChristian Poessinger
pppoe-server: T2972: Increase rate limit validator
2020-10-13pppoe-server: T2976: fix local-users default value retrieval from XMLChristian Poessinger
We must use XML node style (hyphen over underscore).
2020-10-13pppoe-server: T2972: Increase rate limit validatorDmitriyEshenko
2020-10-12smoketest: tftp-server: listen on dummy interface address rather then loopbackChristian Poessinger
2020-10-11tftp-server: T2974: migrate to get_config_dict()Christian Poessinger
2020-10-11broadcast-relay: T2712: enable render trim_blocksChristian Poessinger
2020-10-11smoketest: tftp-server: add initial testcasesChristian Poessinger
2020-10-11tftp-server: T2973: bugfix IPv6 listen address/port combinationChristian Poessinger
The mandatory colon for separating the IPv6 address and port was missing.
2020-10-11nat: T2198: use proper validators for dnat translation addressChristian Poessinger
2020-10-11smoketest: nat: extend snat and add dnat test casesChristian Poessinger
2020-10-11smoketest: nat: concentrate validation logic checksChristian Poessinger
2020-10-09QAT: T2968: add support for Intel Atom C2000 processorChristian Poessinger
2020-10-09login: T2492: remove empty plaintext-password nodeChristian Poessinger
2020-10-08configd: T2931: workaround for suspected zmq bugJohn Estabrook
2020-10-07Merge pull request #563 from lucasec/dns-source-addressChristian Poessinger
pdns_recursor: T2964: Expose query-local-address to dns config.
2020-10-06pdns_recursor: T2964: Expose query-local-address to dns config.Lucas Christian
In certain split DNS configurations, there is a need for more fine-grained control over the local address DNS forwarding uses to issue queries. The current pdns_recursor configuration allows the recursor to send queries from any available address on the interface the OS selects for the query, with no option to limit queries to a particular address or set of addresses. This commit exposes the `query-local-address` option in `recursor.conf` to users via the `service` `dns` `forwarding` `source-address` config node. If the parameter is unspecified, the default value of 0.0.0.0 (any IPv4 address) and :: (any IPv6 address) are used to match current behavior. Users who want more control can specify one or more IPv4 and IPv6 addresses to issue queries from. Per pdns_recursor docs, the recursor will load balance queries between any available addresses in the pools. Since IPv4 and IPv6 are different pools, note that specifying only one type of address will disable issuing queries for the other address family.
2020-10-06openconnect: T2036: reuse accel-name-server.xml.iChristian Poessinger
2020-10-06Merge pull request #565 from sever-sever/T2782Christian Poessinger
conf-mode: T2782: Restart rsyslog after changing timezone
2020-10-06conf-mode: T2782: Restart rsyslog after changing timezonesever-sever
2020-10-06xml: tftp-server: include/reuse port-number.xml.iChristian Poessinger
2020-10-06xml: include: add common helper file for listen-addressChristian Poessinger
2020-10-06Merge pull request #564 from lucasec/doc-updateDaniil Baturin
Update search domain error message to match new validation logic
2020-10-05Update search domain error message to match new validation logic.Lucas Christian
(also converted file to unix line endings)
2020-10-05wireless: T2963: remove default wpa mode key if passphares or RADIUS is unsetChristian Poessinger
Required to not trigger the "Misssing WPA key or RADIUS server" exception due to the new default value added in commit 2a0428bf ("wireless: T2963: set default 'both' on 'security wpa mode'").