summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-10-01nat: T2948: fix validation of IP address rangeChristian Poessinger
2020-10-01configdict: T2372: use config.exists() when probing for interface removalChristian Poessinger
We must use exists() as get_config_dict() will always return {} - even when an empty interface node like +macsec macsec1 { +} exists.
2020-10-01macsec: T2023: use proper config path for source-interface on removalChristian Poessinger
The config path is altered in get_interface_dict() to the base of the interface in question, e.g. 'interfaces macsec macsec1' - this must be reflected when calling othe methods of Config().
2020-10-01pppoe-server: T2936: move to get_config_dict()Christian Poessinger
For easier configuration read in (CLI) validation and also template rendering it makes sense to drop the old, single implementation and move to the new, generic get_config_dict() approach. Recurring configuration parts like ip-pool, ipv6-pool and nameservers have also been split our into individual templates which will be included through Jinja2 - leading to a single-source of the template sections, too.
2020-09-30wireguard: T2939: bugfix when removing individual peersChristian Poessinger
When individual peers that have been removed got determined they have been added to the config dict as list instead of string - which broke the system plumbing commands as they can not handle a Python list.
2020-09-30macsec: T2023: only remove interface when it existsChristian Poessinger
If for whatever reason the macsec interface dropped out of the Kernel - only call .remove() when it still exists to avoid any exceptions at all.
2020-09-29Merge pull request #557 from sever-sever/T2933Christian Poessinger
vrrp: T2933: Add option virtual-address-excluded
2020-09-29vrrp: T2933: Add option virtual-address-excludedsever-sever
2020-09-28Merge pull request #555 from DmitriyEshenko/cur-1x-pppoe-csid-formatChristian Poessinger
pppoe-server: T2919: Add possibility change Called-Station-Id format
2020-09-28pppoe-server: T2919: Add possibility change Called-Station-Id formatDmitriyEshenko
2020-09-27vxlan: geneve: T2930: add CLI node to set MAC addressChristian Poessinger
2020-09-26Merge pull request #554 from sever-sever/T2918Christian Poessinger
accel-ppp: T2918: Add accounting interim jitter option
2020-09-26macsec: T2023: shift priority to run on vxlan/geneve source-interfaceChristian Poessinger
2020-09-26accel-ppp: T2918: Add accounting interim jitter optionsever-sever
2020-09-26macsec: vxlan: T2653: bugfix in verify() on lower interface MTU sizeChristian Poessinger
Introduced in commit 818a75c024e ("ifconfig: T2653: get_mtu() should return int() for easier comparison") where the variable used in the formatted string has not been adjusted.
2020-09-26login: migration: T2929: add missing if condition when probing for radius-serverChristian Poessinger
2020-09-26Merge pull request #553 from sever-sever/T2917_portChristian Poessinger
accel-ppp: T2917: Add Preallocate NAS-port-id
2020-09-26accel-ppp: T2917: Add Preallocate NAS-port-idsever-sever
2020-09-26Debian: adding vyos-configd made this package architecture specificChristian Poessinger
There is a shim which is compiled by GCC per target architecture.
2020-09-26xml: interface-definitions: fix wrong file extension of inlcude filesChristian Poessinger
Files which are included by others whouls have the ".xml.i" extension.
2020-09-26ifconfig: mtu: T2928: remove bridge mtu check as our bridge interface has no mtuChristian Poessinger
2020-09-26ifconfig: mtu: disallow MTU < 1280 bytes when IPv6 is enabled on the interfaceChristian Poessinger
Using an MTU less then the required 1280 bytes (as per RFC) on an interface where IPv6 is not explicitly disabled by: - set interfaces ethernet eth1 ipv6 address no-default-link-local - not having any other IPv6 address configured Will now trigger a commit error via verify() instead of raising FileNotFoundError!
2020-09-26smoketest: platform: check for required virtio/vmxnet driversChristian Poessinger
2020-09-26Merge pull request #551 from kroy-the-rabbit/currentChristian Poessinger
T2926: Missing import
2020-09-25T2926: Missing importkroy
2020-09-25ethernet: T2912: verify() that hardware supports specified MTU valueChristian Poessinger
Check the hardware if MTU value is supported at all.
2020-09-25ifconfig: T2912: add helper to verify interface min/max supported MTUChristian Poessinger
Currently the MTU size of an interface is only checked when entered via CLI but if the interface supportes the configured MTU at all is not verified at all. New helper functions get_min_mtu(), get_max_mtu() and verify_mtu() have been added to provide a central API for validation.
2020-09-25ifconfig: T2653: get_mtu() should return int() for easier comparisonChristian Poessinger
2020-09-25ifconfig: T2912: add helper to retrieve interface min/max supported MTUChristian Poessinger
>>> from vyos.ifconfig import Interface >>> tmp=Interface('eth0') >>> tmp.get_min_mtu() 60 >>> tmp.get_max_mtu() 9000
2020-09-25syslog: T2899: shift system migration files +1 to allow for cruxJohn Estabrook
2020-09-25syslog: T1845: fix indentation levelJohn Estabrook
2020-09-25dns: forwarding: T2921: migrate to get_config_dict()Christian Poessinger
2020-09-24dhcpv6-pd: verify: T2923: interface is required where the prefix is assignedChristian Poessinger
When configuring DHCPv6-PD it is mandatory to also specify at least one interface where the newly delegated prefix will be used. Without this setting DHCPv6-PD makes no sense at all.
2020-09-24smoketest: dns: dynamic: add missing import statementChristian Poessinger
Commit 58ead741 ("smoketest: (re-)use process_named_running() from vyos.util") missed an import statement for process_named_running(). This has been fixed.
2020-09-24wireless: T2241: add "wds" CLI optionChristian Poessinger
2020-09-24smoketest: (re-)use process_named_running() from vyos.utilChristian Poessinger
2020-09-24smoketest: dns: forwarding: T2921: add initial testcasesChristian Poessinger
2020-09-24dns: forwarding: T2921: template cleanupChristian Poessinger
2020-09-22openvpn: T2906: tls-auth missing key directionMarcus Hoff
2020-09-22openvpn: T2907: add 'none' encryption option to not encrypt any dataMarcus Hoff
2020-09-22Merge pull request #549 from sever-sever/T2915Christian Poessinger
conf-mode: T2915: Adding lost option proxy-arp-pvlan for vlan
2020-09-22conf-mode: T2915: Adding lost option proxy-arp-pvlan for vlansever-sever
2020-09-22smoketest: macsec: T2023: check that source-interface is not used by any ↵Christian Poessinger
other interface
2020-09-22ifconfig: T2653: bond: bridge: ensure member interface is not a source-interfaceChristian Poessinger
As we already check that a bond/bridge member interface is not a member of any other bridge or bond, the check must be extended. We also need to ensure that the bond member interface is not used as a source-interface to pppoe, macsec, tunnel, pseudo-ethernet, vxlan interfaces.
2020-09-22ifconfig: T2653: move is_member() from vyos.vylidate to vyos.configdictChristian Poessinger
2020-09-21macsec: T2788: source-interface must not be member of a bridgeChristian Poessinger
Add verify() step to ensure the macsec source-interface is not already part of a bridge interface. This should probably also be checked for bond interfaces.
2020-09-21bridge: ifconfig: T2653: only delete member interfaces which still existChristian Poessinger
When removing e.g. a macsec interface and also its associated member interface from the bridge, it will happen that the macsec interface instance is long gone before we reach the code in the bridge interface which will remove it from the bridge itself. When this is the case, we can not call BridgeIf.del_port() as it will throw an exception that the interface does not exist. We now only remove a bridge member if the interface in question is still available in the kernel.
2020-09-21wireless: T2887: help when searching hidden SSIDs in station modeChristian Poessinger
2020-09-21wireless: T2887: hostapd: add bridge optionChristian Poessinger
2020-09-21smoketest: kernel: check for mandatory bond/lacp and bridge optionsChristian Poessinger