summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-05-09Merge pull request #1309 from dmbaturin/T4402-equDaniil Baturin
T4402: fix ifconfig-pool generation logic
2022-05-09Merge pull request #1313 from dtoubelis/equuleusDaniil Baturin
T4405: Fix administrative distance of DHCP routes
2022-05-07Merge pull request #1318 from c-po/t4361-equuleus-backportDaniil Baturin
T4361: equuleus backport vyos.config fix
2022-05-06smoketest: T4354: Add test for uniq bonding membersViacheslav Hletenko
Extend bonding smoketest Add descriptions to bonding members We encountered a situation where adding any configuration for member of bonding interface excludes the interface from bonding (cherry picked from commit ae815d1b11a4c17df6aea45e3fc87772a0e40e6a)
2022-05-06T4361: refactor and simplify vyos.config.exists()Christian Poessinger
(cherry-picked from commit 63fee7ab0c082f3c614bb140de1e7482399dff2b)
2022-05-05T4405: Fix administrative distance of DHCP routesDmitri Toubelis
- Default dhclient script only uses value of `$IF_MERIC` envvar for default route recived via `router` option. - This variable has no effect on rotes received via `rfc3442-classless-static-routes` option - Considering that Vyos overrrides `ip` command originating from `dhclient` this can be easily fixed in `iptovtysh()` function by using the `$IF_METRIC` envvar directly in the dhclient hook.
2022-05-01Merge pull request #1284 from c-po/t4363-salt-equuleusChristian Poessinger
T4363: salt-minion: default mine_interval option is not set
2022-05-01T4402: fix ifconfig-pool generation logicDaniil Baturin
2022-04-29Merge pull request #1308 from c-po/t4369-openvpn-equuleusChristian Poessinger
openvpn: T4369: enforce daemon-restart on openvpn-option CLI change (equuleus)
2022-04-29openvpn: T4369: enforce daemon-restart on openvpn-option CLI changeChristian Poessinger
(cherry picked from commit e36efa6b5df764982678a470b7aa82a33c1c369c)
2022-04-29vyos.configdict: T4369: add is_node_changed() helperChristian Poessinger
(cherry picked from commit 714346e2ee0c61a08a9d17fdb962f2fbea9f73c9)
2022-04-29smoketest: salt: T4363: add initial testcaseChristian Poessinger
(cherry picked from commit 3081705175da8eb4ee7c1264e64d06f30b175fdb)
2022-04-28Merge pull request #1286 from c-po/t4633-geneve-equuleusChristian Poessinger
geneve: T4366: prevent interface re-creation when not required
2022-04-28Merge pull request #1297 from c-po/t4388-dhcp-equuleusChristian Poessinger
dhcp: T4388: missing constraint on tftp-server-name option
2022-04-26Merge pull request #1303 from sever-sever/T4395-equChristian Poessinger
op-mode: T4395: Extend show vpn debug for IPSec add vpn_ipsec.py
2022-04-26op-mode: T4395: Extend show vpn debug for IPSec add vpn_ipsec.pyViacheslav Hletenko
Add python script for op-mode 'show vpn debug'
2022-04-26Merge pull request #1296 from jestabro/equuleus-config-diffJohn Estabrook
T4235: Add support for config tree diff algorithm
2022-04-22dhcp: T4388: missing constraint on tftp-server-name optionChristian Poessinger
(cherry picked from commit 0b466f7a54cfedaf53edec5f3d58676113ece391)
2022-04-20configdiff: T4260: add support for diff_tree classJohn Estabrook
Add support for the configtree diff algorithm. A new function ConfigDiff().is_node_changed(path) -> bool is added to recursively detect changes in the tree below the node at path; existing functions take the keyword argument 'recursive: bool' to apply the algorithm in place of the existing, non-recursive, comparison. (cherry picked from commit e5d04b20be0ef270d20f1d5ac9203b3a03649135)
2022-04-20configtree: T4235: distinguish sub(-tract) tree from delete treeJohn Estabrook
The DiffTree class maintains both the 'sub'(-tract) configtree, containing all paths in the LHS of the comparison that are not in the RHS, and the 'delete' configtree: the delete tree is the minimal subtree containing only the first node of a path not present in the RHS. It is the delete tree that is needed to produce 'delete' commands for config mode, whereas the 'sub' tree contains full information, needed for recursively detecting changes to a node. (cherry picked from commit 193cbd15ba39a41614c63b997e6a62254589158a)
2022-04-20configtree: T4235: allow empty argumentsJohn Estabrook
(cherry picked from commit 4625fd41f99ddf77c104a657cd90a1ddf5449dd8)
2022-04-20configtree: T4235: simplification of diff_tree classJohn Estabrook
The return value of diff_tree is now a single config_tree, with initial children of names: ["add", "delete", "inter"] containing the config sub-trees of added paths; deleted paths; and intersection, respectively. The simplifies dumping to json, and checking existence of paths, hence, of node changes. (cherry picked from commit 3d28528ff84b4e874faf80028709bd08b2956933)
2022-04-20configtree: T4235: add utility get_subtreeJohn Estabrook
(cherry picked from commit ff7e2cd622cf3679cd9265b2cb766395a1830f50)
2022-04-20configtree: T4235: encapsulate config tree diff functionJohn Estabrook
(cherry picked from commit 2ee94418ce24429dbf6a52c2a327ed08a1935958)
2022-04-19Merge pull request #1292 from andriiandrieiev/equuleusChristian Poessinger
T4268: monitoring: Fixed unnatural LA elevation
2022-04-19T4268: monitoring: Fixed unnatural LA elevationAndrii
2022-04-18Merge pull request #1288 from sever-sever/T4344-equlChristian Poessinger
dhcp-server: T4344: Fix underscores for shared network name
2022-04-18dhcp-server: T4344: Fix underscores for shared network nameViacheslav Hletenko
Shared network name should not be handled by tag node mangling I.e. should not replace underscores with dashed set service dhcp-server shared-network-name NET_01 shared-network NET_01 { authoritative; ... on commit { set shared-networkname = "NET_01"; } } (cherry picked from commit b75b351b7dd2ec87407f98668468b1fc146428bf)
2022-04-18geneve: T4366: prevent interface re-creation on nasic parameter changeChristian Poessinger
Changing the geneve interface description does destroy the interface on the kernel level - this should be avoided as it's ... stupid! (cherry picked from commit 3cbe7878bcadc0f3ecbaeab46d745b5510c26b0d)
2022-04-15salt-minion: T4363: mine_interval option is not setChristian Poessinger
(cherry picked from commit 3ec3c7f5b523b464a3bc7168b2362611d9c2c153)
2022-04-08Merge pull request #1263 from c-po/wwan-t4324-equuleusDaniil Baturin
T4324, T4338, T4339 WWAN interface bugfixes
2022-04-08Merge pull request #1273 from c-po/t4331-equuleusDaniil Baturin
T4331: IPv6 link local addresses are not configured when an interface is in a VRF (equuleus)
2022-04-07Merge pull request #1276 from c-po/t4346-deprecate-ipv6-disableChristian Poessinger
T4346 Deprecate "system ipv6 disable" option to disable address family within OS kernel (equuleus)
2022-04-07ipv6: T4346: deprecate CLI command to disable IPv6 address familyChristian Poessinger
(cherry picked from commit 0f7e5371e702d4e2389f6fa6dfbda11bc9da6257)
2022-04-07vyos.base: T4346: add common DeprecationWarning() classChristian Poessinger
(cherry picked from commit 957f73ed8c2c22afd5e56adc36b4d032b3f1a5f1)
2022-04-07Merge pull request #1264 from c-po/t4336-isis-equuleusDaniil Baturin
isis: T4336: add support for MD5 authentication password on a circuit (equuleus)
2022-04-07Merge pull request #1268 from c-po/t4341-ssh-loginDaniil Baturin
T4341 SSH and system login fixes + smoketests
2022-04-07Merge pull request #1261 from c-po/t4319-disable-ipv6-equuleusDaniil Baturin
T4319: bugfixes for disabled IPv6 (equuleus)
2022-04-06smoketest: isis: extend testcase to verify 'is-type level-2-only' can be setChristian Poessinger
(cherry picked from commit 16a88f6b86e4ab920178701f6b3c02e893f337e8)
2022-04-06isis: T4336: add support for MD5 authentication password on a circuitChristian Poessinger
(cherry picked from commit a6c936997611de85dc73152297679d0b53095713)
2022-04-06Merge pull request #1265 from c-po/t4337-isis-equuleusDaniil Baturin
T4337: isis: IETF SPF delay algorithm cannot be configured - results in vyos.frr.CommitError (equuleus)
2022-04-06Merge pull request #1269 from c-po/t3804-dns-equuleusDaniil Baturin
dns: forwarding: T3804: bugfix DHCP name-servers used for recursion
2022-04-06interfaces: T4331: Fix assign link-local static IPv6 addr to vrfViacheslav Hletenko
If we have link-local static address and vrf, for example: set interfaces ethernet eth2 address 'fe80::5200:ff:fe55:222/64' set interfaces ethernet eth2 vrf 'foo' This IPv6 address was assigned before vrf, as result after attaching the intreface to vrf we lose this static linklocal address DEBUG/IFCONFIG cmd 'ip addr add fe80::5200:ff:fe55:222/64 dev eth2' DEBUG/IFCONFIG cmd 'ip link set dev eth2 master foo' DEBUG/IFCONFIG cmd 'ip addr add fe80::5208:ff:fe13:2/64 dev eth2' This commit fixes this, the address is assigned after vrf assign (cherry picked from commit d6e22b28887c7a3f7d2f8b955c2e90bcadaeeeba)
2022-04-06smoketest: vrf: T4331: IPv6 link-local addresses not configured for ↵Christian Poessinger
interface in VRF (cherry picked from commit 5b57c536b5f599deea2106aad7aea95c465bc0c0)
2022-04-05dns: forwarding: T3804: bugfix DHCP name-servers used for recursionChristian Poessinger
Commit 2ecf7a9f9c ('name-server: T3804: merge "system name-servers-dhcp" into "system name-server"') missed out an old dictionary key "system_name_server_dhcp" and thus system nameservers configured via DHCP did not get used for the DNS forwar recursor. (cherry picked from commit 806ff50bf1a970d731c2227f9d2cd2342b8a1b4e)
2022-04-04login: T4341: busy wait on userdel(8) until the account was deleted successfullyChristian Poessinger
(cherry picked from commit 796178f69ce09e28ab9f20c7b5e1ce97ef00a1ff)
2022-04-04smoketest: login: verify test accounts are properly deletedChristian Poessinger
(cherry picked from commit 6a04ff2840dfcfcad7a1cb93baf210370fa8871e)
2022-04-04login: T4341: disable user account prior to deletionChristian Poessinger
(cherry picked from commit efa753bc661d04967237e7ec3d72d3757230aaf9)
2022-04-04smoketest: ssh: verify SSH service is stopped on removalChristian Poessinger
(cherry picked from commit 4bb0adf535e12dc962a0ebea0f5a96f612a76a5d)
2022-04-04smoketest: ssh: verify login of valid and invalid test userChristian Poessinger
In order to test for proper system authentication and security setup a new testcase is added which performs an SSH login and command execution with a predefined user. The result (output of uname -a) must match the output if the command is run natively. We also try to login as an invalid user - this is not allowed to work. (cherry picked from commit e66c45ce7a664ecb26d21a215975777bef0fcd71)