summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-04-29openvpn: T4369: enforce daemon-restart on openvpn-option CLI changeChristian Poessinger
(cherry picked from commit e36efa6b5df764982678a470b7aa82a33c1c369c)
2022-04-29vyos.configdict: T4369: add is_node_changed() helperChristian Poessinger
(cherry picked from commit 714346e2ee0c61a08a9d17fdb962f2fbea9f73c9)
2022-04-28Merge pull request #1286 from c-po/t4633-geneve-equuleusChristian Poessinger
geneve: T4366: prevent interface re-creation when not required
2022-04-28Merge pull request #1297 from c-po/t4388-dhcp-equuleusChristian Poessinger
dhcp: T4388: missing constraint on tftp-server-name option
2022-04-26Merge pull request #1303 from sever-sever/T4395-equChristian Poessinger
op-mode: T4395: Extend show vpn debug for IPSec add vpn_ipsec.py
2022-04-26op-mode: T4395: Extend show vpn debug for IPSec add vpn_ipsec.pyViacheslav Hletenko
Add python script for op-mode 'show vpn debug'
2022-04-26Merge pull request #1296 from jestabro/equuleus-config-diffJohn Estabrook
T4235: Add support for config tree diff algorithm
2022-04-22dhcp: T4388: missing constraint on tftp-server-name optionChristian Poessinger
(cherry picked from commit 0b466f7a54cfedaf53edec5f3d58676113ece391)
2022-04-20configdiff: T4260: add support for diff_tree classJohn Estabrook
Add support for the configtree diff algorithm. A new function ConfigDiff().is_node_changed(path) -> bool is added to recursively detect changes in the tree below the node at path; existing functions take the keyword argument 'recursive: bool' to apply the algorithm in place of the existing, non-recursive, comparison. (cherry picked from commit e5d04b20be0ef270d20f1d5ac9203b3a03649135)
2022-04-20configtree: T4235: distinguish sub(-tract) tree from delete treeJohn Estabrook
The DiffTree class maintains both the 'sub'(-tract) configtree, containing all paths in the LHS of the comparison that are not in the RHS, and the 'delete' configtree: the delete tree is the minimal subtree containing only the first node of a path not present in the RHS. It is the delete tree that is needed to produce 'delete' commands for config mode, whereas the 'sub' tree contains full information, needed for recursively detecting changes to a node. (cherry picked from commit 193cbd15ba39a41614c63b997e6a62254589158a)
2022-04-20configtree: T4235: allow empty argumentsJohn Estabrook
(cherry picked from commit 4625fd41f99ddf77c104a657cd90a1ddf5449dd8)
2022-04-20configtree: T4235: simplification of diff_tree classJohn Estabrook
The return value of diff_tree is now a single config_tree, with initial children of names: ["add", "delete", "inter"] containing the config sub-trees of added paths; deleted paths; and intersection, respectively. The simplifies dumping to json, and checking existence of paths, hence, of node changes. (cherry picked from commit 3d28528ff84b4e874faf80028709bd08b2956933)
2022-04-20configtree: T4235: add utility get_subtreeJohn Estabrook
(cherry picked from commit ff7e2cd622cf3679cd9265b2cb766395a1830f50)
2022-04-20configtree: T4235: encapsulate config tree diff functionJohn Estabrook
(cherry picked from commit 2ee94418ce24429dbf6a52c2a327ed08a1935958)
2022-04-19Merge pull request #1292 from andriiandrieiev/equuleusChristian Poessinger
T4268: monitoring: Fixed unnatural LA elevation
2022-04-19T4268: monitoring: Fixed unnatural LA elevationAndrii
2022-04-18Merge pull request #1288 from sever-sever/T4344-equlChristian Poessinger
dhcp-server: T4344: Fix underscores for shared network name
2022-04-18dhcp-server: T4344: Fix underscores for shared network nameViacheslav Hletenko
Shared network name should not be handled by tag node mangling I.e. should not replace underscores with dashed set service dhcp-server shared-network-name NET_01 shared-network NET_01 { authoritative; ... on commit { set shared-networkname = "NET_01"; } } (cherry picked from commit b75b351b7dd2ec87407f98668468b1fc146428bf)
2022-04-18geneve: T4366: prevent interface re-creation on nasic parameter changeChristian Poessinger
Changing the geneve interface description does destroy the interface on the kernel level - this should be avoided as it's ... stupid! (cherry picked from commit 3cbe7878bcadc0f3ecbaeab46d745b5510c26b0d)
2022-04-08Merge pull request #1263 from c-po/wwan-t4324-equuleusDaniil Baturin
T4324, T4338, T4339 WWAN interface bugfixes
2022-04-08Merge pull request #1273 from c-po/t4331-equuleusDaniil Baturin
T4331: IPv6 link local addresses are not configured when an interface is in a VRF (equuleus)
2022-04-07Merge pull request #1276 from c-po/t4346-deprecate-ipv6-disableChristian Poessinger
T4346 Deprecate "system ipv6 disable" option to disable address family within OS kernel (equuleus)
2022-04-07ipv6: T4346: deprecate CLI command to disable IPv6 address familyChristian Poessinger
(cherry picked from commit 0f7e5371e702d4e2389f6fa6dfbda11bc9da6257)
2022-04-07vyos.base: T4346: add common DeprecationWarning() classChristian Poessinger
(cherry picked from commit 957f73ed8c2c22afd5e56adc36b4d032b3f1a5f1)
2022-04-07Merge pull request #1264 from c-po/t4336-isis-equuleusDaniil Baturin
isis: T4336: add support for MD5 authentication password on a circuit (equuleus)
2022-04-07Merge pull request #1268 from c-po/t4341-ssh-loginDaniil Baturin
T4341 SSH and system login fixes + smoketests
2022-04-07Merge pull request #1261 from c-po/t4319-disable-ipv6-equuleusDaniil Baturin
T4319: bugfixes for disabled IPv6 (equuleus)
2022-04-06smoketest: isis: extend testcase to verify 'is-type level-2-only' can be setChristian Poessinger
(cherry picked from commit 16a88f6b86e4ab920178701f6b3c02e893f337e8)
2022-04-06isis: T4336: add support for MD5 authentication password on a circuitChristian Poessinger
(cherry picked from commit a6c936997611de85dc73152297679d0b53095713)
2022-04-06Merge pull request #1265 from c-po/t4337-isis-equuleusDaniil Baturin
T4337: isis: IETF SPF delay algorithm cannot be configured - results in vyos.frr.CommitError (equuleus)
2022-04-06Merge pull request #1269 from c-po/t3804-dns-equuleusDaniil Baturin
dns: forwarding: T3804: bugfix DHCP name-servers used for recursion
2022-04-06interfaces: T4331: Fix assign link-local static IPv6 addr to vrfViacheslav Hletenko
If we have link-local static address and vrf, for example: set interfaces ethernet eth2 address 'fe80::5200:ff:fe55:222/64' set interfaces ethernet eth2 vrf 'foo' This IPv6 address was assigned before vrf, as result after attaching the intreface to vrf we lose this static linklocal address DEBUG/IFCONFIG cmd 'ip addr add fe80::5200:ff:fe55:222/64 dev eth2' DEBUG/IFCONFIG cmd 'ip link set dev eth2 master foo' DEBUG/IFCONFIG cmd 'ip addr add fe80::5208:ff:fe13:2/64 dev eth2' This commit fixes this, the address is assigned after vrf assign (cherry picked from commit d6e22b28887c7a3f7d2f8b955c2e90bcadaeeeba)
2022-04-06smoketest: vrf: T4331: IPv6 link-local addresses not configured for ↵Christian Poessinger
interface in VRF (cherry picked from commit 5b57c536b5f599deea2106aad7aea95c465bc0c0)
2022-04-05dns: forwarding: T3804: bugfix DHCP name-servers used for recursionChristian Poessinger
Commit 2ecf7a9f9c ('name-server: T3804: merge "system name-servers-dhcp" into "system name-server"') missed out an old dictionary key "system_name_server_dhcp" and thus system nameservers configured via DHCP did not get used for the DNS forwar recursor. (cherry picked from commit 806ff50bf1a970d731c2227f9d2cd2342b8a1b4e)
2022-04-04login: T4341: busy wait on userdel(8) until the account was deleted successfullyChristian Poessinger
(cherry picked from commit 796178f69ce09e28ab9f20c7b5e1ce97ef00a1ff)
2022-04-04smoketest: login: verify test accounts are properly deletedChristian Poessinger
(cherry picked from commit 6a04ff2840dfcfcad7a1cb93baf210370fa8871e)
2022-04-04login: T4341: disable user account prior to deletionChristian Poessinger
(cherry picked from commit efa753bc661d04967237e7ec3d72d3757230aaf9)
2022-04-04smoketest: ssh: verify SSH service is stopped on removalChristian Poessinger
(cherry picked from commit 4bb0adf535e12dc962a0ebea0f5a96f612a76a5d)
2022-04-04smoketest: ssh: verify login of valid and invalid test userChristian Poessinger
In order to test for proper system authentication and security setup a new testcase is added which performs an SSH login and command execution with a predefined user. The result (output of uname -a) must match the output if the command is run natively. We also try to login as an invalid user - this is not allowed to work. (cherry picked from commit e66c45ce7a664ecb26d21a215975777bef0fcd71)
2022-04-04wifi: T4339: tab-completion results in "No such file or directory"Christian Poessinger
(cherry picked from commit 175b0a082808955adba811f18424a126e798dd32)
2022-04-04wwan: T4339: tab-completion results in "No such file or directory"Christian Poessinger
(cherry picked from commit 671abc96ac607226e208ac94b87a33851c144945)
2022-04-04wwan: T4338: changing interface description should not trigger reconnectChristian Poessinger
Changing the WWAN interface description will trigger an interface reconnect. Reconnects should only be triggered in changes to the connection parameters like bond interfaces. (cherry picked from commit 76a049c7d30f3e64989b9697d65d15bfd3005316)
2022-04-04Merge pull request #1266 from c-po/pr-conflict-backportChristian Poessinger
GitHub: enable PR conflict workflow - backport from current
2022-04-03GitHub: enable PR conflict workflow - backport from currentChristian Poessinger
2022-04-03smoketest: isis: T4337: verify IETF SPF delay algorithmChristian Poessinger
2022-04-03isis: T4337: IETF SPF delay algorithm can not be configuredChristian Poessinger
To reproduce: set protocols isis interface eth1 set protocols isis net '49.0001.1921.6800.1002.00' Now enable SPF: set protocols isis spf-delay-ietf holddown '20' set protocols isis spf-delay-ietf init-delay '31' set protocols isis spf-delay-ietf long-delay '30' set protocols isis spf-delay-ietf short-delay '32' set protocols isis spf-delay-ietf time-to-learn '44' This will only render the FRR config line: spf-delay-ietf init-delay 31 which is incomplete: frr-reload output: 2 2022-04-03 12:35:24,764 ERROR: vtysh failed to process new configuration: vtysh (mark file) exited with status 4: frr-reload output: 3 b'line 15: % Command incomplete: spf-delay-ietf init-delay 31\n\n'
2022-04-03wwan: T4324: properly start/stop ModemManager and cron helper on interface ↵Christian Poessinger
add/removal (cherry picked from commit c58a03ad76b2a0680a33fcfec3ab7a3545374abb)
2022-04-03wwan: T4324: cronjob is setup via interfaces-wwan.py - drop dedicated cron fileChristian Poessinger
(cherry picked from commit 5faeacd1111a83e5859b98ccc4193cb6017cdba8)
2022-04-03wwan: T4324: is_wwan_connected() must verify if ModemManager is runningChristian Poessinger
(cherry picked from commit 15c94a8706622927850eba8c22fcff2df32978b4)
2022-03-31vyos.ifconfig: T4330: MTU must be configured prior to any IPv6 option changeChristian Poessinger
This extends the fix from 53e20097 ("vyos.ifconfig: T4330: bugfix changing MTU when IPv6 is disabled") by ordering the execution in a way the Kernel does not complain. (cherry picked from commit 601ab19fd8c81a998b3c966cc83b85ed60ac5ae0)