Age | Commit message (Collapse) | Author |
|
process_named_running() was introduced in commit 16b2fc8fc4ca ("dns-forwarding:
T2298: fix path to control file") and thus remained more or less unchanged.
Smoketests use process_named_running() heavily and might spawn multiple
processes with the same name but ifferent options (e.g. dhcp6c or dhclient) and
it was yet not possible to properly filter on the "real-deal" like the process
bound to a given interface.
One can now optionally specify a string that is searched inside the command
line argument list of the process.
Example:
>>> process_named_running('dhcp6c', 'veth0')
['/usr/sbin/dhcp6c', '-D', '-k', '/run/dhcp6c/dhcp6c.veth0.sock', '-c',
'/run/dhcp6c/dhcp6c.veth0.conf', '-p', '/run/dhcp6c/dhcp6c.veth0.pid', 'veth0']
4215
>>> process_named_running('dhcp6c', 'veth1')
['/usr/sbin/dhcp6c', '-D', '-k', '/run/dhcp6c/dhcp6c.veth1.sock', '-c',
'/run/dhcp6c/dhcp6c.veth1.conf', '-p', '/run/dhcp6c/dhcp6c.veth1.pid', 'veth1']
4253
Where the debug list returned is the commandline searched.
|
|
Connection ID Username Protocol State Uptime Tunnel IP
--------------- ---------- ---------- ------- -------- -----------------
27 cpo IKEv2 UP 11s ['172.16.222.17']
"Tunnel IP" should be a string over list.
|
|
This is a radvd limitation.
|
|
|
|
* t5242-smoketest-dynamic:
smoketest: T5242: automatically detect interface "capabilities"
geneve: T2630: change lower limit MTU to 1200 bytes
gitignore: T5242: add XML dict cache file
bridge: T4579: fix error message for bridge and bond membership
T5242: example use of cli_defined
xml: T5242: add cli_defined boolean test for node existing under path
|
|
Current state of vyos-1x smoketests have hardcoded features to test. The
feature support is inside the base class BasicInterfaceTest
class BasicInterfaceTest:
class TestCase(VyOSUnitTestSHIM.TestCase):
_test_dhcp = False
_test_ip = False
_test_mtu = False
_test_vlan = False
_test_qinq = False
_test_ipv6 = False
_test_ipv6_pd = False
_test_ipv6_dhcpc6 = False
_test_mirror = False
All derived classes need to enable the tests that are supported on this
interface type. Adding new feature to a given interface (like vif support in
T5237) require manually enabling those tests for the given interface.
It would make much more sense, if we can query the config backend for supported
interface options - or in other words - is there a CLI node available that
corresponds to set interfaces ethernet <name> vif - if that's the case,
_test_vlan = True.
|
|
|
|
|
|
|
|
t5242-smoketest-dynamic
* 'cli-defined' of https://github.com/jestabro/vyos-1x:
T5242: example use of cli_defined
xml: T5242: add cli_defined boolean test for node existing under path
|
|
|
|
If non_local=False (default), cli_defined returns True if the node is a
child of the path in interface-definitions; otherwise True if node is a
descendent of the path.
|
|
T5237: Add support VLANs and QinQ for virtual-ethernet interfaces
|
|
Ability to use 'vif' and 'vif-s' for virtual-ethernet "vethX" interfaces
set interfaces virtual-ethernet veth10 vif 50
|
|
|
|
|
|
xml: T5218: revise vyos xml lib for bug fixes and extensions
|
|
|
|
Operations get_defaults and get_config_defaults return default values
only for nodes with parent in the config dict (get_config_defaults) or
at the path (get_defaults). To include default values of decendent
nodes, set option recursive=True.
|
|
T5230: Added missing enforce-first-as option to bgp protocol common c…
|
|
T5222: reverse-proxy fix listen-address template and add smoketest
|
|
and frr bgp jinja template.
|
|
|
|
To accept a Proxy Protocol header on incoming TCP connections,
add an accept-proxy parameter to the bind line in a frontend section.
This parameter detects both Proxy Protocol version 1 (text format)
and Proxy Protocol version 2 (binary format).
set load-balancing reverse-proxy backend <tag> server <tag> send-proxy
|
|
Load-balancing reverse-proxy listen-address is multi-value node
Use bracketize for correct set bind config for IPv6 addresses
Listen by default IPv4 and IPv6 if listen-address is not defined
|
|
T5222: Refactoring load-balancing reverse-proxy
|
|
Improve and refactoring "load-balancing reverse-proxy"
- replace 'reverse-proxy server <tag>'
=> 'reverse-proxy service <tag>'
- replace 'reverse-proxy global-parameters tls <xxx>'
=> 'reverse-proxy global-parameters tls-version-min xxx'
=> 'reverse-proxy global-parameters ssl-bind-ciphers xxx'
- replace 'reverse-proxy service https rule <tag> set server 'xxx'
=> 'reverse-proxy service https rule <tag> set backend 'xxx'
'service https rule <tag> domain-name xxx' set as multinode
|
|
|
|
mdns: T5227: Relax 'allow-service' pattern
|
|
Relax allow service pattern to allow for '.' as well for SRV records.
|
|
|
|
|
|
Sync up with commit 96d846d27ac ("T5226: Combine ipv4-address and ipv6-address
validators")
|
|
constraint
|
|
T5222: Add load-balancing for web traffic
|
|
T5226: Standardize hostname and IP address validators and constraints
|
|
mdns: T5227: Add support for browse domains and service filters
|
|
|
|
Allow listing additional browse domains (in addition to the default
'local') so that custom domains can be reflected.
Additionally, allow filtering the services that are allowed to be
reflected across multiple (V)LANs.
|
|
|
|
Make host-name constraints consistent across all definitions
|
|
Use a single ip-address validator to combine and replace ipv4-address
and ipv6-address validators.
|
|
T5224: Fix `del system syslog`
|
|
Revert "veth: T3829: Allow moving veth into netns"
|
|
netns management for any Vyos interfaces doesn't work past the initial
creation, because Vyos always tries to recreate it/move it into the
netns even though it already exists. Until this is fixed, don't let
anyone even attempt to use this:
set interfaces virtual-ethernet veth10 peer-name 'veth100'
set interfaces virtual-ethernet veth100 netns 'ns01'
set interfaces virtual-ethernet veth100 peer-name 'veth10'
set netns name ns01
commit
vyos@r14# sudo ip netns exec ns01 ip link show
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
12: veth100@if13: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether ee:8f:0b:bd:a2:f8 brd ff:ff:ff:ff:ff:ff link-netnsid 0
[edit]
vyos@r14#
set interfaces virtual-ethernet veth100 description MyNetns
commit
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/interfaces-virtual-ethernet.py", line 111, in <module>
apply(c)
File "/usr/libexec/vyos/conf_mode/interfaces-virtual-ethernet.py", line 101, in apply
p.update(veth)
File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 1413, in update
self.set_netns(config.get('netns', ''))
File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 552, in set_netns
self.set_interface('netns', netns)
File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 183, in set_interface
return self._set_command(self.config, name, value)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 110, in _set_command
return self._command_set[name].get('format', lambda _: _)(self._cmd(cmd))
^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 52, in _cmd
return cmd(command, self.debug)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/util.py", line 161, in cmd
raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: ip link set dev veth100 netns ns01
returned:
exit code: 1
noteworthy:
cmd 'ip link set dev veth100 netns ns01'
returned (out):
returned (err):
Cannot find device "veth100"
This reverts commit f5cc8453860568351cd9b3b7a05d06e1462460e8.
|
|
Avoids the following warning, and any external service from
re-activating syslog via systemd socket activation:
frebib@vyos# commit
[ system syslog ]
DEBUG/COMMAND returned (err):
Warning: Stopping syslog.service, but it can still be activated by:
syslog.socket
DEBUG/COMMAND cmd 'systemctl stop syslog.service'
Signed-off-by: Joe Groocock <me@frebib.net>
|
|
os.unlink() is the correct function:
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/system-syslog.py", line 146, in <module>
generate(c)
File "/usr/libexec/vyos/conf_mode/system-syslog.py", line 114, in generate
os.path.unlink(rsyslog_conf)
^^^^^^^^^^^^^^
AttributeError: module 'posixpath' has no attribute 'unlink'
Signed-off-by: Joe Groocock <me@frebib.net>
|
|
There is no need for the backend code to call ethtool and try to change speed or
duplex settings every time there is a change in the interface configuration,
but no change for the speed/duplex subnodes. This also makes the commit itself
faster when working with ethernet interfaces.
Bonus: no repeating CLI messages that the driver does not support speed/duplex
changes, as we do not change anything here.
Extension to commit f2ecc9710 ("ethernet: T3891: honor auto-negotiation support
per NIC")
|
|
This reverts commit dd59e375bee722c220c58b047ff5c6e533cc7a00.
|
|
When enabling identity-based-config, users can add arbitrary config keys
that are processed by ocserv. The user "must know" what he is been doing, as
invalid config option will make the ocserv daemon go ... whoop!
Thus add a warning and inform the user about this setting.
|