summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-10-05nat: T2951: use proper comments for source/destination loggingChristian Poessinger
For both source and destination NAT always the LOG name contained DST - which is definately false. This has been corrected to use SRC and DST on the appropriate rules.
2020-10-04smoketest: ntp: T2944: fix "allowed-networks statement" testChristian Poessinger
Remove duplicate localhost listen IP addresses. Commit ca61add5e7 ("ntp: T2944: By default do not listen port 123 on any address") explicitly added listen statements for localhost.
2020-10-04sstp: T2960: migrate to get_config_dict() and reusable templatesChristian Poessinger
2020-10-04pppoe-server: T2953: prepare common chap-secrets fileChristian Poessinger
2020-10-04pppoe-server: T2829: shift config migrators by oneChristian Poessinger
As VyOS vrux (1.2.7) requires a mirgator (1-to-2) for the MPPE node change (T2829) we need to shift all other migrators in 1.3 by one. As migrators probe the existance of nodes no negative side-effects are expected.
2020-10-04pppoe-server: migrators: fix python styleChristian Poessinger
2020-10-04pppoe-server: T2829: fix broken migration script (exit called)Christian Poessinger
A test statement was still present in the production code introduced in commit efeac80f8 ("pppoe-server: T2829: migrate 'ppp-options mppe' to leafNode"). This has been fixed.
2020-10-04l2tp: pptp: pppoe-server: T2953: use common Accel-PPP MTU include fileChristian Poessinger
2020-10-04l2tp: pptp: sstp: pppoe-server: T2953: use common include for client-ip-poolChristian Poessinger
2020-10-04pppoe-server: T2953: rename CLI local-ip to gateway-addressChristian Poessinger
Required to get a common CLI for all services provided by Accel-PPP. Once the CLI for each service is consitent - Jinja2 templates can be reused together with get_config_dict().
2020-10-04xml: include: add comment about source filename to every include snippetChristian Poessinger
2020-10-04sstp: T2953: migrate gateway-address, client-ip-settings to common levelChristian Poessinger
* move "network-settings gateway-address" to "gateway-address" * move "network-settings client-ip-settings" to "client-ip-pool"
2020-10-03sstp: T2953: migrate mtu to common levelChristian Poessinger
Preparation before using get_config_dict() and common Jinja2 templates.
2020-10-03smoketest: sstp: pppoe: use common RADIUS testsChristian Poessinger
2020-10-03vpn: sstp: T2008: set DA/CoA default port 1700Christian Poessinger
2020-10-03smoketest: sstp: add basic testsChristian Poessinger
2020-10-03sstp: T2953: migrate name-server settions to common levelChristian Poessinger
In order to reuse as much as possible before migrationg to get_config_dict() and re-use Jinja2 snippets the name-server node must be moved one level up to 'set vpn sstp name-server'.
2020-10-03openvpn: T2957: fix path to openvpn status fileChristian Poessinger
2020-10-03openvpn: T2957: Marcus Hoff
Status file directory for show command was wrong, resulting in no output. Now points to '/var/run/openvpn/{}.status'
2020-10-03smoketest: accel-ppp: prepare common base for multiple accel instance testsChristian Poessinger
2020-10-03pppoe-server: T2936: three IPv6 name-servers are supportedChristian Poessinger
2020-10-03pppoe-server: T2936: move v4/v6 nameserver lists out of for loopChristian Poessinger
2020-10-03Merge remote-tracking branch 'upstream/current' into currentMarcus Hoff
2020-10-03pppoe-server: T2956: make use of defaultValue list featureChristian Poessinger
2020-10-03vyos.xml: T2956: add support for list of defaultValuesChristian Poessinger
Sometimes (PPPoE server is one of them) a simple defaultValue in the XML is not enough - several values should be set. In order to support a list of defaultValues you can now simply list them as a whitespace separated string. Example: <defaultValue>pap chap mschap mschap-v2</defaultValue> will generate a Python list ['pap', 'chap', 'mschap', 'mschap-v2'] when retrieved by vyos.xml.defaults()
2020-10-03accel-ppp: T2953: fix missing defaultValue on mppeChristian Poessinger
Commit ba050937 ("accel-ppp: T2953: drop redundant CLI definitions ") dropped the defaultValue of 'prefer' for MPPE making the smoketests fail. This has been corrected.
2020-10-02configd: T2952: synchronize received messages in case of client timeoutJohn Estabrook
2020-10-02configd: T2582: catch config initialization errorsJohn Estabrook
2020-10-02configd: T2582: remove unused variablesJohn Estabrook
2020-10-02Merge pull request #559 from sever-sever/T2944Christian Poessinger
ntp: T2944: By default do not listen port 123 on any address
2020-10-02sstp: T2953: migrate ppp-settings to ppp-options nodeChristian Poessinger
2020-10-02acces-ppp: T2953: drop redundant CLI definitionsChristian Poessinger
2020-10-01wireless: T2653: mangle RADIUS default valuesChristian Poessinger
With commit 38ae3032 ("pppoe-server: T2936: move to get_config_dict()") there are now RADIUS default values present in the XML definitions - those must be proberly mangled for the WiFi interface.
2020-10-01vlan: configdict: T2945: determine if vlan is part of bridgeChristian Poessinger
Every interface knows if it is part of a bridge or not - except a VLAN (VIF) interface. Also VLANs should be aware of its master bridge. Add a testcase to ensure when VIFs on an interface change the bridge does not loos one of it's members.
2020-10-01nat: T2948: fix validation of IP address rangeChristian Poessinger
2020-10-01configdict: T2372: use config.exists() when probing for interface removalChristian Poessinger
We must use exists() as get_config_dict() will always return {} - even when an empty interface node like +macsec macsec1 { +} exists.
2020-10-01macsec: T2023: use proper config path for source-interface on removalChristian Poessinger
The config path is altered in get_interface_dict() to the base of the interface in question, e.g. 'interfaces macsec macsec1' - this must be reflected when calling othe methods of Config().
2020-10-01pppoe-server: T2936: move to get_config_dict()Christian Poessinger
For easier configuration read in (CLI) validation and also template rendering it makes sense to drop the old, single implementation and move to the new, generic get_config_dict() approach. Recurring configuration parts like ip-pool, ipv6-pool and nameservers have also been split our into individual templates which will be included through Jinja2 - leading to a single-source of the template sections, too.
2020-10-01ntp: T2944: By default do not listen port 123 on any addresssever-sever
2020-09-30wireguard: T2939: bugfix when removing individual peersChristian Poessinger
When individual peers that have been removed got determined they have been added to the config dict as list instead of string - which broke the system plumbing commands as they can not handle a Python list.
2020-09-30macsec: T2023: only remove interface when it existsChristian Poessinger
If for whatever reason the macsec interface dropped out of the Kernel - only call .remove() when it still exists to avoid any exceptions at all.
2020-09-29Merge pull request #557 from sever-sever/T2933Christian Poessinger
vrrp: T2933: Add option virtual-address-excluded
2020-09-29vrrp: T2933: Add option virtual-address-excludedsever-sever
2020-09-28Merge pull request #555 from DmitriyEshenko/cur-1x-pppoe-csid-formatChristian Poessinger
pppoe-server: T2919: Add possibility change Called-Station-Id format
2020-09-28pppoe-server: T2919: Add possibility change Called-Station-Id formatDmitriyEshenko
2020-09-27vxlan: geneve: T2930: add CLI node to set MAC addressChristian Poessinger
2020-09-26Merge pull request #554 from sever-sever/T2918Christian Poessinger
accel-ppp: T2918: Add accounting interim jitter option
2020-09-26macsec: T2023: shift priority to run on vxlan/geneve source-interfaceChristian Poessinger
2020-09-26accel-ppp: T2918: Add accounting interim jitter optionsever-sever
2020-09-26macsec: vxlan: T2653: bugfix in verify() on lower interface MTU sizeChristian Poessinger
Introduced in commit 818a75c024e ("ifconfig: T2653: get_mtu() should return int() for easier comparison") where the variable used in the formatted string has not been adjusted.