summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-07-10smoketest: bond: add testcase for source-interface re-useChristian Poessinger
A bond member is not allowed to also be used as a source interface for e.g. PPPoE or MACsec.
2022-07-09Merge pull request #1405 from sever-sever/T4499Daniil Baturin
nat: T4499: Fix NAT not showing a single flow entry
2022-07-09nat: T4499: Fix NAT not showing a single flow entryViacheslav Hletenko
We must change dictionary if we get only onle flow entry I.e one NAT record With single entry we get: OrderedDict([('meta', xxx])) We expect: [OrderedDict([('meta', xxx]))]
2022-07-09Makefile: T4515: change from negative logic to positive logicChristian Poessinger
2022-07-09ip: T4517: drop forwarding from CLI "system ip ↵Christian Poessinger
disable-directed-broadcast-forwarding"
2022-07-09ip: T4517: add option to enable directed broadcast forwardingYuxiang Zhu
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1.
2022-07-09telegraf: T4515: we do not ship telegraf on arm64 builds - remove CLI ↵Christian Poessinger
definitions
2022-07-09Merge pull request #1404 from sever-sever/T4145Christian Poessinger
conntrack: T4145: Add show conntrack table ipv4
2022-07-09conntrack: T4145: Add show conntrack table ipv4Viacheslav Hletenko
After firewall rewriting, we lost the ability to show conntrack table as it used old code Rewrite and add it to XML/Python
2022-07-08Merge pull request #1401 from sever-sever/T4411Christian Poessinger
monitoring: T4411: Migrate influxdb options to influxdb node
2022-07-07smoketest: T4411: Add influxdb nodeViacheslav Hletenko
2022-07-07Merge pull request #1397 from sever-sever/T4503Christian Poessinger
op-mode: T4503: Prevent restart service if commit in progress
2022-07-07monitoring: T4411: Migrate influxdb options to influxdb nodeViacheslav Hletenko
As we have specific configuration for each plugin: set service monitoring telegraf xxx - azure-data-explorer - prometheus-client - splunk We should to move configuration that related to influxdb under influxdb node Replace: set service monitoring telegraf - authentication xxx - bucket xxx - port xxx - url To: set service monitoring telegraf influxdb xxx
2022-07-07op-mode: T4503: Prevent restart service if commit in progressViacheslav Hletenko
Prevent op-mode scripts from restarting services if commit in progress
2022-07-07op-mode: T3457: rename "mon log colored" -> "mon log color"Christian Poessinger
2022-07-07dns: op-mode: T2488: retrieve log info from journalctlChristian Poessinger
2022-07-07dns: T4509: improve 6to4 error messageChristian Poessinger
2022-07-07smoketest: dns: T4509: use dedicated 6to4 testcaseChristian Poessinger
2022-07-07smoketest: dns: forwarding: use setUpClass()Christian Poessinger
2022-07-07Merge pull request #1399 from sarthurdev/T4500Christian Poessinger
syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotate
2022-07-07syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotatesarthurdev
After discussion with @zsdc this was decided the better long term fix * Removes hourly logrotate cron in favour of systemd timer override
2022-07-06Merge pull request #1398 from sarthurdev/T4500Christian Poessinger
firewall: T4500: Fix logrotate size to match rsyslog default value
2022-07-06firewall: T4500: Fix logrotate size to match rsyslog default valuesarthurdev
2022-07-06Merge pull request #1395 from aapostoliuk/T4513Viacheslav Hletenko
webproxy: T4513: Fixed path to webroxy log files
2022-07-06webproxy: T4513: Fixed path to webroxy log filesaapostoliuk
Fixed path to webproxy log files in webproxy monitor commands
2022-07-05Merge pull request #1394 from sarthurdev/zone_default_logChristian Poessinger
zone-policy: T4512: Add support for `enable-default-log`
2022-07-05Merge pull request #1393 from sarthurdev/firewall_migrateChristian Poessinger
firewall: T2199: Fix migration when `icmpv6 type` is an integer
2022-07-05zone-policy: T4512: Add support for `enable-default-log`sarthurdev
2022-07-05firewall: T2199: Fix migration when `icmpv6 type` is an integersarthurdev
2022-07-05Merge pull request #1389 from sever-sever/T4509Christian Poessinger
dns: T4509: Add dns64-prefix option
2022-07-05op-mode: bgp: T4494: re-use available building blocks for BGP resetsChristian Poessinger
2022-07-05op-mode: bgp: T4494: add "reset bgp" op-mode treeChristian Poessinger
2022-07-05dns: T4509: Add dns64-prefix optionViacheslav Hletenko
rfc6147: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers set service dns forwarding dns64-prefix 2001:db8:aabb::/96
2022-07-05op-mode: bgp: T4494: drop incomplete "reset ipv6 bgp" commandChristian Poessinger
2022-07-05Merge pull request #1379 from sever-sever/T4494Christian Poessinger
bgp: T4494: Ability to reset bgp in VRF
2022-07-04Merge pull request #1386 from sarthurdev/geoip_negateChristian Poessinger
firewall: T4299: Add ability to inverse match country-codes
2022-07-04firewall: T4299: Add ability to inverse match country codessarthurdev
2022-07-04ntp: T4456: call verify_vrf() before individual interface validationChristian Poessinger
It makes no sense to test against a VRF that might not exist at all.
2022-07-04dhclient: T2393: fix "Failed to parse boolean value, ignoring: SIGKILL"Christian Poessinger
Commit 19789463 ("dhclient: T2393: introduce 20 seconds stop timeout - required for smoketesting on Qemu") assigned a string to a boolean field. This has been fixed.
2022-07-04ntp: T4456: support listening on specified interfaceChristian Poessinger
When clients only use DHCP for interface addressing we can not bind NTPd to an address - as it will fail if the address changes. This commit adds support to bind ntpd to a given interface in addition to a given address. set system ntp interface <name>
2022-07-04xml: include: interface - fix help stringChristian Poessinger
2022-07-04Merge pull request #1382 from sever-sever/T4378Viacheslav Hletenko
dns: T4378: Allow wildcard A AAAA record with option all
2022-07-04Merge pull request #1388 from zdc/T4528-sagittaChristian Poessinger
event-handler: T4508: Fixed environment variables
2022-07-04event-handler: T4508: Fixed environment variableszsdc
Fixed usage of environment variables - made an individual environment variable for an event a true copy, instead of a reference to a single environ dictionary. Also, reorganized imports according to PEP8.
2022-07-04dns: T4378: Allow wildcard A AAAA record with option anyViacheslav Hletenko
Ability to set wildcard record for authoritative-domain set authoritative-domain example.com records a any address 192.0.2.11 cat /run/powerdns/zone.example.com.conf * 300 A 192.0.2.11
2022-07-04smoketest: bridge: T4498: add IGMP testcaseChristian Poessinger
2022-07-04Merge pull request #1385 from sarthurdev/ovpn-test-pkiChristian Poessinger
smoketest: T4485: Add CRL for configtest, add script for configtest PKI objects
2022-07-03Merge pull request #1387 from sever-sever/T4507Christian Poessinger
ipoe: T4507: Add option rate-limit for RADIUS authentication
2022-07-02ipoe: T4507: Add option rate-limit for RADIUS authenticationViacheslav Hletenko
Add rate-limit options: attribute, muptiplier and vendor set service ipoe-server auth radius rate-limit attribute 'Mikrotik-Rate-Limit' set service ipoe-server auth radius rate-limit enable set service ipoe-server auth radius rate-limit multiplier '0.001' set service ipoe-server auth radius rate-limit vendor 'Miktorik'
2022-07-01smoketest: T4485: Move smoketest PKI generation to vyos-1xsarthurdev
Allows easy creation of test PKI objects using `vyos.pki` module Generates objects for PKI migration tests