summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-21ospf: T5102: do not always redistribute babel routesChristian Breunig
2023-03-21dhcp: pppoe: T5104: fix VRF comparisonsBrandon Stepler
2023-03-21Merge pull request #1902 from nicolas-fort/T5050-logChristian Breunig
T5050: fix smoketest policy_route, which was failing after previos co…
2023-03-21T5050: fix smoketest policy_route, which was failing after previos commit ↵Nicolas Fort
was merged
2023-03-21T5099: IPoE-server add option next-pool for named ip poolsViacheslav Hletenko
In cases with multiple named IP pools, it is required the option 'next' to be sure that if IP addresses ended in one pool, then they would begin to be allocated from the next named pool. For accel-ppp it requires specific order as pool must be defined before we can use it with the 'next-option' set service ipoe-server client-ip-pool name first-pool subnet '192.0.2.0/25' set service ipoe-server client-ip-pool name first-pool next-pool 'second-pool' set service ipoe-server client-ip-pool name second-pool subnet '203.0.113.0/25' [ip-pool] 203.0.113.0/25,name=second-pool 192.0.2.0/25,name=first-pool,next=second-pool
2023-03-21Merge pull request #1889 from nicolas-fort/T5050-logViacheslav Hletenko
T5050: Firewall: Add log options
2023-03-21T5050: Firewall: Add log optionsNicolas Fort
2023-03-21Merge pull request #1899 from rgwan/currentChristian Breunig
pppoe: T5098: allow user to set pppd holdoff option
2023-03-21pppoe: T5098: allow user to set pppd holdoff optionZhiyuan Wan
2023-03-20Merge pull request #1896 from jestabro/raw-list-openvpnDaniil Baturin
openvpn: T5095: raw output should return list instead of dict
2023-03-17Merge pull request #1898 from sever-sever/T5086-defChristian Breunig
T5086: Fix sflow fix default values for server
2023-03-17T5086: Fix sflow fix default values for serverViacheslav Hletenko
We drop default values 'port' but don't set it again per server Fix it
2023-03-17Merge pull request #1897 from sever-sever/T5086Christian Breunig
T5086: Add sFlow drop-monitor-limit option
2023-03-17T5086: Add sFlow drop-monitor-limit optionViacheslav Hletenko
hsflowd will export the headers of dropped packets (along with the name of the function in the Linux kernel where that skb was dropped) as part of the standard sFlow feed. This measurement complements the sFlow packet sampling and counter-telemetry well because it provides visibility into the traffic that is not flowing. Very helpful for troubleshooting. The limit (a rate limit max of N drops per second sent out in the sFlow datagrams) is the parameter you would set in the CLI. set system sflow drop-monitor-limit 50
2023-03-16Merge pull request #1895 from sever-sever/T5091Christian Breunig
T5091: IPoE-server verify RADIUS settings
2023-03-16opmode: T4837: support ip route display for specific prefixes inside VRFChristian Breunig
2023-03-16Merge pull request #1893 from sever-sever/T5092Christian Breunig
T5092: IPoE-server named pool must not rely on auth type
2023-03-16Merge pull request #1891 from sever-sever/T5086Christian Breunig
T5086: Add sFlow feature based on hsflowd
2023-03-16openvpn: T5095: raw output should return list instead of dictJohn Estabrook
2023-03-16ipsec: T5043: Rewritten and fixed 'reset vpn' commandsaapostoliuk
1. Rewritten CLI of 'reset vpn' commands. 2. Created 'reset vpn ipsec remote-access' commands to reset RA IKEv2 session. 3. Created 'reset vpn ipsec site-to-site all' command to reset all configured IPSec site-to-site peers sessions. 4. Rewritten 'reset vpn l2t|pptp|sstp' commands to new opmode style.
2023-03-16T5091: IPoE-server verify RADIUS settingsViacheslav Hletenko
As we don't have global option 'gateway-address' for ipoe-server we cannot use general configverify.verify_accel_ppp_base_service Add verify radius setting for configuration mode 'radius' Radius authentication required at least one RADIUS server
2023-03-16T5092: IPoE-server named pool must not rely on auth typeViacheslav Hletenko
Named pools for ipoe-server must not rely on autentication type It is a separate global option for [ipoe] and [ip-pool] sections
2023-03-16T5086: Add sFlow feature based on hsflowdViacheslav Hletenko
Add sFlow feature based on hsflowd According to user reviews, it works more stable and more productive than pmacct I haven't deleted 'pmacct' 'system flow-accounting sflow' yet It could be migrated or deprecated later set system sflow agent-address '192.0.2.14' set system sflow interface 'eth0' set system sflow interface 'eth1' set system sflow polling '30' set system sflow sampling-rate '100' set system sflow server 192.0.2.1 port '6343' set system sflow server 192.0.2.11 port '6343'
2023-03-14Merge pull request #1890 from nicolas-fort/T5055Viacheslav Hletenko
T5055: NAT: extend packet-type to NAT
2023-03-14T5055: NAT: extend packet-type match option which was previously introduced ↵Nicolas Fort
in firewall, to NAT
2023-03-14Merge pull request #1888 from sever-sever/T5085Christian Breunig
T5085: Fix ipv6 route-map for ospfv3
2023-03-14T5085: Fix ipv6 route-map for ospfv3Viacheslav Hletenko
Add template to generate zebra "ipv6 protocol ospf6 route-map xxx"
2023-03-13Merge pull request #1886 from sever-sever/T2516Christian Breunig
T2516: Exclude veth interfaces from duplex and speed check
2023-03-13T2516: Exclude veth interfaces from duplex and speed checkViacheslav Hletenko
Exclude interfaces with 'veth' driver from duplex and speed check
2023-03-12Debian: bump compat (debian helper) version 10 -> 12Christian Breunig
2023-03-12Revert "Debian: T2216: add netavark dependency for podman containers"Christian Breunig
This reverts commit 9ed4113d6c4809a0126d04c99d60eaa76a7b6b15.
2023-03-11container: T5003: add dependency on fuse-overlayfsChristian Breunig
Fix podman error about invalid storage: [graphdriver] prior storage driver overlay failed: 'overlay' is not supported over overlayfs, a mount_program is required: backing file system is unsupported for this graph driver" Error: 'overlay' is not supported over overlayfs, a mount_program is required: backing file system is unsupported for this graph driver.
2023-03-11keepalived: T5003: remove Debian default config path from ConditionFileNotEmptyChristian Breunig
Also ExecReload is a duplicate of the base service file
2023-03-11Debian: T2216: add netavark dependency for podman containersChristian Breunig
2023-03-11keepalived: T5003: move to Debian upstream versionChristian Breunig
2023-03-11Debian: remove python3-pyhumps from build dependencies, provided via pip in ↵Christian Breunig
container
2023-03-10openvpn: xml: T1843: re-use generic username and password building blockChristian Breunig
2023-03-10rpki: xml: T3255: re-use generic username building blockChristian Breunig
2023-03-10system: proxy: xml: T1843: re-use generic username and password building blockChristian Breunig
2023-03-10Merge pull request #1871 from nicolas-fort/T5055Christian Breunig
T5055: Firewall: add packet-type matcher in firewall and route policy
2023-03-10container: T4959: add registry authentication optionChristian Breunig
Container registry CLI node changed from leafNode to tagNode with the same defaults. In addition we can now configure an authentication option per registry.
2023-03-10schema: T5079: extension to support defaultValues on tagNodesChristian Breunig
2023-03-10xml: bgp: T5070: split out CLI definitions to include files which can be reusedChristian Breunig
2023-03-10Merge pull request #1884 from sever-sever/T5058Christian Breunig
T5058: Fix range_to_regex list argument
2023-03-10T5058: Fix range_to_regex list argumentViacheslav Hletenko
Values of the list for the 'range_to_regex' could be not only range values as ['10-20', '22-30'] but also and not range values like ['10-20', '30', '80'] Fix if we args is list and non range values are exists in ths list % range_to_regex(['10-20', '80']) '(1\\d|20|80)'
2023-03-10Merge pull request #1876 from jestabro/codegenChristian Breunig
graphql: T5068: generate client operations for code generation tools
2023-03-10Merge pull request #1880 from ichdasich/add_bgp_nexthop_to_vrfChristian Breunig
T5070: Added show bgp martian/show bgp nexthop to bgp in vrf
2023-03-10Merge pull request #1883 from sever-sever/T4973Christian Breunig
T4973: DHCP server fix output for long leases
2023-03-10Merge pull request #1882 from aapostoliuk/T5074-sagittaChristian Breunig
util: T5074: Fixed decoding of certificate value to UTF-8 string
2023-03-10T4973: DHCP server fix output for long leasesViacheslav Hletenko
With long lease time for example lease '4294967295' seconds it is impossible to get end lease as value is 'ends never;' It cause error to get timestamp() from 'ends never' and remaining time 'lease.end - datetime.utcnow()' Set default remaining and end lease to '-' if we cannot get this info