summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-07-15bond: T4525: fix adding member interface to bond after removing VRFChristian Poessinger
When removing a VRF from an ethernet interface and adding the interface to a bond in the same commit led to an OSError: [Errno 16] Device or resource busy!
2022-07-15vyos.configdict(): T4228: is_member() must return member interface config dictChristian Poessinger
This extends commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") and returns the config dict of the used member interfaces.
2022-07-15bond: bridge: T4534: error out if member interface is assigned to a VRF instanceChristian Poessinger
It makes no sense to enslave an interface to a bond or a bridge device if it is bound to a given VRF. If VRFs should be used - the encapuslating/master interface should be part of the VRF. Error out if the member interface is part of a VRF.
2022-07-14Merge pull request #1413 from DaniilHarun/currentChristian Poessinger
interface: T4056: Fix unexpected delete tc qdisc
2022-07-14interface: T4056: Fix unexpected delete tc qdiscDaniilHarun
2022-07-13Merge pull request #1411 from srividya0208/T4493Christian Poessinger
op-mode: T4493: Incorrect completion help of "show bgp neighbors"
2022-07-13op-mode: T4493: Incorrect completion help of "show bgp neighbors"srividya0208
the operational command "show bgp neighbors" is common for ipv4 and ipv6 so "IPv4" keyword in the help description might mislead.
2022-07-12Merge pull request #1409 from sever-sever/T4257Christian Poessinger
vrf: T4527: Prevent to create VRF with reserved names
2022-07-12vrf: T4527: Prevent to create VRF with reserved namesViacheslav Hletenko
VRF names: "add, all, broadcast, default, delete, dev, get, inet, mtu, link, type, vrf" are reserved and cannot be used for vrf name
2022-07-11smoketest: bridge: also test QinQ bridge member interfacesChristian Poessinger
2022-07-11vyos.configdict(): T4228: is_member() must split VLAN interfacesChristian Poessinger
Commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") added a bugfix on calling is_member() to retrieve the real physical information about an interface. It did not include a code path to also split up VLAN interfaces. This has been fixed.
2022-07-10bond: T4522: add ability to specify mii monitor interval via CLIChristian Poessinger
Linux Kernel supports to specify the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. A value of 100 is a good starting point. The default value is 100. set interfaces bonding bond0 mii-mon-interval <n>
2022-07-10smoketest: bond: remove second instance of layer2+3 hash-policy testChristian Poessinger
2022-07-10vyos.configdict(): T4228: is_member() must use the "real" hardware interfaceChristian Poessinger
When is_member() is inspecting the bridge/Bond member interfaces it must work with the real interface (e.g. eth1) under the "ethernet" node and not work on the "member interface eth1" CLI tree, that makes no sense at all.
2022-07-10bond: T1557: re-add miimon configuration - lost in translationChristian Poessinger
2022-07-10bond: T4521: ARP monitor interval is not configured despite set via CLIChristian Poessinger
The code path for changing the interval is never executed.
2022-07-10smoketest: bond: add testcase for conflicting bridge memberChristian Poessinger
A bond member can not also be used as a member of a bridge interface.
2022-07-10smoketest: bond: add testcase for source-interface re-useChristian Poessinger
A bond member is not allowed to also be used as a source interface for e.g. PPPoE or MACsec.
2022-07-09Merge pull request #1405 from sever-sever/T4499Daniil Baturin
nat: T4499: Fix NAT not showing a single flow entry
2022-07-09nat: T4499: Fix NAT not showing a single flow entryViacheslav Hletenko
We must change dictionary if we get only onle flow entry I.e one NAT record With single entry we get: OrderedDict([('meta', xxx])) We expect: [OrderedDict([('meta', xxx]))]
2022-07-09Makefile: T4515: change from negative logic to positive logicChristian Poessinger
2022-07-09ip: T4517: drop forwarding from CLI "system ip ↵Christian Poessinger
disable-directed-broadcast-forwarding"
2022-07-09ip: T4517: add option to enable directed broadcast forwardingYuxiang Zhu
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1.
2022-07-09telegraf: T4515: we do not ship telegraf on arm64 builds - remove CLI ↵Christian Poessinger
definitions
2022-07-09Merge pull request #1404 from sever-sever/T4145Christian Poessinger
conntrack: T4145: Add show conntrack table ipv4
2022-07-09conntrack: T4145: Add show conntrack table ipv4Viacheslav Hletenko
After firewall rewriting, we lost the ability to show conntrack table as it used old code Rewrite and add it to XML/Python
2022-07-08Merge pull request #1401 from sever-sever/T4411Christian Poessinger
monitoring: T4411: Migrate influxdb options to influxdb node
2022-07-07smoketest: T4411: Add influxdb nodeViacheslav Hletenko
2022-07-07Merge pull request #1397 from sever-sever/T4503Christian Poessinger
op-mode: T4503: Prevent restart service if commit in progress
2022-07-07monitoring: T4411: Migrate influxdb options to influxdb nodeViacheslav Hletenko
As we have specific configuration for each plugin: set service monitoring telegraf xxx - azure-data-explorer - prometheus-client - splunk We should to move configuration that related to influxdb under influxdb node Replace: set service monitoring telegraf - authentication xxx - bucket xxx - port xxx - url To: set service monitoring telegraf influxdb xxx
2022-07-07op-mode: T4503: Prevent restart service if commit in progressViacheslav Hletenko
Prevent op-mode scripts from restarting services if commit in progress
2022-07-07op-mode: T3457: rename "mon log colored" -> "mon log color"Christian Poessinger
2022-07-07dns: op-mode: T2488: retrieve log info from journalctlChristian Poessinger
2022-07-07dns: T4509: improve 6to4 error messageChristian Poessinger
2022-07-07smoketest: dns: T4509: use dedicated 6to4 testcaseChristian Poessinger
2022-07-07smoketest: dns: forwarding: use setUpClass()Christian Poessinger
2022-07-07Merge pull request #1399 from sarthurdev/T4500Christian Poessinger
syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotate
2022-07-07syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotatesarthurdev
After discussion with @zsdc this was decided the better long term fix * Removes hourly logrotate cron in favour of systemd timer override
2022-07-06Merge pull request #1398 from sarthurdev/T4500Christian Poessinger
firewall: T4500: Fix logrotate size to match rsyslog default value
2022-07-06firewall: T4500: Fix logrotate size to match rsyslog default valuesarthurdev
2022-07-06Merge pull request #1395 from aapostoliuk/T4513Viacheslav Hletenko
webproxy: T4513: Fixed path to webroxy log files
2022-07-06webproxy: T4513: Fixed path to webroxy log filesaapostoliuk
Fixed path to webproxy log files in webproxy monitor commands
2022-07-05Merge pull request #1394 from sarthurdev/zone_default_logChristian Poessinger
zone-policy: T4512: Add support for `enable-default-log`
2022-07-05Merge pull request #1393 from sarthurdev/firewall_migrateChristian Poessinger
firewall: T2199: Fix migration when `icmpv6 type` is an integer
2022-07-05zone-policy: T4512: Add support for `enable-default-log`sarthurdev
2022-07-05firewall: T2199: Fix migration when `icmpv6 type` is an integersarthurdev
2022-07-05Merge pull request #1389 from sever-sever/T4509Christian Poessinger
dns: T4509: Add dns64-prefix option
2022-07-05op-mode: bgp: T4494: re-use available building blocks for BGP resetsChristian Poessinger
2022-07-05op-mode: bgp: T4494: add "reset bgp" op-mode treeChristian Poessinger
2022-07-05dns: T4509: Add dns64-prefix optionViacheslav Hletenko
rfc6147: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers set service dns forwarding dns64-prefix 2001:db8:aabb::/96