summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-04-10ids: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10vrrp: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10https: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10firewall: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10policy: route: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10nat: T2199: bugfix dry-run newly generated config before installChristian Poessinger
Commit bb76e8d7f1635 ("nat: T2199: dry-run newly generated config before install") added support to verify the generated nftables ruleset. Unfortunately if the verify failed - a Python exception was triggered: NameError: name 'nftables_ct_file' is not defined This was due to bad copy/pasting.
2022-04-10smoketest: nat: use setUpClass() over setUp()Christian Poessinger
2022-04-10nat(66): T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10eapol: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10dns: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10ocserv: T4231: increment config version 1 -> 2Christian Poessinger
2022-04-09Merge pull request #1242 from goodNETnick/ocserv_local_otpChristian Poessinger
ocserv: T4231: Added OTP support for Openconnect 2FA
2022-04-09ocserv: T4231: Added OTP support for Openconnect 2FAgoodNETnick
2022-04-08Merge pull request #1278 from sever-sever/T4344Christian Poessinger
dhcp-server: T4344: Fix underscores for shared network name
2022-04-08Merge branch 'current' into T4344Viacheslav Hletenko
2022-04-08Merge pull request #1148 from tacerus/dhcpdDaniil Baturin
T4156: Add bootfile-size option
2022-04-08Merge branch 'current' into dhcpdGeorg
2022-04-08dhcp-server: T4344: Fix underscores for shared network nameViacheslav Hletenko
Shared network name should not be handled by tag node mangling I.e. should not replace underscores with dashed set service dhcp-server shared-network-name NET_01 shared-network NET_01 { authoritative; ... on commit { set shared-networkname = "NET_01"; } }
2022-04-08dhcp(v6): T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-08container: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-08smoketest: vrf: T4346: IPv6 address family can no longer be disabled in the ↵Christian Poessinger
Kernel
2022-04-08Merge pull request #1277 from jestabro/api-smoketestChristian Poessinger
T4347: Bug fix and extension of HTTP smoketest
2022-04-07smoketest: http: add check for missing keyJohn Estabrook
2022-04-07smoketest: http: bind http api to unix domain socketJohn Estabrook
2022-04-07http api: T4347: return complete and consistent error codesJohn Estabrook
2022-04-07policy: T4194: simplify prefix-list duplication checksChristian Poessinger
Commit 5dafe255d ("policy: T4194: Add prefix-list duplication checks") added first support for FRR prefix-list duplication checks. FRR does not allow to specify the same profix list rule multiple times. vyos(config)# ip prefix-list foo seq 10 permit 192.0.2.0/24 vyos(config)# ip prefix-list foo seq 20 permit 192.0.2.0/24 % Configuration failed. Error type: validation Error description: duplicated prefix list value: 192.0.2.0/24 There is a VyOS verify() function which simply probed for the prefix, action, le and ge settings - but as Python has excellent support when comparing data, this can be as simple as a dictionary comparison using "==".
2022-04-07ipv6: T4346: delete (migrate) CLI command to disable IPv6 address familyChristian Poessinger
2022-04-07ipv6: T4346: deprecate CLI command to disable IPv6 address familyChristian Poessinger
2022-04-07vyos.base: T4346: add common DeprecationWarning() classChristian Poessinger
2022-04-07qos: T4284: rename "traffic-policy" node to "qos policy"Christian Poessinger
"set traffic-policy" now becomes "set qos policy" "set interface ethernet eth0 traffic-policy" now bvecomes "set qos interface eth0"
2022-04-07qos: T4284: verify mirror/redirect target interface existsChristian Poessinger
2022-04-07qos: T4284: support mirror and redirect on vlan subinterfacesChristian Poessinger
2022-04-07qos: T4284: support mirror and redirect on all interface typesChristian Poessinger
2022-04-06dns: forwarding: T4343: add CLI option for PowerDNS network-timeoutBracken
Makes the powerdns `network-timeout` setting configurable via: `service dns forwarding timeout`. The powerdns default is 1500ms, VyOS now explicitly sets the same default value or the configured value so that the setting can have a readily apparent default in the help, rather than the user having to know it's powerdns.
2022-04-06Merge pull request #1275 from sarthurdev/firewall_limitChristian Poessinger
firewall: T4345: Fix incorrect firewall rule limit rate format
2022-04-06firewall: T4345: Fix incorrect rule limit rate syntaxsarthurdev
2022-04-06Merge pull request #1274 from srividya0208/T4342Christian Poessinger
op-comm: ospf : error for ospf neighbor address command
2022-04-06op-comm: ospf : error for ospf neighbor address commandsrividya0208
Error received when executed the sh ip ospf neighbor address 33.33.33.33 % Unknown command: sh ip ospf neighbor address 33.33.33.33
2022-04-06smoketest: http: test API authenticationChristian Poessinger
2022-04-06smoketest: http: verify nginx config fileChristian Poessinger
2022-04-06smoketest: vrf: T4331: IPv6 link-local addresses not configured for ↵Christian Poessinger
interface in VRF
2022-04-06dns: forwarding: T3804: fix warning message about "system name-server"Christian Poessinger
2022-04-05Merge pull request #1270 from sever-sever/T4331Christian Poessinger
interfaces: T4331: Fix assign link-local static IPv6 addr to vrf
2022-04-05interfaces: T4331: Fix assign link-local static IPv6 addr to vrfViacheslav Hletenko
If we have link-local static address and vrf, for example: set interfaces ethernet eth2 address 'fe80::5200:ff:fe55:222/64' set interfaces ethernet eth2 vrf 'foo' This IPv6 address was assigned before vrf, as result after attaching the intreface to vrf we lose this static linklocal address DEBUG/IFCONFIG cmd 'ip addr add fe80::5200:ff:fe55:222/64 dev eth2' DEBUG/IFCONFIG cmd 'ip link set dev eth2 master foo' DEBUG/IFCONFIG cmd 'ip addr add fe80::5208:ff:fe13:2/64 dev eth2' This commit fixes this, the address is assigned after vrf assign
2022-04-05dns: forwarding: T3804: bugfix DHCP name-servers used for recursionChristian Poessinger
Commit 2ecf7a9f9c ('name-server: T3804: merge "system name-servers-dhcp" into "system name-server"') missed out an old dictionary key "system_name_server_dhcp" and thus system nameservers configured via DHCP did not get used for the DNS forwar recursor.
2022-04-04login: T4341: busy wait on userdel(8) until the account was deleted successfullyChristian Poessinger
2022-04-04smoketest: login: verify test accounts are properly deletedChristian Poessinger
2022-04-04login: T4341: disable user account prior to deletionChristian Poessinger
2022-04-04smoketest: ssh: verify SSH service is stopped on removalChristian Poessinger
2022-04-04smoketest: ssh: verify login of valid and invalid test userChristian Poessinger
In order to test for proper system authentication and security setup a new testcase is added which performs an SSH login and command execution with a predefined user. The result (output of uname -a) must match the output if the command is run natively. We also try to login as an invalid user - this is not allowed to work.