summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-04-04smoketest: ssh: verify SSH service is stopped on removalChristian Poessinger
(cherry picked from commit 4bb0adf535e12dc962a0ebea0f5a96f612a76a5d)
2022-04-04smoketest: ssh: verify login of valid and invalid test userChristian Poessinger
In order to test for proper system authentication and security setup a new testcase is added which performs an SSH login and command execution with a predefined user. The result (output of uname -a) must match the output if the command is run natively. We also try to login as an invalid user - this is not allowed to work. (cherry picked from commit e66c45ce7a664ecb26d21a215975777bef0fcd71)
2022-03-30Merge pull request #1257 from dmbaturin/T4319-loChristian Poessinger
T4319: do not try to add ::1/128 to lo when IPv6 is disabled
2022-03-30T4319: do not try to add ::1/128 to lo when IPv6 is disabledDaniil Baturin
2022-03-28Merge pull request #1255 from vyos/revert-1235-equuleus-ipv6-local-routeDaniil Baturin
Revert "backport: T4515: T4219: policy local-route6 and inbound-interface support"
2022-03-28Revert "backport: T4515: T4219: policy local-route6 and inbound-interface ↵Daniil Baturin
support"
2022-03-28Revert "openvpn: T4230: globally enable ip_nonlocal_bind"Daniil Baturin
This reverts commit 382d5aa16d81b745e522a14122b429750ee64789.
2022-03-27Merge pull request #1254 from jestabro/eq-gql-test-nodeDaniil Baturin
graphql: T3993: add unsettable gql option; this is not exposed by CLI
2022-03-27graphql: T3993: add unsettable gql option; this is not exposed by CLIJohn Estabrook
(cherry picked from commit 9d3acc2b55f2d1c563f1941e59c98c159211dc58)
2022-03-25smoketest: ipv6: fix testcase after using new sysctl interfaceChristian Poessinger
(cherry picked from commit 6249c2abe7e40a6671549d318ee9b0fbd622b991)
2022-03-25smoketest: mpls: disable debug outputChristian Poessinger
(cherry picked from commit 625ea99e69a319c88fa67125438fdc457eaaaed3)
2022-03-25mpls: T915: use vyos.util.sysctl_write() helper functionChristian Poessinger
(cherry picked from commit cabe0c06e2312cc872d3e22d91611a3ccecefdb0)
2022-03-25vyos.util: T4319: rename sysctl() -> sysctl_write()Christian Poessinger
(cherry picked from commit 364009e4317fb5c6732635726b511613aa2ed519)
2022-03-25ipv6: T4319: do not configure IPv6 related settings if it's disabledChristian Poessinger
(cherry picked from commit f8b3d8999cbea988ce8e7d303957558308ddc1bc)
2022-03-25system: T4319: align ipv6 settings with ipv4 by using get_config_dict()Christian Poessinger
(cherry picked from commit 1b16a4eab926462c0d2752d698bedf28c995058d)
2022-03-25vyos.util: T4319: provide generic sysctl_read() helperChristian Poessinger
(cherry picked from commit 52cb6185a4a51ffa92f10e0ded55a943bc21bc60)
2022-03-25xml: T4319: use common building block for table-size CLI optionChristian Poessinger
(cherry picked from commit eaf4b60c9e7fa094d17b87b29bebaf81182ee7a1)
2022-03-25T4319: "system ip(v6)" must run before any interface operationChristian Poessinger
(cherry picked from commit 87ccafd06b897b63f847e6b47cf72b951b0ed223)
2022-03-24openvpn: T4230: globally enable ip_nonlocal_bindChristian Poessinger
(cherry picked from commit 1cbcbf40b7721849f9696c05fac65db010a66b7c)
2022-03-24Merge pull request #1210 from sever-sever/T4230-equChristian Poessinger
openvpn: T4230: Delete checks if local-host address assigned
2022-03-24openvpn: T4294: force service restart on openvpn-option node changeChristian Poessinger
(cherry picked from commit 999b1e50dfdea8694174e82d22b2438cb1bf5e28)
2022-03-23Merge pull request #1235 from hensur/equuleus-ipv6-local-routeChristian Poessinger
backport: T4515: T4219: policy local-route6 and inbound-interface support
2022-03-16T3506: loadkey: fix build error1.3.1Christian Poessinger
Commit 92f6feca ("T3506: loadkey: Add `generate public-key-command` command") backported a change from current for the op-mode command definitions. Unfortunately VyOS 1.3 (equuleus) uses the old GCC preprocessor which is unable to properly handle long strings containing control characters lilke // (CPP-comment).
2022-03-15bonding: T4301: Fixed arp-monitor optionzsdc
In verify function for arp-monitor option was used by mistake an extra conversion for incoming data before comparing items. This commit removed these unnecessary conversions and makes the option operable. (cherry picked from commit df4b544c29974e36b52fc42bcbf617f50738a4a6)
2022-03-11Ethtool: T4297: Update drivers supporting speed/flow/duplexDaniel Berlin
The iavf, ice, and i40e drivers do not support speed, flow, or duplex control using ethtool. As a result, interface configuration changes fail to commit when using those drivers. This patch fixes that by correctly marking those drivers as not supporting those controls. (cherry picked from commit 2894b52454311f8e011bed910704064be7471275)
2022-03-10Merge pull request #1244 from erkin/equuleusDaniil Baturin
T3506: loadkey: Add `generate public-key-command` command
2022-03-10T3506: loadkey: Add `generate public-key-command` commanderkin
2022-03-06smoketest: config: add "recent" firewall rule to dialup-routerChristian Poessinger
(cherry picked from commit 1d0d4e83d8413c1b389be763cadd5d150d4be982)
2022-03-05conntrackd: T4259: fix daemon configuration pathChristian Poessinger
(cherry picked from commit aa8080d316dbeb4d26bf67f6d67efeda43b2bc07)
2022-03-05conntrackd: T4259: prevent startup of multiple daemon instancesChristian Poessinger
(cherry picked from commit 2c94c3ec72a559de405b29b4399250db3085717e)
2022-03-04op-mode: lldp: T3999: bugfix cap' referenced before assignmentChristian Poessinger
(cherry picked from commit c06861440cd21ff7c668b35ed1039f5fac4101b9)
2022-02-28ssh: T4273: bugfix cipher and key-exchange multi nodesChristian Poessinger
After hardning the regex validator to be preceeded with ^ and ending with $ it was no longer possible to have a comma separated list as SSH ciphers. The migrations cript is altered to migrate the previous comma separated list to individual multi node entries - cipher and key-exchange always had been multinodes - so this just re-arranges some values and does not break CLI compatibility (cherry picked from commit 61fa1c95164e4222e79b078b1a796f41397e0ee3)
2022-02-26smoketest: lldp: add testcaseChristian Poessinger
2022-02-25monitoring: T3872: re-use "port" building block from port-number.xml.iChristian Poessinger
(cherry picked from commit 0ec8927476e7d654d52df4c803a6694be0b1e9e2)
2022-02-25wireless: ifconfig: T2653: add missing defaultValue for mgmt-frame-protectionChristian Poessinger
(cherry picked from commit be60d39332b753f5fe35101efe3463eebea2cb9d)
2022-02-25smoketest: webproxy: use setUpClass() over setUp()Christian Poessinger
(cherry picked from commit 15eff1682613ad20f83c46fded866b132a1fb814)
2022-02-25dhcp-relay: T3095: add missing max-size default valueChristian Poessinger
(cherry picked from commit faa63999ca1fe11cc25e8a241e75a451a53ffa26)
2022-02-23backport: policy: T4219: add local-route(6) incoming-interfaceHenning Surmeier
2022-02-23backport: policy: T4151: bugfix smoketestHenning Surmeier
.sort() is an inplace operation and return None...
2022-02-23backport: policy: T4151: remove all previous rules on editHenning Surmeier
2022-02-23backport: policy: T4151: Bugfix policy ipv6-local-routeHenning Surmeier
2022-02-23backport: policy: T4151: Add policy ipv6-local-routeHenning Surmeier
Adds support for `ip -6 rule` policy based routing. Also, extends the existing ipv4 implemenation with a `destination` key, which is translated as `ip rule add to x.x.x.x/x` rules. https://phabricator.vyos.net/T4151
2022-02-23pbr: T3702: Fix incorrect splits for fwmarkViacheslav
2022-02-23pbr: T3702: Add rules match fwmarkViacheslav
2022-02-23smoketest: tunnel: indention fixupChristian Poessinger
(cherry picked from commit 53517de05e9566c35218d1f07cacb1bff98a46d9)
2022-02-23tunnel: T4267: "parameters ip key" on GRE not required for different remotesChristian Poessinger
(cherry picked from commit e64d45717940aa4fb4a072065bdfa04f884d00cc)
2022-02-22vxlan: T4264: interface is destroyed and rebuild on description changeChristian Poessinger
When changing "general" parameters like: - interface IP address - MTU - description the interface is destroyed and recreated ... this should not happen! (cherry picked from commit 2373b232849c847717cbdcfac7390d8376e227ca)
2022-02-22vyos.configdict: T4263: leaf_node_changed() must also honor valueLess CLI nodesChristian Poessinger
If a valueLess node is added or removed from the CLI, a call to leaf_node_changed() will not detect it. If node is valueLess, on change old or new (depending on addition or deletion) will be {} and is treated as None. Add handler for this special case where old or new is an instance of a dictionary but empty. (cherry picked from commit 149f704a172fb14f16d0ba00ef237b972539492f)
2022-02-22Revert "backport: policy: T4151: Add policy ipv6-local-route"Christian Poessinger
This reverts commit e11a7ff1b2817cc8f4b595171fe82a43a209ebc2.
2022-02-22Revert "backport: policy: T4151: Bugfix policy ipv6-local-route"Christian Poessinger
This reverts commit ed7c674da17519e6331a9cef8522c5e49251d505.