summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-07-18bond: bridge: T4534: error out if member interface is assigned to a VRF instanceChristian Poessinger
It makes no sense to enslave an interface to a bond or a bridge device if it is bound to a given VRF. If VRFs should be used - the encapuslating/master interface should be part of the VRF. Error out if the member interface is part of a VRF. (cherry picked from commit 87d2dff241d9ab4de9f3a2c7fbf9852934557aef)
2022-07-18vrf: T4527: Prevent to create VRF with reserved namesViacheslav Hletenko
VRF names: "add, all, broadcast, default, delete, dev, get, inet, mtu, link, type, vrf" are reserved and cannot be used for vrf name (cherry picked from commit 52342f389af2da2995b858d026e6fbcad5c8bfaa)
2022-07-18smoketest: bridge: also test QinQ bridge member interfacesChristian Poessinger
(cherry picked from commit 74d6a7e4fc9e2e929c5f899070e6fc3e3e3b5ceb)
2022-07-18vyos.configdict(): T4228: is_member() must split VLAN interfacesChristian Poessinger
Commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") added a bugfix on calling is_member() to retrieve the real physical information about an interface. It did not include a code path to also split up VLAN interfaces. This has been fixed. (cherry picked from commit fdeae251431cb747e8f60d96269b4365b7401807)
2022-07-18bond: T4522: add ability to specify mii monitor interval via CLIChristian Poessinger
Linux Kernel supports to specify the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. A value of 100 is a good starting point. The default value is 100. set interfaces bonding bond0 mii-mon-interval <n> (cherry picked from commit 4315c8fa5bb090e2b7edd6bda205041623e2511d)
2022-07-18smoketest: bond: remove second instance of layer2+3 hash-policy testChristian Poessinger
(cherry picked from commit 8d1bb953b784d03e02ba26e78da5488a79aaf20d)
2022-07-18vyos.configdict(): T4228: is_member() must use the "real" hardware interfaceChristian Poessinger
When is_member() is inspecting the bridge/Bond member interfaces it must work with the real interface (e.g. eth1) under the "ethernet" node and not work on the "member interface eth1" CLI tree, that makes no sense at all. (cherry picked from commit 3915791216998a18bf6831450df68ee199e2e4f8)
2022-07-15snmp: T2763: Add protocol TCP for service SNMPViacheslav Hletenko
Ability to listen TCP port for service SNMP set service snmp protocol tcp
2022-07-15smoketest: T4532: Fix for smoketest flow-accountingViacheslav Hletenko
Delete extra space for template uacctd.conf.tmpl Update smoketest to replace '.' with '-'
2022-07-14Merge pull request #1412 from sever-sever/T4532-eqChristian Poessinger
netflow: T4532: Fix flow-accounting server IPv6 bug
2022-07-14netflow: T4532: Fix flow-accounting server IPv6 bugViacheslav Hletenko
Fix for IPv6 netflow_plugin name When we use IPv6 uacctd.conf doesnt expect coluns in the plugin name. Replace coluns to dash. Place IPv6 address into [] brackets
2022-07-12Merge pull request #1410 from sever-sever/T4527-eqDaniil Baturin
vrf: T4527: Prevent to create VRF with reserved names
2022-07-12vrf: T4527: Prevent to create VRF with reserved namesViacheslav Hletenko
VRF names: "add, all, broadcast, default, delete, dev, get, inet, mtu, link, type, vrf" are reserved and cannot be used for vrf name (cherry picked from commit 52342f389af2da2995b858d026e6fbcad5c8bfaa)
2022-07-11bond: T1557: re-add miimon configuration - lost in translationChristian Poessinger
(cherry picked from commit cabfd006bed9cd2d1512cb313616a8e97fe29b9e)
2022-07-11bond: T4521: ARP monitor interval is not configured despite set via CLIChristian Poessinger
The code path for changing the interval is never executed. (cherry picked from commit daddb0ad7812843f64a7ae0bf4b5e15db7b1758e)
2022-07-11smoketest: bond: add testcase for conflicting bridge memberChristian Poessinger
A bond member can not also be used as a member of a bridge interface. (cherry picked from commit 19bfed0abd75adacb61f170606fff8b4d2e7713f)
2022-07-11smoketest: bond: add testcase for source-interface re-useChristian Poessinger
A bond member is not allowed to also be used as a source interface for e.g. PPPoE or MACsec. (cherry picked from commit 6fca4854aa2e950795ff0411abe4601f86bdeac0)
2022-07-09Merge pull request #1364 from sever-sever/T4468-eqChristian Poessinger
webproxy: T4468: Fix regex for squidguard source-group 1.3
2022-07-09Merge pull request #1392 from sever-sever/T4507-eqChristian Poessinger
accel-ppp: T4373: T4507: Add options multiplier for shaper
2022-07-07Merge pull request #1390 from c-po/t4456-ntp-equuleusChristian Poessinger
ntp: T4456: support listening on specified interface (equuleus)
2022-07-07Merge pull request #1400 from c-po/t4509-pdns-6to4-equuleusChristian Poessinger
dns: T4509: Add dns64-prefix option (equuleus)
2022-07-07dns: T4509: improve 6to4 error messageChristian Poessinger
(cherry picked from commit ee603b3a0f9f3add72c1e5ac2277c013d40cf5a4)
2022-07-07smoketest: dns: T4509: use dedicated 6to4 testcaseChristian Poessinger
(cherry picked from commit 82945a7ff0899295776b5a4bc009fe6513bcdbda)
2022-07-07smoketest: dns: forwarding: use setUpClass()Christian Poessinger
(cherry picked from commit 8e2f99db12ad97cfd371fdaa6466e2d443890645)
2022-07-07dns: T4509: Add dns64-prefix optionViacheslav Hletenko
rfc6147: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers set service dns forwarding dns64-prefix 2001:db8:aabb::/96 (cherry picked from commit 2bdf4798570222b57af2de2f0b443529abdc3feb)
2022-07-06Merge pull request #1396 from aapostoliuk/T4513-equuleuszdc
webproxy: T4513: Fixed path to webroxy log files
2022-07-06webproxy: T4513: Fixed path to webroxy log filesaapostoliuk
Fixed path to webproxy log files in webproxy monitor commands
2022-07-05ipoe: T4507: Add option rate-limit for RADIUS authenticationViacheslav Hletenko
Add rate-limit options: attribute, muptiplier and vendor set service ipoe-server auth radius rate-limit attribute 'Mikrotik-Rate-Limit' set service ipoe-server auth radius rate-limit enable set service ipoe-server auth radius rate-limit multiplier '0.001' set service ipoe-server auth radius rate-limit vendor 'Miktorik'
2022-07-05pppoe-server: T4373: Add option multiplier for correct shapingViacheslav Hletenko
Multiplier option is required by some vendors for correct shaping For RADIUS based rate-limits edit service pppoe-server set authentication radius rate-limit multiplier '0.001'
2022-07-05Merge pull request #1391 from c-po/t4510-static-host-equuleusChristian Poessinger
hosts: T2683: Allow multiple entries for static-host-mapping (equuleus)
2022-07-05Merge pull request #1381 from sever-sever/T4313-eqChristian Poessinger
T4313: handle exceptions in the "generate public-key-command" script
2022-07-05hosts: T3979: Change address to a listCharles Surett
This fixes `hostfile-update` in the dhcp-server (cherry picked from commit 39d6ca61c50f70171b2f7bcccbba2c70d102cb7f)
2022-07-05hosts: T2683: Allow multiple entries for static-host-mappingViacheslav
(cherry picked from commit b1db3de80b8b5f4e2dcbc6d687d342986345c4b2)
2022-07-04ntp: T4456: call verify_vrf() before individual interface validationChristian Poessinger
It makes no sense to test against a VRF that might not exist at all. (cherry picked from commit 171b224c1cf1303a608725ec74b545902daa243e)
2022-07-04ntp: T4456: support listening on specified interfaceChristian Poessinger
When clients only use DHCP for interface addressing we can not bind NTPd to an address - as it will fail if the address changes. This commit adds support to bind ntpd to a given interface in addition to a given address. set system ntp interface <name> (cherry picked from commit 6732df1edd632b56d3d02970939f51d05d4262e9)
2022-07-01Merge pull request #1372 from sever-sever/T1375-eqDaniil Baturin
op-mode: T1375: Allow to clear dhcp-server lease
2022-07-01Merge pull request #1375 from sever-sever/T4489-eqDaniil Baturin
mpls: T4489: Set priority 400 for MPLS after tunnel
2022-06-30T4313: handle exceptions in the "generate public-key-command" scriptDaniil Baturin
(cherry picked from commit c37829f1e902b84a5bc3bc5618ee97ae1ba0dd86)
2022-06-28mpls: T4489: Set priority 400 for MPLS after tunnelViacheslav Hletenko
Fix wrong behavior with priority by using tunnel interfaces MPLS configuration must be applied after tunnel interfaces as we use an addition sysctl option 'net.mpls.conf.tun0.input = 1' which doesn't exist without a tunnel interface Change priority: 299 protocols/mpls 380 interfaces/tunnel To: 380 interfaces/tunnel 400 protocols/mpls
2022-06-28op-mode: T1375: Allow to clear dhcp-server leaseViacheslav Hletenko
Allow to reset dhcp-leases per ip Parse file '/config/dhcpd.leases' find match section 'lease x.x.x.x {}' And remove this section clear dhcp-server lease 192.0.2.21 (cherry picked from commit a83eecfeee1f925c914a46623dd35f96b48389f8)
2022-06-19Merge pull request #1349 from kajiuray/equuleusDaniil Baturin
http-api: T4459: Fix to set VRF in http(s) service
2022-06-17webproxy: T4468: Fix regex for squidguard source-groupViacheslav Hletenko
(cherry picked from commit fbd3bef2248de5785f96d2e7803a6811eee78710)
2022-06-09Merge pull request #1271 from sever-sever/T2580-equChristian Poessinger
ipoe: T2580: Add pools and gateway options
2022-06-08Merge pull request #1336 from c-po/t4447-dhcpv6-pd-equuleusDaniil Baturin
dhcp6: pd: T4447: bugfix sla-id limits (must be greater then 128 (equuleus)
2022-06-05http-api: T4459: Fix to set VRF in http(s) serviceYuki Kajiura
The http service doesn't use VRF info in conf mode. Even if users set any VRF, the info isn't propagated to the process. This commit set VRF parameter in http service.
2022-05-30Merge pull request #1338 from sever-sever/T4387Daniil Baturin
smoketest: T4387: Add test for load-balancing wan
2022-05-28smoketest: T4387: Add test for load-balancing wanViacheslav Hletenko
Create 2 network namespaces which allow us to emulate 2 ISP with different static addresses Check routing table 201 for the first ISP and table 202 for the second ISP. Each table must contain default route
2022-05-27dhcp6: pd: T4447: bugfix sla-id limits (must be greater then 128Christian Poessinger
The sla-id parameter of DHCPv6 prefix delegations is limited to 128. While this is enough to use all /64 subnets of a /57 prefix, with a /56 prefix that is no longer sufficient. Increased sla-id length tp 65535 so one could delegate an entire /48. (cherry picked from commit 283276d457a09c100416c0d4ffccd4f94ccd2540)
2022-05-26Merge pull request #1335 from sever-sever/T4442-equDaniil Baturin
http-api: T4442: Add action reset
2022-05-26http-api: T4442: Add action resetViacheslav Hletenko
Add action 'reset' (op-mode) for HTTP-API http://localhost/reset curl --unix-socket /run/api.sock -X POST -Fkey=mykey \ -Fdata='{"op": "reset", "path": ["ip", "bgp", "192.0.2.14"]}' \ http://localhost/reset