Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-09-30 | Merge pull request #1019 from jestabro/interface-names | John Estabrook | |
T3869: Rewrite vyatta_net_name/vyatta_interface_rescan in Python | |||
2021-09-30 | interface-names: T3869: update udev rules | John Estabrook | |
2021-09-27 | interface-names: T3869: install vyos_net_name to udev directory | John Estabrook | |
2021-09-27 | interface-names: T3869: add vyos_net_name | John Estabrook | |
2021-09-27 | interface-names: T3869: add vyos_interface_rescan | John Estabrook | |
2021-09-27 | interface-names: T3869: add /run/udev/vyos to defaults | John Estabrook | |
2021-09-27 | nat66: T3863: ndppd requires interfaces to be present | Christian Poessinger | |
2021-09-27 | igmp: T2230: fix Jinja2 and FRR indention | Christian Poessinger | |
2021-09-27 | frr: T2175: rename daemon Jinja2 templates to match (d)aemon suffix | Christian Poessinger | |
2021-09-27 | smoketest: interface test base class QoS cleanup | Christian Poessinger | |
There is no need to delete the old ingres-qos and egres-qos values as it's not a multi node and thus the values are simply overwritten. Also address validation is not required as it's done in a dedicates test. | |||
2021-09-27 | smoketest: interface test base class for 802.1q should not extend testing to QoS | Christian Poessinger | |
2021-09-27 | openvpn: T690: Fix template for gateway and metric | Viacheslav | |
Some OpenVPN clients doesnt support option gateway and metric. Set metric option only when 'metric' was added in config explicity. (cherry picked from commit 96681d8bf1ede069b573a4cbe3a2493c374d048e) | |||
2021-09-27 | Merge pull request #1016 from sever-sever/T3853 | Christian Poessinger | |
nat66: T3853: Change priority to 500 | |||
2021-09-27 | nat66: T3853: Change priority to 500 | Viacheslav | |
Service ndppd should start after tunnels. | |||
2021-09-26 | vxlan: T3867: add multicast validator for group address | Christian Poessinger | |
The group CLI node takes a multicast IPv4 or IPv6 address - this must be input validated to not case any OS exception cpo@LR1.wue3# show interfaces vxlan vxlan vxlan0 { + group 254.0.0.1 source-address 172.18.254.201 + source-interface dum0 vni 10 } Results in OSError beeing rasied with the following context: Error: argument "254.0.0.1" is wrong: invalid group address | |||
2021-09-26 | T3866: ignore interfaces without "address" in DNS forwarding migration | Daniil Baturin | |
2021-09-26 | op-mode: pki: T3826: perform input validation when listing certificates | Christian Poessinger | |
2021-09-26 | ospf: T3757: add completion help when refering to area ID | Christian Poessinger | |
This extends commit 6f87d8c910 ("ospf: T3757: support to configure area at an interface level") with a completion helper to show which Area ID is already in use when configuring the area for an interface. | |||
2021-09-26 | vyos.ifconfig: T3860: bugfix in get_mac_synthetic() | Christian Poessinger | |
Commit 081e23996f (vyos.ifconfig: get_mac_synthetic() must generate a stable "MAC") calculated a "stable" synthetic MAC address per the interface based on UUID and the interface name. The problem is that this calculation is too stable when run on multiple instances of VyOS on different hosts/hypervisors. Having R1 and R2 setup a connection both via "tun10" interface will become the same "synthetic" MAC address manifesting in the same link-local IPv6 address. This e.g. breaks OSPFv3 badly as both neighbors communicate using the same link-local address. As workaround one can: set interfaces tunnel tun1337 address 'fe80::1:1337/64' set interfaces tunnel tun1337 ipv6 address no-default-link-local This commit changes the way in how the synthetic MAC address is generated. It's based on the first 48 bits of a sha256 sum build from a CPU ID retrieved via DMI, the MAC address of eth0 and the interface name as used before. This should add enough entropy to get a stable pseudo MAC address. | |||
2021-09-26 | ospfv3: T3859: add "log-adjacency-changes" CLI command | Christian Poessinger | |
2021-09-26 | op-mode: reboot/poweroff: T3857: send wall message to all users | Christian Poessinger | |
2021-09-25 | bgp: T3657: add "neighbor fe80::202 interface source-interface 'eth1'" command | Christian Poessinger | |
2021-09-25 | bgp: xml: T2387: use "generic-description" building block over BGP specific one | Christian Poessinger | |
There is no benefit in the BGP specific definition of a "description" node. | |||
2021-09-25 | op-mode: bgp: "show bgp ipv4|ipv6" should display routing table | Christian Poessinger | |
The <command> node was missed out when adding the XML definitions. | |||
2021-09-25 | ipsec: T2816: ipsec-dhclient-hook should only run if swanctl.conf exists | Christian Poessinger | |
2021-09-25 | ipsec: T2816: ipsec-dhclient-hook should use exit(0) | Christian Poessinger | |
2021-09-25 | ipsec: T2816: ipsec-dhclient-hook should use vyos.util.read_file() / ↵ | Christian Poessinger | |
write_file() | |||
2021-09-25 | vyos.ifconfig: dhcpv6: re-use systemd_service definition variable | Christian Poessinger | |
2021-09-25 | vyos.ifconfig: dhcp: T3300: always re-start dhcp client instead of start | Christian Poessinger | |
Commit dd2eb5e5686655 ("dhcp: T3300: add DHCP default route distance") changed the logic on how the DHCP process is going to be started. The systemd unit was always "started" even if it was already running. It should rather be re-started to track changes in e.g. the DHCP hostname setting. | |||
2021-09-23 | smoketest: T3850: use as complicated as possible public-key name | Christian Poessinger | |
2021-09-23 | T3850: Revert "login: T1948: add missing ssh-public key name regex" | Christian Poessinger | |
This reverts commit 514da738173696c70440c959b9d7ec9afd77fbae. | |||
2021-09-23 | smoketest: ospf: debug output only syslog and FRR | Christian Poessinger | |
The Kernel output seemed to be not that helpful and only polluted the log. Now we only gather the syslog and FRRs configuration | |||
2021-09-23 | Merge pull request #1014 from nagua/fix_smaller_openvpn_issues | Christian Poessinger | |
T3642: Fix smaller OpenVpn issues | |||
2021-09-23 | openvpn: T3642: Openvpn does not work without dh parameter in EC mode | Nicolas Riebesel | |
2021-09-23 | openvpn: T3642: Fix password_protected check | Nicolas Riebesel | |
2021-09-23 | openvpn: T3642: Add option for TLS 1.3 | Nicolas Riebesel | |
2021-09-22 | smoketest: vrrp: delete interface vifs after test | Christian Poessinger | |
2021-09-22 | vrrp: keepalived: T3847: enable no_tag_node_value_mangle for get_config_dict() | Christian Poessinger | |
Commit 761631d6 ("vrrp: keepalived: T3847: migrate to get_config_dict()") switched to the new python function get_config_dict(), when we deal with tag nodes that can contain a hyphen, we should also set no_tag_node_value_mangle in order to preserve it. This caused a dict lookup error as the hyphens in the test scripts got replaced by an _. | |||
2021-09-21 | vrrp: keepalived: T3847: migrate/streamline CLI options | Christian Poessinger | |
Rename virtual-address -> address as we always talk about an IP address. | |||
2021-09-21 | vrrp: keepalived: T3847: add common transition-script building block | Christian Poessinger | |
This is used for both VRRP groups and sync-groups. | |||
2021-09-21 | vrrp: keepalived: T3847: remove "transition-script mode-force" option | Christian Poessinger | |
2021-09-21 | vrrp: keepalived: T616: use common description building block | Christian Poessinger | |
2021-09-21 | vrrp: keepalived: T3847: migrate to get_config_dict() | Christian Poessinger | |
2021-09-21 | vrrp: keepalived: T616: enable script security | Christian Poessinger | |
2021-09-21 | vrrp: keepalived: T616: move configuration to volatile /run directory | Christian Poessinger | |
Move keepalived configuration from /etc/keepalived to /run/keepalived. | |||
2021-09-21 | smoketest: vrrp: T616: add basic smoketest to verify keepalived configuration | Christian Poessinger | |
2021-09-21 | xml: vrrp: T616: add missing valueHelp for "authentication type" | Christian Poessinger | |
2021-09-21 | vrrp: keepalived: T2720: adjust to Jinja2 trim_blocks feature | Christian Poessinger | |
This is a successor to commit a2ac9fac16e ("vyos.template: T2720: always enable Jinja2 trim_blocks feature"). It only shifts the whitespaces / indents inside the keepalived configuration file. | |||
2021-09-21 | dhcp-server: T3839: support domain-search and ntp-server config per ↵ | Christian Poessinger | |
shared-network | |||
2021-09-21 | xml: ospf: fix routing-passive-interface-xml.i include | Christian Poessinger | |
Commit a8b2e52148d ("xml: Update routing-passive-interface-xml.i file extension to standard .xml.i") only altered the RIP include statement but did not alter the OSPF include. |