summaryrefslogtreecommitdiff
path: root/python/vyos
AgeCommit message (Collapse)Author
2021-05-24pseudo-ethernet: T3575: verify parent interface MTUChristian Poessinger
(cherry picked from commit 38b3dff1ebdf8c26a28d0befa6dcf0b4f51f21be)
2021-05-23vyos.configverify: T3570: sub interface MTU must be less or equal to parent MTUSimon
(cherry picked from commit 5e1ed4086f96141611680892911dad82c28795ee)
2021-05-20vyos.util: T3532: Replace func get_interface_configViacheslav Hletenko
Replace function get_interface_config to function get_interface_config, as we have in 1.4 branch. It need after this cherry-picked commit edcdea8
2021-05-18revert: "util: T2467: add autosudo as an option to command"Christian Poessinger
Implementing a wrapper which will - based on the command - add a sudo prefix to the execution string seemed to be a nice idea but unfortunately it did not only not get momentum but also the codebase somethis added an implicit "sudo" call a second time. This resulted in a call: "sudo sudo systemctl" The entire functionality was removed again and if an op-mode script requires root priviledges it must be explicitly called with them - no black magic. (cherry picked from commit b76931e6d3a4bd0cdb74ca447a746ab6855fcf55)
2021-05-15vyos.ifconfig: T3532: re-create Q-in-Q interface on protocol changeChristian Poessinger
It is not possible to change the VLAN encapsulation protocol "on-the-fly". For this "quirk" we need to actively delete and re-create the VIF-S interface. (cherry picked from commit cd504035015dca62149b57bc07d8e002bd8723b1)
2021-05-13bonding: T3543: add support to configure lacp-rate (slow or fast)Christian Poessinger
Option specifying the rate in which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode. set interfaces bonding bond0 lacp-rate <slow|fast> slow: Request partner to transmit LACPDUs every 30 seconds (default) fast: Request partner to transmit LACPDUs every 1 second (cherry picked from commit 8e392a3dbc16f7b80a979f7b4e9c11408d700e6f)
2021-05-06T3356: remote: Add support for custom source interfaceLulu Cathrinus Grimalkin
(cherry-picked from commit 60e3b3ef23a56edadab6abac00175433f99986c8)
2021-04-25tunnel: T3468: add interfaces to completion helper for bridgeChristian Poessinger
(cherry-picked from commit efa744c63b388773a4ea76d0f690042ec1689159)
2021-04-18config: T3481: add switch to prevent mangling of tag node valuesJohn Estabrook
(cherry picked from commit e96932cbd99f508f9f5c24b207b5650aa8817e45)
2021-04-18xml: T3475: disable processing of syntaxVersion elementJohn Estabrook
(cherry picked from commit bafdc46e7af94b32aa3fed90c287ac170d764b7d)
2021-04-17Merge pull request #813 from erkin/equuleusChristian Poessinger
util: T3356: Fix password variables
2021-04-17util: T3356: Fix password variableserkin
2021-04-05vrf: vlan: T3438: do not automatically delete upper interfaceChristian Poessinger
Removing a VLAN (VIF) interface from the CLI always deleted all interfaces the kernel listed as "upper" in the /sys/class/net folder. This had the drawback that when deleting a VIF, also the VRF interface was simply deleted - killing all VRF related services. (cherry picked from commit 6458f91735412fb2e6e7e37f7b3e6ca587a5a235)
2021-03-30Merge pull request #795 from erkin/equuleusDaniil Baturin
T3356, T3284: Backport remote.py fixes to Equuleus
2021-03-30Backport remote.py fixeserkin
2021-03-25vyos.configverify: T3344: verify_vrf() must handle "default" VRFChristian Poessinger
We can leak routes back to the default VRF, thus the check added by commit 9184dfb5 ("static: vrf: T3344: add target vrf verify()") must have a "bail out" option when one want's to leak routes into the default VRF. (cherry picked from commit 5adcc4ca30676338fca9a06409bbc72af4f68a1f)
2021-03-22Merge pull request #782 from erkin/equuleusJohn Estabrook
T3284: Merge Paramiko-based remote.py implementation
2021-03-22T3284: Merge Paramiko-based remote.py implementationerkin
2021-03-19dhcp: T3300: add DHCP default route distanceBrandon Stepler
(cherry picked from commit dd2eb5e5686655c996ae95285b8ad7eb73d63d0b)
2021-03-14xdp: T2666: remove entire XDP code for 1.3 LTS imageChristian Poessinger
This is an extension to commit 801c5235 ("xdp: T2666: disable this highly experimental feature in 1.3 LTS") by dropping all XDP references in the equuleus codebase.
2021-03-07vxlan: T3319: use default ttl of 16Christian Poessinger
VyOS 1.2 had a default ttl of 16 hardcoded to the node.def file [1], so until this is handled via a migration script we have to obey that particular setting. [1]: https://github.com/vyos/vyatta-cfg-system/blob/crux/templates/interfaces/vxlan/node.def#L23
2021-03-06vyos.util: provide single implementation for get_json_iface_options()Christian Poessinger
There had been four implementations of "ip -d -j link show interface" scattered accross the codebase. Those implementations have now been combined into a new helper: vyos.util.get_json_iface_options() (cherry picked from commit f13cc56d665a91ff3fac47df260301afefb1a3a5)
2021-02-28vif: T3349: use fixed ordering when enabling parent and child interfaceChristian Poessinger
When a VIF/VLAN interface is placed in admin down state but the lower interface, serving the vlan, is moved from admin down -> admin up, all its vlan interfaces will be placed in admin up state, too. This is bad as a VLAN interface will become admin up even if its specified as admin down after a reboot. To reproduce: set interfaces ethernet eth1 vif 20 disable set interfaces ethernet eth1 disable commit delete interfaces ethernet eth1 disable commit Now check the interface state and it returns UP,LOWER_UP 7: eth1.20@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:50:56:b3:09:07 brd ff:ff:ff:ff:ff:ff inet6 fe80::250:56ff:feb3:907/64 scope link valid_lft forever preferred_lft forever (cherry picked from commit 49bc3f1e3ff8416908fc986bb60b444a75a1722d)
2021-02-24ethernet: T3163: fix typos in vyos.ethtool commentsChristian Poessinger
(cherry picked from commit bddeae3755c8d83f4c47bc3b3798858a95427530)
2021-02-24ethernet: T3163: not all NIC drivers support ring-buffer configurationChristian Poessinger
In addition to commit cf1156a60e ("ethernet: T3163: probe driver for maximum rx/tx ring-buffer size") this extends the logic in a way as not every driver supports setting the buffers at all so it will properly error out. When invoking "ethtool -g" both stdout and stderr are captured and no exception is raised if it's an unsupported driver feature. The verify() section will inform the user about the illegal operation. (cherry picked from commit 159899ed9ba5661e4bdcfdadf1292e237f117063)
2021-02-22vyos.ifconfig: extend debug option to print input dictChristian Poessinger
(cherry picked from commit a3e11ace758f447ddbbabd31d4903b3f71baa0b8)
2021-02-21ethernet: T3163: probe driver for maximum rx/tx ring-buffer sizeChristian Poessinger
(cherry picked from commit cf1156a60e1d03a752cde0baadbc9ac8118b2a52)
2021-02-18configsession: T3259: avoid deadlock when data fills stdout pipeJohn Estabrook
If the subprocess is producing enough data (in this case showConfig on a large config file), then the construction: p = subprocess.Popen(.., stdout=subprocess.PIPE, ..) p.wait() will deadlock with the subprocess waiting for data to be consumed, while the Python process waits for its termination. So consume data, then wait for termination. (cherry picked from commit 83bcd13775323bec35d018223029e9a8b13179c8)
2021-02-14template: T2947: backport additional Jinja2 filtersChristian Poessinger
is_ip_network and compare_netmask Jinja2 filter have been added via commit 920789798 ("nat: T2947: add many-many translation") on "current" and are required for the 1:1 NAT functionality. jinja2.exceptions.TemplateAssertionError: no filter named 'is_ip_network'
2021-02-02vlan: T3018: vif/vif-s vlan id can not be re-usedChristian Poessinger
In the past it was possible to configure a vif-s interface and a vif interface both with the same VLAN ID. VyOS 1.2 reported a Kernel error: RTNETLINK answers: File exists Error creating VLAN device eth1.100 so this should not be possible at all in VyOS 1.3 (cherry picked from commit ccd516b4d10c518ea445928c01d6c7dc2770777b)
2021-01-31vyos: T3274: Handle EOF in ask_yes_no()erkin
(cherry picked from commit 55c5d662290aea9f2c3abe911bd9920f4f9d7d9a)
2021-01-29vif-c: verify: T3269: fix configuration verificationBrandon Stepler
(cherry picked from commit b8cddcdae36903feb84ee1807d6adb27337cf582)
2021-01-28dhcpv6: T3262: don't run DHCPv6 client when only dhcpv6-options is configuredBrandon Stepler
If dhcpv6-options is configured without requesting a DHCPv6 address or PD, the dhcpv6pd variable is assigned an empty dict. (cherry picked from commit d7d916f74e7d3b3b1fc85336f24f91af66b1e2a8)
2021-01-16vyos.configdict: node_changed() now accepts key mangling parameterChristian Poessinger
(cherry picked from commit 452a9c504f472dcaee8c93947a889dab4f8259ce)
2021-01-13ifconfig: T2653: return empty string when there is no interface descriptionChristian Poessinger
After switching to iproute2 in commit 92f36735 ("ifconfig: T2653: use iproute2 commands for alias, mac and mtu set()/get()" it is necessary to return an empty string as iproute2 returns None. (cherry picked from commit ea1be032e98fd1634e71d3c2d61b3e93bff841de)
2021-01-12ifconfig: T2653: use iproute2 commands for alias, mac and mtu set()/get()Christian Poessinger
(cherry picked from commit 92f3673538e0328488c14c90c8acf7ea6b2141ba)
2021-01-12tunnel: T3205: bugfix gre-bridge interfacesChristian Poessinger
(cherry picked from commit 138e7a95c21fb2928182847693e366644be6e945)
2021-01-07vyos.configverify: provide generic helper to check for interface existenceChristian Poessinger
2021-01-07login: radius: T3192: migrate to get_config_dict()Christian Poessinger
2021-01-06dhcpv6-pd: verify: T3193: detect conflict between auto-assigned and ↵Brandon Stepler
configured SLA-IDs "data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on lines 39, 46, and 52.
2021-01-06dhcpv6-pd: verify: T3193: allow multiple auto-assigned SLA-IDsBrandon Stepler
"data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on lines 39, 46, and 52.
2021-01-06dhcpv6-pd: verify: T3193: allow more than one VLAN interfaceBrandon Stepler
VLAN interfaces contain periods, which make them incompatible with dict_search().
2021-01-06ifconfig.interface: use Python3 f-ormat stringChristian Poessinger
2021-01-05vyos.validate: import cleanupChristian Poessinger
2021-01-04mirror: T3089: bugfix is_mirror_intf code pathChristian Poessinger
2021-01-03mirror: add verify() check so we can not mirror back to our selfChristian Poessinger
2021-01-03mirror: T3089: remove redundant code pathsChristian Poessinger
- remove redundant code paths apply_mirror() / apply_mirror_of_monitor() - have single source available
2021-01-02ethernet: T3171: always use full CPU enable bitmask over computational maskChristian Poessinger
The Linux Kernel supports enabling more cores for RPS then we actually have. It does internal clipping/validation so there is no need for us to calculate the specifc enable mask we can simply throw "all -1" at the Kernel.
2021-01-02ifconfig: ethernet: fixup line breaksChristian Poessinger
2021-01-01ethernet: T3171: add CLI option to enable RPS (Receive Packet Steering)Christian Poessinger
set interfaces ethernet <interface> offload rps