summaryrefslogtreecommitdiff
path: root/python/vyos
AgeCommit message (Collapse)Author
2020-12-06dhcp: T2562: add "listen-address" CLI node for better DHCP relay supportChristian Poessinger
Running ISC DHCP server as backend server for multiple pools served to relay agents requires DHCPd to explicitly listen on give interfaces or a "transit" subnet declaration facing the network where we receive the DHCPREQ messages on. This implements a new "listen-address" CLI node, the given address is validated if it is assigned to the system and upon success, a proper "subnet { }" statement is added into dhcpd.conf
2020-12-04dhcp: T3100: migrate server configuration to get_config_dict()Christian Poessinger
2020-12-04vyos.ifconfig: T1579: migrate "ip source-validation" option from ↵Christian Poessinger
vyatta-cfg-quagga
2020-12-04Merge pull request #621 from jack9603301/T3089Christian Poessinger
interface: T3089: Migrate port mirroring to vyos-1x
2020-12-03interface: T3089: Migrate port mirroring to vyos-1xjack9603301
2020-12-02T3103: Extended vyos.frr without multiline regexRunar Borge
using multiline regexes are quite hard to "read" and are really easy to mess up, this commit adds a new more pythonic implementation of the library that do not need any multiline regexes.
2020-11-30limericks: Fix typos and rhymeerkin
2020-11-27vyos.template: T2720: always enable Jinja2 trim_blocks featureChristian Poessinger
2020-11-27vyos.configdict: T2665: add task id comment for later refactoringChristian Poessinger
2020-11-26tunnel: T3072: remove bridgable variable as this is already set by the base ↵Christian Poessinger
class
2020-11-26wireguard: T2653: interface is not bridgeableChristian Poessinger
FileNotFoundError: [Errno 2] failed to run command: ip link set dev wg01 master br0
2020-11-23tunnel: T3072: 'gre' devices do not support bridgingChristian Poessinger
2020-11-23bridge: T2875: handle OS exception when wifi interface does not support bridgingChristian Poessinger
2020-11-23vyos.template: fix is_ipv6 Jinja2 filterChristian Poessinger
Commit 6962bc53 ("vyos.template: provide general is_ip(v4|v6) helpers") introduced new Jinja2 template filters, but the one for checking an address if it is an IPv6 address was broken as it was yet unused.
2020-11-22defaults: T3082: multi_to_list must distinguish between values and defaultsJohn Estabrook
2020-11-22configdict: T3081: honor whitespace in multi node valuesJohn Estabrook
2020-11-21bridge: T3079: bugfix on VLAN 1 is deleted in VLAN-aware bridgesJACK
2020-11-20tunnel: T3072: remove debug print codeChristian Poessinger
2020-11-20wireguard: T2653: fix IPv6 peer address configurationChristian Poessinger
While migration to get_config_dict() was introduced in commit 789775af9f5 the logic for adding an IPv4 or IPv6 peer address was using the wrong dictionary to determine if it's an IPv4 or IPv6 address. We now use the proper peer dict over the wrong config dict.
2020-11-20wireguard: T3077: automatically create link-local IPv6 adressesChristian Poessinger
link-local addresses can still be disabled using: set interfaces wireguard wg0 ipv6 address no-default-link-local
2020-11-20tunnel: T3072: drop dead codeChristian Poessinger
2020-11-20tunnel: T3072: support changing tunnel encapsulation on-the-flyChristian Poessinger
2020-11-20tunnel: T3068: automatic generate link-local adressesChristian Poessinger
2020-11-20tunnel: T3072: migrate to get_config_dict()Christian Poessinger
2020-11-19ifconfig: T1405: ensure MAC address is configured firstChristian Poessinger
The MAC address is changed after we have set an IP address on the interface or started dhclient. This will cause some users to receive the wrong IP address on device startup. Change to order of how parameters are set in the system. The interface MAC address is now configured first.
2020-11-19bridge: T3067: Fix VLAN aware setting failure under WLAN (#613)JACK
In the implementation of T3042, it will cause two problems: 1. Even if VLAN awareness is not enabled, the VLAN settings of the vlan filter will be modified. When the bridge member has a WLAN interface, the error is exposed, so repair it here. You should not modify the related settings when the VLAN awareness mode is not enabled 2. Even if VLAN awareness is not enabled, the VLAN settings of the vlan filter will be modified. When the bridge member has a WLAN interface, due to special settings, the bridge mode cannot be entered and the settings cannot be completed directly. Therefore, the WLAN interface should be rejected Enter the bridge with VLAN awareness
2020-11-18Revert "wireless: T2241: add "wds" CLI option"Christian Poessinger
This reverts commit 806f35b5856c3f8dae634718a6a9e82cc90bb63a. Unfortunately this did not work our in the attempt to bridge a station to a bridge "brX" interface. Also adjusting the wireless interface during operation cause several exceptions and the feature is removed again as it was never in any production system.
2020-11-14Merge pull request #604 from jack9603301/T3042Christian Poessinger
bridge: T3042: Better fix implementation errors
2020-11-14bridge: T3042: Better fix implementation errorsjack9603301
In #601, I provided a basic patch. Under this patch, I rely on vif to detect the vlan id range that the bridge should flow through, which may lead to greater redundancy in the configuration, so I am considering detecting effective vlan filters In setting the range of vlan id that is required to flow through the bridge, I use set() to complete the deduplication of this vlan id and set it to the bridge uniformly (at the same time, I slightly modified the smoke test script)
2020-11-14Merge pull request #610 from vyos/revert-607-T2802Christian Poessinger
Revert "T2802: Tunnel interface does not apply EUI-64 IPv6 Address"
2020-11-14Revert "T2802: Tunnel interface does not apply EUI-64 IPv6 Address"Christian Poessinger
2020-11-14Revert "T3068: Automatic generation of IPv6 link local addresses for tunnel ↵Christian Poessinger
interfaces"
2020-11-13T2802: Tunnel interface does not apply EUI-64 IPv6 Addressernstjo
Generate an IPv6 Link Local address for wireguard interfaces.
2020-11-13Merge pull request #603 from ernstjo/T3068Christian Poessinger
T3068: Automatic generation of IPv6 link local addresses for tunnel interfaces
2020-11-13T3060: Fixing a backwares check on dh lengthkroy
2020-11-13vyos.template: provide general is_ip(v4|v6) helpersChristian Poessinger
We had two places were the is_ip, is_ipv4 and is_ipv6 helpers had been defined. All places now have been converged into vyos.template as they are used both in the Jinja2 templates and also in our scripts.
2020-11-13openvpn: T3051: fix creation of ifconfig-pool for client communicationChristian Poessinger
2020-11-13T3068: Automatic generation of IPv6 link local addresses for tunnel interfacesernstjo
Better implementation to assign link local addresses automatically because address only assigned to interfaces which supports IPv6 addresses.
2020-11-13T3068: Automatic generation of IPv6 link local addresses for tunnel interfacesernstjo
Tunnel interfaces hot having any IPv6 Link Local address because Linux Kernel does not assign address due to missing MAC. I have implemented a function to generate a linl local address and assign it to the interface. Link local address is required for OSPF and other protocols.
2020-11-13bridge: T3042: Fix VLAN filter invalid workjack9603301
1. Due to the previous focus on the implementation of VLAN filter, it was not considered to include MTU settings, which will lead to MTU setting errors in some cases 2. In order to make VLAN aware of the work of the bridge, it is necessary to specify the allowed VLAN ID range for the bridge itself, and forget to join it before
2020-11-12l2tpv3: T3059: fix interface state which is permanently downernstjo
2020-11-10bridge: T3042: Support VLAN filter and VLAN sub-interface on the bridgejack9603301
2020-11-03ifconfig: T2985: fix wireless-bridge creationChristian Poessinger
2020-11-01vyos.template: consolidate is_ipv(4|6) functionalityChristian Poessinger
2020-11-01openvpn: T2994: re-add ifconfig-pool statement in server configChristian Poessinger
Re-organize the template code and add addtitional Jinja2 filters for processing the ifconfig-pool statement. This reverts the changes from commit 7e546be9 ("openvpn: T2994: temporary revert to 1.2 crux behavior for client pools").
2020-11-01openvpn: T2994: remove workarounds for individual ipv4 and ipv6 keysChristian Poessinger
Remove workaround which split (local|remote)_address and also subnet keys into individual keys for the assigned IP address family (4/6). During template rendering check IP version by introducing new ipv4 and ipv6 Jinja2 filters {% if foo | ipv4 %} or {% if bar | ipv6 %} options.
2020-10-30openvpn: T2994: verify DH key lengthChristian Poessinger
2020-10-30openvpn: T2994: migrate to get_config_dict()Christian Poessinger
2020-10-29verify: T2587: allow MTU < 1280 when IPv6 is disabled on an interfaceChristian Poessinger
2020-10-28vyos.util: T2995: rename vyos_dict_search() -> dict_search()Christian Poessinger
Renamed using snippet below: ---------------------------- for file in $(find . -name "*.py") do sed -i "s/vyos_dict_search/dict_search/" $file done