summaryrefslogtreecommitdiff
path: root/python/vyos
AgeCommit message (Collapse)Author
2020-02-14T2034: Disallow removal of default loopback addressesRunar Borge
The removal of interfaces loopback lo results in all address being removed from the loopback interface. (also not cli controlled addresses) In this process 127.0.0.1/8 and ::1/128 are also removed witch results in error for services that are dependent on these adresses, this includes eg. snmp and ssh Removal of these addresses needs to be disallowed by the config backend and removal of the whole config block interfaces loopback lo needs to result in removal of all non-default addresses only.
2020-02-13macvlan: T1635: migrate pseudo-ethernet interface definition to XML/PythonChristian Poessinger
2020-02-05smoke-test: adding generate cmd to configsessionhagbard
- in preparation for a wireguard cli test case, generate is used to create the keys later used in the config
2020-02-05service https: T1585: add support for letsencrypt certificatesJohn Estabrook
2020-02-01Revert "ifconfig: T2002: only admin up interfaces if parent interface is up"Christian Poessinger
This reverts commit 4a4e2b6386b4c036bbf4486a8a7ac7002d08158b.
2020-02-01Revert "ifconfig: T2002: T2009: bugfix for always disabled Ethernet/Bond ↵Christian Poessinger
interfaces" This reverts commit 95f7a440031c58b47fd88d6aa9fac3ddaf6ae231.
2020-02-01ifconfig: T2002: T2009: bugfix for always disabled Ethernet/Bond interfacesChristian Poessinger
Commit 4a4e2b6 ("ifconfig: T2002: only admin up interfaces if parent interface is up") contained an inheritance issue where the Ethernet and Bond interface was always admin down. This was caused by wrong calls in the inheritance structure.
2020-01-31ifconfig: T2002: only admin up interfaces if parent interface is upChristian Poessinger
On an A/D (administrative down) interface the VLAN code tries to still admin up the interface. This won't work and the kernel will complain with: RTNETLINK answers: Operation not permitted With this change the VLAN interface is only enabled when the parent interface is administrative up, too.
2020-01-29T1989: use explicit active/working showConfig options to prevent getting diffsDaniil Baturin
when there are uncommitted changes.
2020-01-25vyos.validate: improve is_ipv6_link_local() logicChristian Poessinger
2020-01-25vyos.validate: remove interface suffix when running is_ipv6_link_local()Christian Poessinger
Commit 17dd50751d ("bfd: T1949: fix verification logic for IPv6 BFD peers") added a mechanism to probe if an IPv6 address is link-local or not. Sometimes an interface suffix is appended by %interface to a link-local address, as we need to know an interface for which this address is (hence the name) link-local. Remove any interface identifier before checking if the address is local or not.
2020-01-24Python: T1986: close subprocess channelChristian Poessinger
Without closing the communication channel to the subprocess, Python will complain e.g. when executing vyos-smoketest binary. /usr/lib/python3/dist-packages/vyos/configsession.py:110: ResourceWarning: unclosed file <_io.BufferedReader name=3> self.__run_command([CLI_SHELL_API, 'setupSession']) ResourceWarning: Enable tracemalloc to get the object allocation traceback
2020-01-20Merge pull request #199 from bmhughes/fix-ipv6-bfd-verificationChristian Poessinger
bfd: T1949: fix verification logic for IPv6 BFD peers
2020-01-14vrrp: T1884: Keep transition-script native behaviour and implement ↵DmitriyEshenko
transaction-script 'stop'
2020-01-14T1950: Add support for reading component versions from JSON fileJohn Estabrook
2020-01-09bfd: T1949: fix verification logic for IPv6 BFD peersBenjamin M. Hughes
IPv6 BFD peers only require a source address unless link-local addresses are used.
2020-01-03ifconfig: T1939: provide abstraction for interface "ip" optionChristian Poessinger
Provide an XML/Python abstraction to * ip disable-arp-filter * ip enable-arp-accept * ip enable-arp-announce * ip enable-arp-ignore The old implementation can co-exist until the last interfaces have been migrated.
2020-01-02ifconfig: T1557: refactor apply_vlan_config() functionChristian Poessinger
instead of providing three copies of the same method in bonding, ethernet and wireless, make a common function in vyos.ifconfig_vlan.apply_vlan_config().
2019-12-31l2tpv3: T1923: support interface deletionChristian Poessinger
2019-12-31l2tpv3: T1923: implementation in XML/PythonChristian Poessinger
Tested using: R1: --- set interfaces l2tpv3 l2tpeth10 address '2001:db8:beef::1/64' set interfaces l2tpv3 l2tpeth10 address '100.0.0.1/24' set interfaces l2tpv3 l2tpeth10 destination-port '3000' set interfaces l2tpv3 l2tpeth10 encapsulation 'udp' set interfaces l2tpv3 l2tpeth10 local-ip '172.18.201.10' set interfaces l2tpv3 l2tpeth10 peer-session-id '10' set interfaces l2tpv3 l2tpeth10 peer-tunnel-id '100' set interfaces l2tpv3 l2tpeth10 remote-ip '172.18.204.10' set interfaces l2tpv3 l2tpeth10 session-id '20' set interfaces l2tpv3 l2tpeth10 source-port '6000' set interfaces l2tpv3 l2tpeth10 tunnel-id '200' R2: --- set interfaces l2tpv3 l2tpeth10 address '2001:db8:beef::2/64' set interfaces l2tpv3 l2tpeth10 address '100.0.0.2/24' set interfaces l2tpv3 l2tpeth10 destination-port '6000' set interfaces l2tpv3 l2tpeth10 encapsulation 'udp' set interfaces l2tpv3 l2tpeth10 local-ip '172.18.204.10' set interfaces l2tpv3 l2tpeth10 peer-session-id '20' set interfaces l2tpv3 l2tpeth10 peer-tunnel-id '200' set interfaces l2tpv3 l2tpeth10 remote-ip '172.18.201.10' set interfaces l2tpv3 l2tpeth10 session-id '10' set interfaces l2tpv3 l2tpeth10 source-port '3000' set interfaces l2tpv3 l2tpeth10 tunnel-id '100'
2019-12-31ifconfig: vxlan: change VXLANIf APIChristian Poessinger
2019-12-31ifconfig: geneve: always place interface in A/D stateChristian Poessinger
2019-12-31geneve: use proper variable nameChristian Poessinger
2019-12-23lldp: T1898: support multiple management addressesChristian Poessinger
- management-address is not a <multi/> node - added new vyos.validate.is_loopback_addr() function - returns true is address passed is a looback address
2019-12-16Merge branch 'current' into equuleushagbard
2019-12-12ethernet: T1637: do not delete VIFs on every commitChristian Poessinger
A delta-check problem caused the deletion of each and every VLAN interface when anything under an interface has been changed. This also cause PPPoE session interruptions.
2019-12-11vyos.config: T1846: ignore edit level when obtaining running configJohn Estabrook
In addition to ignoring edit level for the session config (12a21a4b), the running config should be parsed from the top level.
2019-12-10vyos.config: T1862: restore regex after mergeJohn Estabrook
2019-12-10Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: T1855, T1826: Restore support for reboot/poweroff in M minutes. vyos.config: T1764: allow for list argument to exists, in value case vyos.config: T1846: ignore edit level when obtaining working config T1843: use include files for interface proxy-arp-pvlan option T1843: use include files for interface proxy-arp configuration T1843: use include files for interface arp-cache-timeout configuration T1843: use include files for interface link-detect feature T1843: use include files for interface MTU size T1843: use include files for interface MAC address T1843: use include files to disable interface (admin down) T1843: use include files for interface description T1843: use include files for DHCP/DHCPv6 options T1843: recursively include IP address definitions in VIF/VIF-S definitions T1843: add support for recursive includes T1843: use include files for VIF/VIF-S interfaces T1843: use include files for IPv4/IPv6 interface address configuration T1843: run interface-definitions though GCC preprocessor
2019-12-09vyos.config: T1764: allow for list argument to exists, in value caseJohn Estabrook
2019-12-09vyos.config: T1846: ignore edit level when obtaining working configJohn Estabrook
2019-12-06equuleus: T1862: Use regex pattern \s+ to split strings on whitespaceJohn Estabrook
2019-12-06Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: openvpn: bridge: T1556: remove obsolete bridge-group definition ifconfig: T1849: fix DHCPv6 startup Python/VyOS validate: T1849: handle is_ipv6()/is_ipv6() exceptions ifconfig: T1793: remove dhcpv6 client debug output ddclient: T1853: bugfix TypeError exception syslog: T1845: syslog host no longer accepts a port syslog: code formatting syslog: T1845: syslog host no longer accepts a port syslog: renaming files and conf script to fit new scheme T1855, T1826: clean up the reboot/shutdown script. wireguard: T1853: disable peer doesn't work Revert "syslog: T1845: syslog host no longer accepts a port" dmvpn: T1784: Add swanctl load call syslog: T1845: syslog host no longer accepts a port [vyos.config] T1847: correctly set_level for path given as empty string
2019-12-06ifconfig: T1849: fix DHCPv6 startupChristian Poessinger
2019-12-06Python/VyOS validate: T1849: handle is_ipv6()/is_ipv6() exceptionsChristian Poessinger
2019-12-06ifconfig: T1793: remove dhcpv6 client debug outputChristian Poessinger
2019-12-04[vyos.config] T1847: correctly set_level for path given as empty stringJohn Estabrook
2019-12-04Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: shutdown: T1826: Modify cancel reboot msg T1801: move escaping of backslashes into configtree vxlan: T1636: remove unused import statements geneve: T1799: remove unused import statements
2019-12-03T1801: move escaping of backslashes into configtreeJohn Estabrook
2019-11-28Merge branch 'current' into equuleushagbard
2019-11-25T1824: restore original umaskJohn Estabrook
2019-11-25T1824: set write permissions for cfg_group on vyos-migrate.logJohn Estabrook
2019-11-24Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: bridge: T1673: re-use "base" variable bridge: T1673: add missing VLAN bridge member migration geneve: T1799: add misssing "vni" to default_config_data vxlan: T1636: add misssing "vni" to default_config_data geneve: T1799: set minimum MTU size 1500 bytes geneve: T1799: add IPv4 routing parameters geneve: T1799: support bridging geneve: T1799: add Generic Network Virtualization Encapsulation
2019-11-24geneve: T1799: add Generic Network Virtualization EncapsulationChristian Poessinger
2019-11-23Merge branch 'current' into equuleusChristian Poessinger
* current: wireless: T1627: support station mode wireless: T1627: support DHCP(v6) addresses wireless: T1627: add support for RADIUS source-address wireless: T1627: RADIUS servers must have a key specified wireless: T1627: change RADIUS CLI syntax l2tp: harmonize RADIUS wording wireless: T1627: re-order WPA key in hostapd config wireless: T1627: change priority from 318 to 400 wireless: T1627: fix generated ht_capab and vht_capab wireless: T1627: fix regex for 'ht channel-set-width' wireless: T1627: config migrator does not support camel casing wireless: T1627: initial rewrite of show-wireless.pl in Python wireless: T1627: add op-mode commands wireless: T1627: initial rewrite in XML/Python style pppoe-server: T1821: Set radius module priority T1818: Print name of migration script on failure T1814: Add log of migration scripts run during config migration vyos-hostsd: T1812: run increment first [vyos-hostsd] T1812: Reload pdns on dhcp client update migration-scripts: l2tp: T1811: add missing check on server existence
2019-11-21T1818: Print name of migration script on failureJohn Estabrook
2019-11-21T1814: Add log of migration scripts run during config migrationJohn Estabrook
2019-11-17Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: dns: T1786: add proper processing of 'system disable-dhcp-nameservers' openvpn: fix typo in op-mode command on display rx bytes T1801: escape isolated backslashes before passing to ConfigTree() wireless: T1627: fix interface names for list_interfaces.py [service https] T1443: add setting of HTTPS listen port
2019-11-17T1801: escape isolated backslashes before passing to ConfigTree()John Estabrook
2019-11-11Merge branch 'current' of github.com:vyos/vyos-1x into equuleusChristian Poessinger
* 'current' of github.com:vyos/vyos-1x: ifconfig: T1793: extend set_speed_duplex() delta check [OpenVPN]: T1704: Added uppercase entries of ncp-ciphers, since there seems to be a bug in OpenVPN client when comparing pushed cipher with local ncp cipher list [OpenVPN]: T1704: Moved ncp-ciphers out of encryption block in config template [OpenVPN]: T1704: Changed the description of ncp-ciphers in config [OpenVPN]: T1704: Added function for ncp-ciphers, and ability to disable it. [OpenVPN]: T1704: Changed config structure for OpenVPN encryption to support ncp-ciphers. [OpenVPN]: T1704: Added migration scripts for interface 2-to-3 Intel QAT: T1788: Intel QAT implementation ifconfig: T1793: add delta check on set_speed_duplex() ifconfig: T1793: add delta check on set_flow_control() Python/ifconfig: wireguard: remove trailing whitespaces l2tp: T1747: automatically calculate gw-ip-address QAT: T1788: Intel QAT implementation