summaryrefslogtreecommitdiff
path: root/python/vyos
AgeCommit message (Collapse)Author
2021-01-19nat: T2947: add many-many translationChristian Poessinger
Support a 1:1 or 1:n prefix translation. The following configuration will NAT source addresses from the 10.2.0.0/16 range to an address from 192.0.2.0/29. For this feature to work a Linux Kernel 5.8 or higher is required! vyos@vyos# show nat source { rule 100 { outbound-interface eth1 source { address 10.2.0.0/16 } translation { address 192.0.2.0/29 } } } This results in the nftables configuration: chain POSTROUTING { type nat hook postrouting priority srcnat; policy accept; oifname "eth1" counter packets 0 bytes 0 snat ip prefix to ip saddr map { 10.2.0.0/16 : 192.0.2.0/29 } comment "SRC-NAT-100" }
2021-01-17smoketest: bridge: T3226: Repair bridge smoke test damagejack9603301
2021-01-17bridge: T3137: Fix variable errors in VLAN sensor bridge configuration programjack9603301
2021-01-16vyos.configdict: node_changed() now accepts key mangling parameterChristian Poessinger
2021-01-16bridge: T3137: Support disable native VLANjack9603301
2021-01-16Merge pull request #677 from jack9603301/T3137Christian Poessinger
bridge: T3137: Let VLAN aware bridge approach the behavior of professional equipment
2021-01-15tunnel: T3173: path MTU discovery option should be valuelessChristian Poessinger
2021-01-15bridge: T3137: Delete blank linesjack9603301
2021-01-15bridge: T3137: Better implementation of VLAN aware Bridgejack9603301
2021-01-15bridge: T3137: Let VLAN aware bridge approach the behavior of professional ↵jack9603301
equipment According to the consensus, the specific behavior of a VLAN aware bridge should conform to the behavior of professional equipment. This commit makes a significant change to the behavior of VLAN aware bridge, and has the following behaviors: 1. Disable `vif 1` configuration 2. When the VLAN aware bridge is enabled, the parent interface is always VLAN 1 3. When `native-vlan` is not configured, the default behavior of the device is `native-vlan 1` 4. The VLAN ids forwarded by the bridge are determined by `vif` 5. It has an `enable-vlan` node to enable VLAN awareness 6. VLAN configuration is allowed only when VLAN aware bridge is activated
2021-01-13ifconfig: T2653: return empty string when there is no interface descriptionChristian Poessinger
After switching to iproute2 in commit 92f36735 ("ifconfig: T2653: use iproute2 commands for alias, mac and mtu set()/get()" it is necessary to return an empty string as iproute2 returns None.
2021-01-12ifconfig: T2653: use iproute2 commands for alias, mac and mtu set()/get()Christian Poessinger
2021-01-12tunnel: T3205: bugfix gre-bridge interfacesChristian Poessinger
2021-01-07vyos.configverify: provide generic helper to check for interface existenceChristian Poessinger
2021-01-07login: radius: T3192: migrate to get_config_dict()Christian Poessinger
2021-01-06dhcpv6-pd: verify: T3193: detect conflict between auto-assigned and ↵Brandon Stepler
configured SLA-IDs "data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on lines 39, 46, and 52.
2021-01-06dhcpv6-pd: verify: T3193: allow multiple auto-assigned SLA-IDsBrandon Stepler
"data/templates/dhcp-client/ipv6.tmpl" handles the auto-assigning of SLA-IDs on lines 39, 46, and 52.
2021-01-06dhcpv6-pd: verify: T3193: allow more than one VLAN interfaceBrandon Stepler
VLAN interfaces contain periods, which make them incompatible with dict_search().
2021-01-06ifconfig.interface: use Python3 f-ormat stringChristian Poessinger
2021-01-05vyos.validate: import cleanupChristian Poessinger
2021-01-04mirror: T3089: bugfix is_mirror_intf code pathChristian Poessinger
2021-01-03mirror: add verify() check so we can not mirror back to our selfChristian Poessinger
2021-01-03mirror: T3089: remove redundant code pathsChristian Poessinger
- remove redundant code paths apply_mirror() / apply_mirror_of_monitor() - have single source available
2021-01-02ethernet: T3171: always use full CPU enable bitmask over computational maskChristian Poessinger
The Linux Kernel supports enabling more cores for RPS then we actually have. It does internal clipping/validation so there is no need for us to calculate the specifc enable mask we can simply throw "all -1" at the Kernel.
2021-01-02ifconfig: ethernet: fixup line breaksChristian Poessinger
2021-01-01ethernet: T3171: add CLI option to enable RPS (Receive Packet Steering)Christian Poessinger
set interfaces ethernet <interface> offload rps
2020-12-29ethernet: T1466: add EAPoL supportChristian Poessinger
2020-12-28webproxy: T563: squidguard: support default rulesetChristian Poessinger
2020-12-26mirror: T3150: When configuring QOS, the setting procedure of port mirroring ↵jack9603301
is wrong In e8957b5, we used json to parse the `tc qdisc` filter to determine whether it needs to be deleted (reduction of exception mechanism), but now we find that the json output by this command will output unparsed json in some cases, so We have to go back to the processing of the exception mechanism
2020-12-23xdp: T2666: move CLI node to "interfaces ethernet <eth> xdp"Christian Poessinger
2020-12-20ethernet: T3140: remove debug codeChristian Poessinger
2020-12-20Revert "dhcpv6: T3134: add missing duid support"Christian Poessinger
This reverts commit 9541355433e202fade4692851bffa33ba9d48f44.
2020-12-20ethernet: T3140: relax "ethernet offload-options" CLI definitionChristian Poessinger
Migrate from ethernet eth1 { offload-options { generic-receive on generic-segmentation on scatter-gather on tcp-segmentation on udp-fragmentation on } } to ethernet eth1 { offload { ufo tso sg gso gro } }
2020-12-20wifi: T2875: support bridging of wireless AP interfaceChristian Poessinger
2020-12-20dhcpv6: T3134: add missing duid supportChristian Poessinger
2020-12-19xdp: T2666: switch to example code provided by xdp-tutorialChristian Poessinger
2020-12-17ifconfig: T2653: switch to Python3 f(ormatted) stringsChristian Poessinger
2020-12-17xdp: T2666: use generic "xdp" option when loadingChristian Poessinger
Using 'xdp' will automatically decide if the driver supports 'xdpdrv' or only 'xdpgeneric'. A user later sees which driver is actually in use by calling 'ip a' or 'show interfaces ethernet'.
2020-12-17xdp: T2666: initial XDP (generic mode) forwarding supportChristian Poessinger
The CLI command 'set interfaces ethernet <interface> offload-options xdp" enables the XDP generic mode on the given interface. vyos@vyos:~$ show interfaces ethernet eth1 eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 xdpgeneric/id:151 qdisc mq state DOWN group default qlen 1000 link/ether 00:50:56:bf:ef:aa brd ff:ff:ff:ff:ff:ff inet6 fe80::250:56ff:febf:efaa/64 scope link tentative valid_lft forever preferred_lft forever Description: fooa XDP code is thankfully copied from [1], thank you for this nice tutorial. NOTE: this is an experimental feature which might break your forwarding/filtering. [1]: https://medium.com/swlh/building-a-xdp-express-data-path-based-peering-router-20db4995da66
2020-12-14interface: mirror: T3089: Improve logic to reduce unnecessary lines of codejack9603301
2020-12-13interfaces: mirror: T3089: Fix the dependency problem between interfacesjack9603301
Since the dependency problem has not been solved before, if the monitoring interface does not exist when the mirror rule is created, the execution will be abnormal
2020-12-13interfaces: T3114: Modify the logic of the second addition to complete the ↵jack9603301
setting and streamline the code
2020-12-13interfaces: T3114: Improve VLAN ID setting logic in `bridge`jack9603301
2020-12-13interfaces: T3114: When the VLAN aware option is not detected, the setting ↵jack9603301
of `bridge` should not be overwritten
2020-12-13interfaces: T3114: Improve the processing of enabling logic for ↵jack9603301
`vlan_filter` to avoid redundant paths
2020-12-13interfaces: T3114: Remove some redundant codejack9603301
2020-12-13interfaces: T3114: Fix VLAN-aware bridge setting failurejack9603301
2020-12-08Merge pull request #633 from jack9603301/T3089Christian Poessinger
mirror: T3089: support two-way traffic mirroring
2020-12-08mirror: T3089: support two-way traffic mirroringjack9603301
2020-12-07vyos.ifconfig: T1579: keep IPv6 link-local address on reconfiguration #2Christian Poessinger
This is the second attempt after commit d247736f ("vyos.ifconfig: T1579: do not remove IPv6 link-local address on reconfiguration"). We only clean out link-local IPv6 addresses left over after an interface MAC change.