summaryrefslogtreecommitdiff
path: root/python
AgeCommit message (Collapse)Author
2020-06-02pppoe: T2542: do not attempt to create the pppoe interfaceThomas Mangin
2020-06-02vtun: T2542: do not attempt to create the vtun interfaceThomas Mangin
2020-05-29Merge pull request #439 from thomas-mangin/T2088-explicit-airbagChristian Poessinger
airbag :T2088: make airbag explicit
2020-05-29airbag: T2088: explicit enabling of the featureThomas Mangin
airbag must now be explicitly installed. the patch also allow to fully disables the installation of the logging code at setup (and not just installing and doing nothing)
2020-05-28dhcpc6-pd: T2506: bugfix config rendering on non PPPoE interfacesChristian Poessinger
After commit d5b58517f883 ("dhcpv6-pd: pppoe: T2506: restructure CLI") the CLI syntax has been adjusted for a better definition of DHCPv6-PD prefix length option. Verifying a properly rendered template indeed did not happen which cause the function to vanish for non PPPoE interfaces.
2020-05-26dhcpv6-pd: T2506: use common dictionary definition for config parametersChristian Poessinger
2020-05-26dhcpv6-pd: T2506: add option to request specific prefix lengthChristian Poessinger
Some ISPs (e.g. Comcast) only delegate a /64 by default. You have to explicitly "ask" for a bigger (e.g. /60) prefix. This commit adds a CLI node to request a specific prefix length in the range 32 - 64. dhcpv6-options { prefix-delegation { length 60 } }
2020-05-26dhcpv6-pd: pppoe: T2506: restructure CLIChristian Poessinger
Rename the CLI nodes for prefix delegation from "dhcpv6-options delegate <interface>" to "dhcpv6-options prefix-delegation interface <interface>". The change is required to add the possibility to request for specific prefix sized via the CLI. That option was not possible with the old configuration tree.
2020-05-22migration: T2496: default to new syntax of version string on saveJohn Estabrook
2020-05-21macsec: T2023: use wpa_supplicant for key managementChristian Poessinger
2020-05-21macsec: T2023: add optional encryption commandChristian Poessinger
By default MACsec only authenticates traffic but has support for optional encryption. Encryption can now be enabled using: set interfaces macsec <interface> encrypt
2020-05-21ifconfig: T2023: add initial MACsec abstractionChristian Poessinger
2020-05-20interface: T2023: adopt _delete() to common styleChristian Poessinger
2020-05-20interface: T2023: remove superfluous at end of listChristian Poessinger
2020-05-20util: T2467: fix missing importThomas Mangin
2020-05-19Merge pull request #414 from thomas-mangin/T2467Christian Poessinger
util: T2467: automatically add sudo to known commands
2020-05-19wireguard: T2481: support IPv6 based underlayChristian Poessinger
2020-05-19util: T2467: add systemctl to autosudoThomas Mangin
2020-05-19util: T2467: add autosudo as an option to commandThomas Mangin
2020-05-19dhcpv6-pd: T421: support ethernet based interfacesChristian Poessinger
Add support for prefix delegation when receiving the prefix via ethernet, bridge, bond, wireless.
2020-05-19configdict: T2372: use list over stringChristian Poessinger
2020-05-19configdict: T2372: add new interface_default_data dictChristian Poessinger
Dictionary is used to remove the amount of duplicated code by e.g. ethernet or bridge interface.
2020-05-18flake8: T2475: fix a number of issue reported by flake8Thomas Mangin
2020-05-17config: T2409: effective config should be empty at boot initializationJohn Estabrook
2020-05-17config: return empty dict if configuration under path is emptyJohn Estabrook
2020-05-17pppoe: dhcpv6-pd: T421: initial supportChristian Poessinger
The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0. pppoe pppoe0 { authentication { password vyos user vyos } description sadfas dhcpv6-options { delegate eth0 { interface-id 65535 sla-id 0 sla-len 8 } } ipv6 { address { autoconf } enable } source-interface eth1 } vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- eth0 2001:db8:8003:400::ffff/64 u/u
2020-05-17dhcpv6-pd: T421: migrate from ISC dhclient to wide-dhcpv6-clientChristian Poessinger
ISC does not support running the client on PPP(oE) interfaces which makes it unusable for DHCPv6 Prefix Delegation tasks. Internet Systems Consortium DHCP Client 4.4.1 Copyright 2004-2018 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Unsupported device type 512 for "pppoe0"
2020-05-11ifconfig/dhcp: T2449: remove accept_ra logic as it was wrongJernej Jakob
Currently accept_ra was set to 0 if 'address dhcpv6' was set on an interface. This is wrong, as without RA, the system will get no routes to the DHCPv6-obtained prefix. Since the logic for accept_ra was moved to the interface scripts, it can be removed from the dhclient code.
2020-05-11vlan: T2449: set accept_ra on vlan interfacesJernej Jakob
2020-05-11configdict: T2449: set accept_ra=2 if ipv6 address autoconf or dhcpv6 is setJernej Jakob
To make SLAAC and DHCPv6 work when forwarding=1, accept_ra must be 2 (default for accept_ra is 1).
2020-05-11interface: T2449: add ability to set accept_raJernej Jakob
2020-05-08Merge pull request #395 from thomas-mangin/T2417Christian Poessinger
validator: T2417: try to make the code clearer
2020-05-08Merge branch 'current' of github.com:thomas-mangin/vyos-1x into T2417Thomas Mangin
2020-05-08vlan: T2435: fix missing dict key in print variableJernej Jakob
2020-05-07debug: T1230: add time information to saved debug logsThomas Mangin
2020-05-06debug: T1230: add time information to saved debug logsThomas Mangin
2020-05-06validator: T2417: try to make the code clearerThomas Mangin
2020-05-06debug: T2426: remove invisible characters when printingThomas Mangin
2020-05-05configdict: T2427: clarify code commentsJernej Jakob
2020-05-05vlan: T2427: move code that applies VLANs to interface to common functionJernej Jakob
2020-05-05vlan: T2427: convert vlan config variables from lists to dictsJernej Jakob
Previously all vlan configs, which are dicts, were appended to a simple list, with the distinguishing 'id' stored inside the dicts themselves. This worked, but wasn't ideal. This commit converts them to dicts, where the key is the VLAN ID and value the config dict of that VLAN. This makes it posible to access single VLANs by their ID (key) and we can for-loop and get both the ID and config with: 'for vif_id, vif in conf["vif"].items():'
2020-05-05configdict: T2427: do not remove all addresses when disabling interfaceJernej Jakob
Commit 3fdf0093a introduced code that removed all addresses from an interface when that interface is disabled. This is wrong, as other configured services may be listening on these addresses and may fail to start if their configured address isn't present. It also caused a commit error when applying dhcp-server configuration: DHCP server configuration error! None of configured DHCP subnets does not have appropriate primary IP address on any broadcast interface. This commit reverts it to prior behavior, which was to just put the interface admin down and leave all addresses configured, other than the IPv6 'fe80::EUI-64/64' link-local, which it deletes, as the interface may not have a MAC if it's put down.
2020-05-05config: T2427: always return copies of listsJernej Jakob
Since lists in python are assigned by reference, taking the return value from these functions and modifying it will modify all other return values of functions that called the function before and did not explicitly copy it. To be safe, always make a copy of lists before returning them.
2020-05-04ifconfig: section: T2241: add get_config_path functionJernej Jakob
Add a function that converts an interface name to its config path. For example: 'eth0.1.2' -> 'ethernet eth0 vif-s 1 vif-c 2'
2020-05-04ifconfig: T2241: fix section _basename vlan strippingJernej Jakob
Previously the function returned the correct basename only for vif interfaces as it stopped at the 2nd dot. If we had a vif-s vif-c interface 'eth0.1.2' it would return 'eth0.'. It is now fixed to strip both vif-s and vif-c if 'vlan=True' (default).
2020-05-04validate: T2241: add func that checks if an interface has a configured addressJernej Jakob
2020-05-04vlan: T2241: make address and bridge membership mutually exclusiveJernej Jakob
Bridge members should not have addresses assigned.
2020-05-04configdict: T2241: don't add default IPv6 EUI64 if member of a bridgeJernej Jakob
Bridge members should not have addresses assigned.
2020-05-04vlan: T2241: fix falling out of bridge when changing settingsJernej Jakob
Previously, set_vrf was always called, which uses the same master and nomaster commands as bridge, so it removed the interface from the bridge. - add checks to make VRF and bridge membership mutually exclusive - always re-add the interface back to any bridge it is part of in case it is deleted and recreated (e.g. changing egress/ingress-qos)
2020-05-04interface: T2241: add function to add self to bridgeJernej Jakob
Will be called by all interface scripts to re-add themselves to a bridge after deleting and recreating themselves.