summaryrefslogtreecommitdiff
path: root/smoketest/scripts/cli
AgeCommit message (Collapse)Author
2023-11-28Merge pull request #2536 from c-po/backport-pr-2527Christian Breunig
pppoe: T5630: make MRU default to MTU if unspecified (backport #2527)
2023-11-23smoketest: tftp: T4012: disable VRF based tests due to false positivesChristian Breunig
TFTP VRF support is working on a live system but the smoketests tend to fail. This commit removes the VRF based smoketests for TFTP server, to make the equuleus Jenkins builds work again.
2023-11-23pppoe: T5630: make MRU default to MTU if unspecifiedChristian Breunig
This fixes the implementation in e062a8c11 ("pppoe: T5630: allow to specify MRU in addition to already configurable MTU") and restores the bahavior that MRU defaults to MTU if MRU is not explicitly set. This was the behavior in VyOS 1.3.3 and below before we added ability to define the MRU value. (cherry picked from commit ffd7339e2ea3eafdd97ac0763ca4a3913fe71bf3)
2023-10-08pppoe: T5630: verify MRU is less or equal then MTUChristian Breunig
(cherry picked from commit e357258e645cf85de0035d4ecfbf99db4dd90f7e)
2023-10-08pppoe: T5630: allow to specify MRU in addition to already configurable MTUChristian Breunig
Set the MRU (Maximum Receive Unit) value to n. PPPd will ask the peer to send packets of no more than n bytes. The value of n must be between 128 and 16384, the default was always 1492 to match PPPoE MTU. A value of 296 works well on very slow links (40 bytes for TCP/IP header + 256 bytes of data). Note that for the IPv6 protocol, the MRU must be at least 1280. CLI: set interfaces pppoe pppoe0 mru 1280 (cherry picked from commit e062a8c11856f213983f5b41f50d4f9dbc0dde0f)
2023-08-28T5428: fix DHCP address renewal/release when running in VRFChristian Breunig
2023-08-25T4825: Add interface type vethViacheslav Hletenko
Add interface type veth (Virtual ethernet) One of the usecases it's interconnect different vrf's and default vrf via bridge set interfaces virtual-ethernet veth0 peer-name 'veth1010' set interfaces virtual-ethernet veth1010 address '10.0.0.10/24' set interfaces virtual-ethernet veth1010 peer-name 'veth0' set interfaces virtual-ethernet veth1010 vrf 'foo' set interfaces bridge br0 address '10.0.0.1/24' set interfaces bridge br0 member interface veth0 vyos@r1:~$ ping 10.0.0.10 count 1 PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 64 bytes from 10.0.0.10: icmp_seq=1 ttl=64 time=0.082 ms
2023-08-17T5486: smoketest: adjust to new process_named_running() implementationViacheslav Hletenko
After commit 9c677c8 ("vyos.util: extend process_named_running() signature with cmdline") we need an exact match for the process name. In the past we used a in b and now we test for a == b. Process name doesn't march 'ddclient' psutil.Process(pid=10987, name='ddclient - sleeping for 20 seconds', started='13:12:47' It cause smoketest fail
2023-07-19sshguard: T5354: Add service ssh dynamic-protectionViacheslav Hletenko
Sshguard protects hosts from brute-force attacks It can inspect logs and block "bad" addresses by threshold Auto-generates own tables and rules for nftables, so they are not intercept with VyOS firewall rules. When service stops, all generated tables are deleted. set service ssh dynamic-protection set service ssh dynamic-protection allow-from '192.0.2.1' set service ssh dynamic-protection block-time '120' set service ssh dynamic-protection detect-time '1800' set service ssh dynamic-protection threshold '30'
2023-06-26vrrp: T5315: add support to explicitly specify versionChristian Breunig
set high-availability vrrp group <name> version 2|3 (cherry picked from commit 6ca308182a7891e600a2e8749f7b12b566005576)
2023-04-11 T4939: backport VRRP startup delayfett0
2023-02-13smoketest: tftp: T4012: extend process scanning loop for VRFsChristian Breunig
This extends commit c6016db17ef ("smoketest: tftp: T4012: add busy waiting loop when validating service availability") so that we also wait when reading in the VRF result(s).
2023-02-13Merge pull request #1813 from sever-sever/T4971-eqChristian Breunig
T4971: PPPoE server add named ip pool and attr Framed-Pool
2023-02-13Merge pull request #1812 from sever-sever/T1993-eqDaniil Baturin
T1993: PPPoE-server add section shaper and fwmark option
2023-02-12T5001: Replace links to the phabricator siteChristian Breunig
Replace links to the phabricator site from https://phabricator.vyos.net to https://vyos.dev (cherry-picked form commit bd9416a6aa9d5d0a746dc2cebc8d0330fd27d1a2)
2023-02-12T4971: PPPoE server add named ip pool and attr Framed-PoolViacheslav Hletenko
Add a new feature to allow to use named pools Also it can be used with RADIUS attribute 'Framed-Pool' set service pppoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service pppoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'
2023-02-12T1993: PPPoE-server add section shaper and fwmark optionViacheslav Hletenko
Extended PPPoE-server rate-limiter to avoid shaping marked resources Often this feature needs for ISP, which provides access to some IX or its resources. set service pppoe-server shaper fwmark '223'
2023-02-05smoketest: tftp: T4012: add busy waiting loop when validating service ↵Christian Breunig
availability TFTP daemon is started as "fire and forget" and systemctl can return (thus commit will return) but the daemon itself is not yet running. This adds a loop checking if the service runs and will fail after 10 seconds.
2023-01-23pppoe: T4948: add CLI option to allow definition of host-uniq flagChristian Breunig
Some ISPs seem to use the host-uniq flag to authenticate client equipment. Add CLI option in VyOS to allow specification of the host-uniq flag. set interfaces pppoe pppoeN host-uniq <value> (cherry-picked from commit 38bab79324087df5a9057c23b85a0a784c09540a)
2023-01-20smoketest: tftp: do not add/remove interfaces for each testrun, use setUpClass()Christian Breunig
(cherry picked from commit 5cd2cd89b295c728f21c418c3fa081560a00eefc)
2023-01-20dhcp: T4832: fix TypeError in smoketestChristian Poessinger
Commit cca7ec3e ("T4832: dhcp: Add IPv6-only dhcp option support (RFC 8925)") extended the smoketests but used int over str when calilng the CLI wrapper. This led to: TypeError: sequence item 7: expected str instance, int found (cherry picked from commit a741a9297f02f938653aeaa1af3c4a57364e9215)
2023-01-15Merge pull request #1670 from vfreex/dhcp-v6-only-option-1.3Christian Breunig
[1.3] T4832: dhcp: Add dhcp option to signal IPv6-only support (RFC 8925)
2023-01-02smoketest: container: T578: adjust to podman 3.0.1 JSON outputChristian Poessinger
The podman version used in VyOS 1.3 differs from the one used in VyOS 1.4 as it is currently not possible to build podman 4.2 for Debian Buster. Due to this restriction we need to adjust the handling of the JSON output when working with container networks.
2022-12-31Merge pull request #1731 from c-po/t578-container-backportChristian Poessinger
container: T578: backport podman from 1.4 development branch (equuleus)
2022-12-30container: T578: backport podman from 1.4 development branchChristian Poessinger
2022-12-30smoketest: dummy: T4898: enable MTU testcaseChristian Poessinger
(cherry picked from commit 7923e7c57a7492111c7cec8b04228db0a6f00af3)
2022-12-26Merge pull request #1717 from roedie/1.3-T4809Christian Poessinger
T4809: radvd: (Backport) Allow the use of AdvRASrcAddress
2022-12-26smoketest: radvd: T4809: add test case for RA source addressChristian Poessinger
(cherry picked from commit 65b104d6e0608e229aa36d948fabddaf3f4a0a8b)
2022-12-22Merge pull request #1722 from aapostoliuk/webproxybackportChristian Poessinger
T3810: Fixed all issues in T3810
2022-12-22T3810: Fixed all issues in T3810aapostoliuk
1. Added in script update webproxy blacklists generation of all DBs 2. Fixed: if the blacklist category does not have generated db, the template generates an empty dest category in squidGuard.conf and a Warning message. 3. Added template generation for local's categories in the rule section. 4. Changed syntax in the generation dest section for blacklist's categories 5. Fixed generation dest local sections in squidGuard.conf 6. Fixed bug in syntax. The word 'allow' changed to the word 'any' in acl squidGuard.conf 7. Backported all changes from 1.4 to 1.3 which were made in T3810 8. Fixed webproxy smoketest
2022-12-17Merge pull request #1259 from hensur/equuleus-ipv6-local-routeChristian Poessinger
backport: T4515: T4219: policy local-route6 and inbound-interface support
2022-11-21T4832: dhcp: Add dhcp option to signal IPv6-only supportYuxiang Zhu
Clients supporting this DHCP option (DHCP option 108, per RFC 8925) will disable its IPv4 network stack for configured number of seconds and operate in IPv6-only mode. Example clients supporting this option including iOS 15+ and macOS 12.0.1+.
2022-09-05smoketest: T4652: upgrade PowerDNS recursor to 4.7 seriesChristian Poessinger
(cherry picked from commit f3420a967ad5597c57093b5279a844dca4c516c0)
2022-08-22bridge: T4632: vlan aware bridge lacks CPU forwardingChristian Poessinger
The VLAN aware bridge was forwarding traffic between member ports, but traffic destined torwards the CPU was dropped. This resulted in a gateway not reachable or DHCP leases that could not be handed out. Tested via: VyOS set interfaces bridge br0 enable-vlan set interfaces bridge br0 member interface eth1 allowed-vlan '10' set interfaces bridge br0 member interface eth1 allowed-vlan '20' set interfaces bridge br0 member interface eth1 allowed-vlan '30' set interfaces bridge br0 member interface eth1 allowed-vlan '40' set interfaces bridge br0 member interface eth1 native-vlan '40' set interfaces bridge br0 member interface eth2 allowed-vlan '30' set interfaces bridge br0 member interface eth2 allowed-vlan '20' set interfaces bridge br0 member interface eth2 allowed-vlan '10' set interfaces bridge br0 member interface eth2 allowed-vlan '40' set interfaces bridge br0 vif 10 address '10.0.10.1/24' set interfaces bridge br0 vif 20 address '10.0.20.1/24' set interfaces bridge br0 vif 30 address '10.0.30.1/24' set interfaces bridge br0 vif 40 address '10.0.40.1/24' Arista vEOS vlan 10,20,30,40 interface Ethernet1 switchport trunk allowed vlan 10,20,30,40 interface Vlan10 ip address 10.0.10.2/24 interface Vlan20 ip address 10.0.20.2/24 interface Vlan30 ip address 10.0.30.2/24 interface Vlan40 ip address 10.0.40.2/24 interface Ethernet1 switchport trunk allowed vlan 10,20,30,40 switchport mode trunk spanning-tree portfast Cisco vIOS interface GigabitEthernet0/0 ip address 10.0.40.3 255.255.255.0 duplex auto speed auto media-type rj45 ! interface GigabitEthernet0/0.10 encapsulation dot1Q 10 ip address 10.0.10.3 255.255.255.0 ! interface GigabitEthernet0/0.20 encapsulation dot1Q 20 ip address 10.0.20.3 255.255.255.0 ! interface GigabitEthernet0/0.30 encapsulation dot1Q 30 ip address 10.0.30.3 255.255.255.0 ! (cherry picked from commit f60d0e1ce029925b843f635b36154c90049b9577)
2022-08-15ocserv: openconnect: T4614: add support for split-dnsChristian Poessinger
set vpn openconnect network-settings split-dns <domain> (cherry picked from commit e41685a2f56cca0a53b4f8c084f61a85cf561c80)
2022-08-15smoketest: ocserv: implement config file validationChristian Poessinger
(cherry picked from commit bd102eac6d0c97a5f75324d1248814ebdad42da5)
2022-08-15smoketest: macsec: T4537: validate macsec_csindex for both AES-GCM-128 and ↵Christian Poessinger
AES-GCM-256 (cherry picked from commit e19889adf8cef101d85a279055271a68b078ec73)
2022-08-15smoketest: macsec: T4537: verify macsec_csindexChristian Poessinger
(cherry picked from commit 17e76dc77801ac58b2587f664c884c0d671a55c0)
2022-07-31smoketest: bridge: T4565: changes to lower interfaces must not destroy VLAN ↵Christian Poessinger
aware bridge (cherry picked from commit dbc8e243e13b370e74c6ab20b642c881b6377bd5)
2022-07-24Merge pull request #1416 from sever-sever/T2763-eqDaniil Baturin
snmp: T2763: Add protocol TCP for service SNMP
2022-07-18Merge pull request #1406 from c-po/equuleus-interface-fixesDaniil Baturin
equuleus: Bond and Bridge interface fixes + new smoketests
2022-07-18smoketest: bridge: also test QinQ bridge member interfacesChristian Poessinger
(cherry picked from commit 74d6a7e4fc9e2e929c5f899070e6fc3e3e3b5ceb)
2022-07-18bond: T4522: add ability to specify mii monitor interval via CLIChristian Poessinger
Linux Kernel supports to specify the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. A value of 100 is a good starting point. The default value is 100. set interfaces bonding bond0 mii-mon-interval <n> (cherry picked from commit 4315c8fa5bb090e2b7edd6bda205041623e2511d)
2022-07-18smoketest: bond: remove second instance of layer2+3 hash-policy testChristian Poessinger
(cherry picked from commit 8d1bb953b784d03e02ba26e78da5488a79aaf20d)
2022-07-15snmp: T2763: Add protocol TCP for service SNMPViacheslav Hletenko
Ability to listen TCP port for service SNMP set service snmp protocol tcp
2022-07-15smoketest: T4532: Fix for smoketest flow-accountingViacheslav Hletenko
Delete extra space for template uacctd.conf.tmpl Update smoketest to replace '.' with '-'
2022-07-11smoketest: bond: add testcase for conflicting bridge memberChristian Poessinger
A bond member can not also be used as a member of a bridge interface. (cherry picked from commit 19bfed0abd75adacb61f170606fff8b4d2e7713f)
2022-07-11smoketest: bond: add testcase for source-interface re-useChristian Poessinger
A bond member is not allowed to also be used as a source interface for e.g. PPPoE or MACsec. (cherry picked from commit 6fca4854aa2e950795ff0411abe4601f86bdeac0)
2022-07-07Merge pull request #1390 from c-po/t4456-ntp-equuleusChristian Poessinger
ntp: T4456: support listening on specified interface (equuleus)
2022-07-07smoketest: dns: T4509: use dedicated 6to4 testcaseChristian Poessinger
(cherry picked from commit 82945a7ff0899295776b5a4bc009fe6513bcdbda)