Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-04-09 | Merge pull request #1242 from goodNETnick/ocserv_local_otp | Christian Poessinger | |
ocserv: T4231: Added OTP support for Openconnect 2FA | |||
2022-04-09 | ocserv: T4231: Added OTP support for Openconnect 2FA | goodNETnick | |
2022-04-08 | smoketest: vrf: T4346: IPv6 address family can no longer be disabled in the ↵ | Christian Poessinger | |
Kernel | |||
2022-04-07 | smoketest: http: add check for missing key | John Estabrook | |
2022-04-07 | smoketest: http: bind http api to unix domain socket | John Estabrook | |
2022-04-07 | policy: T4194: simplify prefix-list duplication checks | Christian Poessinger | |
Commit 5dafe255d ("policy: T4194: Add prefix-list duplication checks") added first support for FRR prefix-list duplication checks. FRR does not allow to specify the same profix list rule multiple times. vyos(config)# ip prefix-list foo seq 10 permit 192.0.2.0/24 vyos(config)# ip prefix-list foo seq 20 permit 192.0.2.0/24 % Configuration failed. Error type: validation Error description: duplicated prefix list value: 192.0.2.0/24 There is a VyOS verify() function which simply probed for the prefix, action, le and ge settings - but as Python has excellent support when comparing data, this can be as simple as a dictionary comparison using "==". | |||
2022-04-07 | ipv6: T4346: delete (migrate) CLI command to disable IPv6 address family | Christian Poessinger | |
2022-04-06 | Merge pull request #1275 from sarthurdev/firewall_limit | Christian Poessinger | |
firewall: T4345: Fix incorrect firewall rule limit rate format | |||
2022-04-06 | firewall: T4345: Fix incorrect rule limit rate syntax | sarthurdev | |
2022-04-06 | smoketest: http: test API authentication | Christian Poessinger | |
2022-04-06 | smoketest: http: verify nginx config file | Christian Poessinger | |
2022-04-06 | smoketest: vrf: T4331: IPv6 link-local addresses not configured for ↵ | Christian Poessinger | |
interface in VRF | |||
2022-04-04 | smoketest: login: verify test accounts are properly deleted | Christian Poessinger | |
2022-04-04 | smoketest: ssh: verify SSH service is stopped on removal | Christian Poessinger | |
2022-04-04 | smoketest: ssh: verify login of valid and invalid test user | Christian Poessinger | |
In order to test for proper system authentication and security setup a new testcase is added which performs an SSH login and command execution with a predefined user. The result (output of uname -a) must match the output if the command is run natively. We also try to login as an invalid user - this is not allowed to work. | |||
2022-04-03 | smoketest: ospfv3: remove obsolete "end=''" statement in VRF interface | Christian Poessinger | |
This is actually no longer required in FRR 8.2.2 | |||
2022-04-03 | smoketest: ospfv3: T4302: adjust to FRR 8.2 CLI | Christian Poessinger | |
2022-04-03 | smoketest: ospf(v3): ensure we can also run this test on a live system | Christian Poessinger | |
2022-04-03 | smoketest: isis: support running on live systems | Christian Poessinger | |
2022-04-03 | smoketest: isis: extend testcase to verify 'is-type level-2-only' can be set | Christian Poessinger | |
2022-04-01 | smoketest: bgp: adjust test parameter indention | Christian Poessinger | |
2022-04-01 | bgp: T4332: addpath-tx-per-as requires BGP deterministic-med paramtere to be set | Christian Poessinger | |
2022-04-01 | smoketest: bgp: verify graceful-restart options per neighbor | Christian Poessinger | |
2022-03-31 | vyos.ifconfig: T4330: bugfix changing MTU when IPv6 is disabled | Christian Poessinger | |
Commit f8b3d8999c ("ipv6: T4319: do not configure IPv6 related settings if it's disabled") moved the MTU configuration part under the code path which is only run if IPv6 is enabled on the system. This prevented MTU changes on IPv6 disabled systems. | |||
2022-03-31 | Merge pull request #1258 from c-po/t4319-disable-ipv6 | Christian Poessinger | |
T4319: bugfixes for disabled IPv6 (current) | |||
2022-03-31 | bgp: T4326: Add bgp parameter no-suppress-duplicates | Viacheslav Hletenko | |
Add new bgp parameter 'no-suppress-duplicates' set protocols bgp parameters no-suppress-duplicates | |||
2022-03-30 | smoketest: T4319: verify correct assignment of loopback IP addresses | Christian Poessinger | |
2022-03-25 | smoketest: ipv6: fix testcase after using new sysctl interface | Christian Poessinger | |
2022-03-25 | smoketest: mpls: disable debug output | Christian Poessinger | |
2022-03-19 | smoketest: Verify export-list rule to ospf-area | fett0 | |
2022-03-16 | frr: T4302: fix Jinja2 template to match new FRR syntax | Christian Poessinger | |
According to a wrong bug [1] there is no longer a vrf suffix available for interfaces. This got changed in [2] which no longer print vrf name for interface config when using vrf-lite. 1: https://github.com/FRRouting/frr/issues/10805 2: https://github.com/FRRouting/frr/pull/10411 | |||
2022-03-16 | smoketest: remove failfast=True from certian tests | Christian Poessinger | |
2022-03-15 | frr: T4302: upgrade to version 8.2 | Christian Poessinger | |
2022-03-10 | Revert "component_version: T4291: consolidate read/write functions" | John Estabrook | |
This reverts commit 534f677d36285863decb2cdff179687b4fd690cb. Revert while investigating failure in vyos-configtest. | |||
2022-03-08 | component_version: T4291: consolidate read/write functions | John Estabrook | |
2022-03-06 | smoketest: config: add "recent" firewall rule to dialup-router | Christian Poessinger | |
2022-03-03 | static: T4283: support "reject" routes - emit an ICMP unreachable when matched | Christian Poessinger | |
2022-03-01 | flow-accounting: T4277: support sending flow-data via VRF interface | Christian Poessinger | |
It should be possible to send the gathered data via a VRF bound interface to the collector. This is somehow related to T3981 but it's the opposite side of the netflow process. set system flow-accounting vrf <name> | |||
2022-02-28 | ssh: T4273: bugfix cipher and key-exchange multi nodes | Christian Poessinger | |
After hardning the regex validator to be preceeded with ^ and ending with $ it was no longer possible to have a comma separated list as SSH ciphers. The migrations cript is altered to migrate the previous comma separated list to individual multi node entries - cipher and key-exchange always had been multinodes - so this just re-arranges some values and does not break CLI compatibility | |||
2022-02-26 | smoketest: lldp: add testcase | Christian Poessinger | |
(cherry picked from commit 2fd5eea801bb524c12217c26d98c44a819b2086e) | |||
2022-02-25 | smoketest: zone-policy: use setUpClass() over setUp() | Christian Poessinger | |
2022-02-25 | smoketest: webproxy: use setUpClass() over setUp() | Christian Poessinger | |
2022-02-23 | smoketest: tunnel: indention fixup | Christian Poessinger | |
2022-02-23 | tunnel: T4267: "parameters ip key" on GRE not required for different remotes | Christian Poessinger | |
2022-02-22 | Merge pull request #1230 from sever-sever/T1856 | Christian Poessinger | |
ipsec: T1856: Ability to set SA life bytes and packets | |||
2022-02-21 | Merge pull request #1231 from sever-sever/T3948 | Christian Poessinger | |
ipsec: T3948: Add CLI site-to-site peer connection-type none | |||
2022-02-21 | smoketest: vxlan: T4120: verify support for multiple remote addresses | Christian Poessinger | |
2022-02-20 | vxlan: T4120: add ability to set multiple remotes (PR #1127) | Andreas | |
VXLAN does support using multiple remotes but VyOS does not. Add the ability to set multiple remotes and add their flood lists using "bridge" command. | |||
2022-02-20 | ipsec: T3948: Add CLI site-to-site peer connection-type none | Viacheslav Hletenko | |
set vpn ipsec site-to-site peer 192.0.2.14 connection-type none | |||
2022-02-20 | smoketest: dhcp: T4203: set missing interface options if present | Christian Poessinger | |
Commit 5d14a04b ("smoketest: dhcp: T4203: move testcase to base class") added global support in the test case framework for DHCP tests. Some interfaces (e.g. MACsec) require additional options to be passed before the test can be launched. In the MACsec case this includes a source interface, or encryption ciphers. |