summaryrefslogtreecommitdiff
path: root/src/validators
AgeCommit message (Collapse)Author
2022-01-15wireguard: T4183: Allow setting ipv6 link local addres for peerViacheslav
Allow setting ipv6-link-local addresses as peer address for wireguard interfaces Add validator "ipv6-link-local"
2021-12-16T3006: add a range validatorDaniil Baturin
(cherry picked from commit 45d2429aa5d2ffafacdc5d9d00b7097169592427)
2021-12-12validator: T4036: validate if multicast address is single (no netmask)Christian Poessinger
(cherry picked from commit c3471fe9d4cf0aab46feae94618925a95bcd5411)
2021-12-06validators: T4053: Fix exit code for scriptViacheslav
(cherry picked from commit 001cc6655f1864a46b573dae13c8f33bbf224239)
2021-12-06validators: T4052: Fix for warn message in the validator scriptViacheslav
Validator expects variable "script" for the Warning message But it gets undeclared "path" (cherry picked from commit b6fbe6d3a5e8de4f90aa9fba61ca7491f9959ed0)
2021-09-18validator: T2417: bugfix on Python3 f'ormat stringsChristian Poessinger
Commit 3639a5610b590a ("validator: T2417: try to make the code clearer") introduced Python3 f'ormatted strings but missed the "f" keyword. (cherry picked from commit dda9f655f94968b07043887a03e3bba176eb94d5)
2021-08-31ssh: T3789: add custom validator for base64 encoded CLI dataChristian Poessinger
SSH keys used for remote login are supplied as base64 encoded data on the CLI. The key is not validated, thus an invalid copy/pasted key will render the login useless. This commit adds a custom and re-usable validator which check if the data is properly base64 encoded. (cherry picked from commit 00efce716912680354d47a2dca9769cd8c5c89ae)
2021-08-22bridge: T3137: backport vlan features from 1.4 currentChristian Poessinger
2021-07-02conntrack-sync: T3535: Rewrite conf and op modes to XML python styleViacheslav
2021-06-13wwan: T3620: rename "wirelessmodem wlm" interfaces to new wwan interface treeChristian Poessinger
(cherry picked from commit c2a1c071e7d0a9ca754d7f5016eed7db188b3d1a)
2021-03-21validate: T3418: interface-name should also allow all local present interfacesChristian Poessinger
The regex only validated interfaces according to the VyOS naming scheme, but third party interfacs that are legit (e.g. exists within the kernel) failed to validate. The validator now also supports any kind of local interfaces attached to the OS kernel. (cherry picked from commit 911fe645928750f3ce38061a94c9b6db50db0749)
2021-03-17ipv6: eui64: T3413: add custom validatorChristian Poessinger
VyOS 1.2 (crux) rejected prefixes other then of site /64. [ interfaces ethernet eth0 ipv6 address eui64 2006:ab00:abe1::2/127 ] Error: Prefix lenght is 127. It must be 64. Same should be done on VyOS 1.3 and newer (cherry picked from commit 6f6cd6552384704700f08e9367e167796b1f7fde)
2021-02-28validators: fqdn: T3370: support "private" or "local" domain namesChristian Poessinger
(cherry picked from commit 04724ed189553ce43f8504f68fef8024ef5796de)
2021-02-24validators: interface-name script must also support VLAN interfacesChristian Poessinger
(cherry picked from commit 25b86442d987bf57a801a607648527aaf6158d69)
2021-02-19validator: T3326: add missing interfaces (e.g. ppp and l2tpv3)Christian Poessinger
(cherry picked from commit f67568bc2307706116f5509fca3a188dc4ab5d48)
2021-02-05xml: add new common interface-name validatorChristian Poessinger
2021-01-30dhcpv6: T3240: support per-interface client DUIDsBrandon Stepler
(cherry picked from commit b23323922939a9ac3b43e0761b0af84dc9e3b47e)
2020-12-20Revert "dhcpv6: T3134: add missing duid support"Christian Poessinger
This reverts commit 9541355433e202fade4692851bffa33ba9d48f44.
2020-12-20dhcpv6: T3134: add missing duid supportChristian Poessinger
2020-11-06validator: ipv4-range: T3050: fix wrong exit code when no range was givenChristian Poessinger
2020-07-24T2727: add a dotted decimal validator.Daniil Baturin
Since it's relatively rarely used, Python's startup time should't be much of a problem.
2020-06-14wireless: T2354: add new validator for phy interfacesChristian Poessinger
2020-05-30vrf: T2530: instance name must be 15 characters or lessChristian Poessinger
2020-05-16nat: T2198: add common ip-protocol validatorChristian Poessinger
It allows IP protocol numbers 0-255, protocol names e.g. tcp, ip, ipv6 and the negated form with a leading "!".
2020-05-16nat: T2198: add ipv4-{address,prefix,rage}-exclude validatorsChristian Poessinger
Exclude validators are required to support the ! (not) operator on the CLI to exclude addresses from NAT.
2020-05-16nat: T2198: add new ipv4-range validatorChristian Poessinger
2020-05-08T2441: Fix parse errorkroy-the-rabbit
2020-05-09T2431: remove the numeric validator for it now lives in vyos-utils.Daniil Baturin
2020-05-06validator: T2417: try to make the code clearerThomas Mangin
2020-05-02validators: numeric: T2414: improve runtime performanceChristian Poessinger
$ time for i in {1..1000}; do /usr/libexec/vyos/validators/numeric --range 1-9999 666; done real 0m56.933s user 0m48.045s sys 0m9.064s $ time for i in {1..1000}; do /usr/libexec/vyos/validators/numeric--range 1-9999 666; done real 0m44.552s user 0m37.760s sys 0m6.989s This is a performance improvement of 21%, running in an ESXi VM with Quad Intel(R) Xeon(R) CPU E5-2630L v3 @ 1.80GHz.
2020-04-16openvpn: T149: IPv6 supportJernej Jakob
- allow configuring IPv6 server addresses and push options - add IPv6 server client IP pool - add IPv6 push dhcp-option DNS6 - allow configuring IPv6 server client addresses - allow configuring IPv6 site-to-site addresses - validate all IPv6 options and addresses - use protos that explicitely open an IPv6 listening socket (tcp6-server, tcp6-client, udp6) as the default on Linux listens on IPv4 only (https://community.openvpn.net/openvpn/ticket/360) - add validator for any IPv6 address, host or network (used by pool)
2020-04-06util: T2226: rewrite timezone validator to use cmdThomas Mangin
2020-04-03vrf: T31: Allow vrf name to look more like interface nameRunar Borge
Fix the regex to allow vrf instances like "eth0vrf" but not to allow "eth0"
2020-04-03validate: mac: autopep8Christian Poessinger
2020-04-03vrf: T31: name of isntance is not allowed to mimic an interface nameChristian Poessinger
Every VRF that's created is not allowed to be named like any interface that can be active on the system. This includes eth, lan, br, dum, lo .... In theoriy this would work but as soon as such a regular interface is created things will go sideways rather quick thus we limit the namespace which can be used to create a VRF. Appending an interface name is still possible like coolvrf-eth0.
2020-03-16syslog: T2131: add generic fqdn validatorChristian Poessinger
2019-12-26time-zone: T1906: migrate to XML/PythonChristian Poessinger
The current node.def based implementtion should be migrated from vyatta-cfg-system to vyos-1x. During the migration also provide a migration script which transforms some ole timezones like "Los_Angeles" into a proper IANA assigned timezone which should be "America/Los_Angeles".
2019-10-19T1749: support multiple ranges in the numeric validator.Daniil Baturin
2019-08-07Validator: add file-exists as replacement to Vyatta check_file_in_config_dirChristian Poessinger
Verify if a file exists or not on the system. Can be called by: <constraint> <validator name="file-exists" argument="--directory /config/auth"/> </constraint> The --directory option is used to ensure a given file path lies under this (mandatory) directory. A directory can be mandatory when the optional argument -e, --error is used. This will return '1' instead of '0'.
2019-08-07Validator: rename cidr -> ip-cidr to match existing patternsChristian Poessinger
2019-06-19[wireguard] T1425 - assign a /31 address on Wireguard interfacehagbard
- added a validator for checking if the address is any cidr noted address
2019-03-11[arp] - T1288: python implemtation of 'set protocols static arp'hagbard
2018-08-11T772 allow stow-away arguments in the script name field ↵Peri Diane Jones
https://phabricator.vyos.net/T772
2018-07-24Add a validator for scripts that are supposed to be in /configDaniil Baturin
2018-07-10Add an option for validating positive (>= 0) numbers to the numeric validator.Daniil Baturin
2018-05-16T642: add validators for common network address checking cases.Daniil Baturin
2018-05-14Add some ipaddrcheck-based IP validators.Daniil Baturin
2017-09-16T395: Implement a numeric value validatorDaniil Baturin