summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2022-07-28vxlan: T4570: Verify MTU for remote address if source not definedViacheslav Hletenko
In some cases `source_address` can be not defined in the conf So we should to check list of `remote` vxlanX addresses If remote address is IPv6 - add overhead +20 bytes to default overhead 50. I.e. +70 bytes for IPv6
2022-07-26T4571: add sflow vrf to sflow agent address IP validationDavid
2022-07-26Merge pull request #1436 from aapostoliuk/T4546-sagittaChristian Poessinger
nhrp: T4546: Fixed gateway in route add command
2022-07-26Merge pull request #1435 from sever-sever/T4569Christian Poessinger
bridge: T4569: Rewrite show bridge script of vyos.opmode format
2022-07-26nhrp: T4546: Fixed gateway in route add commandaapostoliuk
Fixed incorrect key to get gateway for route add command
2022-07-26bridge: T4569: Rewrite show bridge script of vyos.opmode formatViacheslav Hletenko
2022-07-25bgp: T4560: neighbor/peer-group local-as option is only allowed for eBGPChristian Poessinger
2022-07-25fastnetmon: T2659: PID file location is static and can't be changedChristian Poessinger
2022-07-25Merge pull request #1433 from sever-sever/T4568Christian Poessinger
ipsec: T4568: Fix debug IPsec peer op-mode
2022-07-25fastnetmon: T4556: Allow configure white_list_path and populate with ↵Adrian Almenar
hosts/networks that should be ignored.
2022-07-25Merge pull request #1426 from sever-sever/T4545-natChristian Poessinger
nat: T4545: Rewrite show nat source rules script
2022-07-25Merge pull request #1428 from sever-sever/T4552Christian Poessinger
IPsec: T4552: Fix reset vpn ipsec peer
2022-07-25Merge pull request #1430 from sever-sever/T4562Christian Poessinger
vrf: T4562: Rewrite show vrf to vyos.opmode format
2022-07-25ipsec: T4568: Fix debug IPsec peerViacheslav Hletenko
Debug Connections for a peer wasn't checked because of typo in var `conns` Replace ':' to '-' for IPv6 peers
2022-07-25IPsec: T4552: Fix reset vpn ipsec peerViacheslav Hletenko
When we use IPv6 peer we need to make a replacement ":" => "-" for correct resetting as it doesn't match get_peer_connections() regex Use new format "vyos.opmode"
2022-07-24graphql: T4413: update 'SystemStatus' query for standardized op-modeJohn Estabrook
Update for T2719: Standardized op mode script structure
2022-07-24graphql: T4413: add support for a system status queryJohn Estabrook
2022-07-24graphql: T3993: disable introspection unless set in CLIJohn Estabrook
2022-07-24graphql: T3993: add interface-definition for gqlJohn Estabrook
2022-07-24graphql: T3993: use existing key auth from REST frameworkJohn Estabrook
2022-07-23vrf: T4562: Rewrite show vrf to vyos.opmode formatViacheslav Hletenko
2022-07-22macsec: T2023: fixup systemd unit descriptionChristian Poessinger
2022-07-22Merge pull request #1418 from zdc/T4546-sagittaChristian Poessinger
nhrp: T4546: Fixed route add command if MTU presented
2022-07-22nat: T4545: Rewrite show nat source rules scriptViacheslav Hletenko
Rewrite 'show nat source rules' due to a large number of bugs in NAT rules statistics. Use new format 'vyos.opmode module' Ability to get raw_data and formatted_output for the future op-mode rewriting funcitonal Ability to get raw and formatted data
2022-07-22conntrack: T4145: Modify conntrack to format command runnerViacheslav Hletenko
Change op-mode "show conntrack table ipvX" script to work with vyos.opmode module Change name "show_conntrack.py" => "conntrack.py" Ability to get IPv6 conntrack information Ability to get raw and formatted data
2022-07-21fastnetmon: T2659: move configuration files to /runChristian Poessinger
2022-07-21fastnetmon: T4555: add IPv6 supportChristian Poessinger
2022-07-21fastnetmon: T4553: add processing of XML defaultValue definitionsChristian Poessinger
2022-07-20Merge pull request #1351 from dmbaturin/genopJohn Estabrook
T2719: prototype of an op mode command runner based on type hints and introspection
2022-07-20T2719: fix unused importsDaniil Baturin
2022-07-19nhrp: T4546: Fixed route add command if MTU presentedzsdc
In case if `NHRP_DESTMTU` environment variable is presented, the script uses an intermediate command to get the current route before adding a new one. Then received data is used in the `route add` command generation. This commit fixes this process, so setting MTU becomes possible.
2022-07-19T2719: patch for general support for boolean optionsJohn Estabrook
Signed-off-by: Daniil Baturin <daniil@vyos.io>
2022-07-18macsec: T4537: support online ciper and source-interface re-configurationChristian Poessinger
2022-07-18bgp: T4490: check peer-group for AFI/SAFI before issuing warningChristian Poessinger
Commit 6cffe2aa82 ("bgp: T4490: Add informational message for peer withour AFI") only checked if an address-family is configured under the neighbor statement. This is not enough as the AFI can also be specified via a peer-group. Add a new verify_afi() helper that checks both the neighbor and the assigned peer-group.
2022-07-18Merge pull request #1407 from sever-sever/T4523Christian Poessinger
conntrack: T4523: Extend conntrack output direciton, mark, zone
2022-07-17login: T4536: add all accounts to frr groupChristian Poessinger
2022-07-17op-mode: T3435: Fix SNAT any address and DNAT port dict checkViacheslav Hletenko
If SNAT source address in not exists use 'any' Add check if 'port' exists in dictionary
2022-07-15interfaces: T4525: interfaces can not be member of a bridge/bond and a VRFChristian Poessinger
2022-07-15bond: bridge: T4534: error out if member interface is assigned to a VRF instanceChristian Poessinger
It makes no sense to enslave an interface to a bond or a bridge device if it is bound to a given VRF. If VRFs should be used - the encapuslating/master interface should be part of the VRF. Error out if the member interface is part of a VRF.
2022-07-12vrf: T4527: Prevent to create VRF with reserved namesViacheslav Hletenko
VRF names: "add, all, broadcast, default, delete, dev, get, inet, mtu, link, type, vrf" are reserved and cannot be used for vrf name
2022-07-11conntrack: T4523: Extend conntrack output direciton, mark, zoneViacheslav Hletenko
Extent op-mode "show conntrack table ipv4" Add ability to see direction of flow: origianl - "Original src", "Original dst" reply - "Reply src", "Reply dst" Add "mark" and "zone" options
2022-07-10vyos.configdict(): T4228: is_member() must use the "real" hardware interfaceChristian Poessinger
When is_member() is inspecting the bridge/Bond member interfaces it must work with the real interface (e.g. eth1) under the "ethernet" node and not work on the "member interface eth1" CLI tree, that makes no sense at all.
2022-07-09nat: T4499: Fix NAT not showing a single flow entryViacheslav Hletenko
We must change dictionary if we get only onle flow entry I.e one NAT record With single entry we get: OrderedDict([('meta', xxx])) We expect: [OrderedDict([('meta', xxx]))]
2022-07-09ip: T4517: drop forwarding from CLI "system ip ↵Christian Poessinger
disable-directed-broadcast-forwarding"
2022-07-09ip: T4517: add option to enable directed broadcast forwardingYuxiang Zhu
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1.
2022-07-09conntrack: T4145: Add show conntrack table ipv4Viacheslav Hletenko
After firewall rewriting, we lost the ability to show conntrack table as it used old code Rewrite and add it to XML/Python
2022-07-08Merge pull request #1401 from sever-sever/T4411Christian Poessinger
monitoring: T4411: Migrate influxdb options to influxdb node
2022-07-07Merge pull request #1397 from sever-sever/T4503Christian Poessinger
op-mode: T4503: Prevent restart service if commit in progress
2022-07-07monitoring: T4411: Migrate influxdb options to influxdb nodeViacheslav Hletenko
As we have specific configuration for each plugin: set service monitoring telegraf xxx - azure-data-explorer - prometheus-client - splunk We should to move configuration that related to influxdb under influxdb node Replace: set service monitoring telegraf - authentication xxx - bucket xxx - port xxx - url To: set service monitoring telegraf influxdb xxx
2022-07-07op-mode: T4503: Prevent restart service if commit in progressViacheslav Hletenko
Prevent op-mode scripts from restarting services if commit in progress