summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2022-07-24graphql: T3993: add interface-definition for gqlJohn Estabrook
2022-07-24graphql: T3993: use existing key auth from REST frameworkJohn Estabrook
2022-07-23vrf: T4562: Rewrite show vrf to vyos.opmode formatViacheslav Hletenko
2022-07-22macsec: T2023: fixup systemd unit descriptionChristian Poessinger
2022-07-22Merge pull request #1418 from zdc/T4546-sagittaChristian Poessinger
nhrp: T4546: Fixed route add command if MTU presented
2022-07-22nat: T4545: Rewrite show nat source rules scriptViacheslav Hletenko
Rewrite 'show nat source rules' due to a large number of bugs in NAT rules statistics. Use new format 'vyos.opmode module' Ability to get raw_data and formatted_output for the future op-mode rewriting funcitonal Ability to get raw and formatted data
2022-07-22conntrack: T4145: Modify conntrack to format command runnerViacheslav Hletenko
Change op-mode "show conntrack table ipvX" script to work with vyos.opmode module Change name "show_conntrack.py" => "conntrack.py" Ability to get IPv6 conntrack information Ability to get raw and formatted data
2022-07-21fastnetmon: T2659: move configuration files to /runChristian Poessinger
2022-07-21fastnetmon: T4555: add IPv6 supportChristian Poessinger
2022-07-21fastnetmon: T4553: add processing of XML defaultValue definitionsChristian Poessinger
2022-07-20Merge pull request #1351 from dmbaturin/genopJohn Estabrook
T2719: prototype of an op mode command runner based on type hints and introspection
2022-07-20T2719: fix unused importsDaniil Baturin
2022-07-19nhrp: T4546: Fixed route add command if MTU presentedzsdc
In case if `NHRP_DESTMTU` environment variable is presented, the script uses an intermediate command to get the current route before adding a new one. Then received data is used in the `route add` command generation. This commit fixes this process, so setting MTU becomes possible.
2022-07-19T2719: patch for general support for boolean optionsJohn Estabrook
Signed-off-by: Daniil Baturin <daniil@vyos.io>
2022-07-18macsec: T4537: support online ciper and source-interface re-configurationChristian Poessinger
2022-07-18bgp: T4490: check peer-group for AFI/SAFI before issuing warningChristian Poessinger
Commit 6cffe2aa82 ("bgp: T4490: Add informational message for peer withour AFI") only checked if an address-family is configured under the neighbor statement. This is not enough as the AFI can also be specified via a peer-group. Add a new verify_afi() helper that checks both the neighbor and the assigned peer-group.
2022-07-18Merge pull request #1407 from sever-sever/T4523Christian Poessinger
conntrack: T4523: Extend conntrack output direciton, mark, zone
2022-07-17login: T4536: add all accounts to frr groupChristian Poessinger
2022-07-17op-mode: T3435: Fix SNAT any address and DNAT port dict checkViacheslav Hletenko
If SNAT source address in not exists use 'any' Add check if 'port' exists in dictionary
2022-07-15interfaces: T4525: interfaces can not be member of a bridge/bond and a VRFChristian Poessinger
2022-07-15bond: bridge: T4534: error out if member interface is assigned to a VRF instanceChristian Poessinger
It makes no sense to enslave an interface to a bond or a bridge device if it is bound to a given VRF. If VRFs should be used - the encapuslating/master interface should be part of the VRF. Error out if the member interface is part of a VRF.
2022-07-12vrf: T4527: Prevent to create VRF with reserved namesViacheslav Hletenko
VRF names: "add, all, broadcast, default, delete, dev, get, inet, mtu, link, type, vrf" are reserved and cannot be used for vrf name
2022-07-11conntrack: T4523: Extend conntrack output direciton, mark, zoneViacheslav Hletenko
Extent op-mode "show conntrack table ipv4" Add ability to see direction of flow: origianl - "Original src", "Original dst" reply - "Reply src", "Reply dst" Add "mark" and "zone" options
2022-07-10vyos.configdict(): T4228: is_member() must use the "real" hardware interfaceChristian Poessinger
When is_member() is inspecting the bridge/Bond member interfaces it must work with the real interface (e.g. eth1) under the "ethernet" node and not work on the "member interface eth1" CLI tree, that makes no sense at all.
2022-07-09nat: T4499: Fix NAT not showing a single flow entryViacheslav Hletenko
We must change dictionary if we get only onle flow entry I.e one NAT record With single entry we get: OrderedDict([('meta', xxx])) We expect: [OrderedDict([('meta', xxx]))]
2022-07-09ip: T4517: drop forwarding from CLI "system ip ↵Christian Poessinger
disable-directed-broadcast-forwarding"
2022-07-09ip: T4517: add option to enable directed broadcast forwardingYuxiang Zhu
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1.
2022-07-09conntrack: T4145: Add show conntrack table ipv4Viacheslav Hletenko
After firewall rewriting, we lost the ability to show conntrack table as it used old code Rewrite and add it to XML/Python
2022-07-08lb-wan: T4518: Add XML for conf mode load-balancing wanViacheslav Hletenko
Add XML for configuration mode "load-balancing wan" for the future rewriting this to Python Remove node from Makefile as Python code is not yet completed
2022-07-08Merge pull request #1401 from sever-sever/T4411Christian Poessinger
monitoring: T4411: Migrate influxdb options to influxdb node
2022-07-07Merge pull request #1397 from sever-sever/T4503Christian Poessinger
op-mode: T4503: Prevent restart service if commit in progress
2022-07-07monitoring: T4411: Migrate influxdb options to influxdb nodeViacheslav Hletenko
As we have specific configuration for each plugin: set service monitoring telegraf xxx - azure-data-explorer - prometheus-client - splunk We should to move configuration that related to influxdb under influxdb node Replace: set service monitoring telegraf - authentication xxx - bucket xxx - port xxx - url To: set service monitoring telegraf influxdb xxx
2022-07-07op-mode: T4503: Prevent restart service if commit in progressViacheslav Hletenko
Prevent op-mode scripts from restarting services if commit in progress
2022-07-07T2719: rework 'show hardware cpu *' commands in the new styleDaniil Baturin
2022-07-07dns: T4509: improve 6to4 error messageChristian Poessinger
2022-07-07syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotatesarthurdev
After discussion with @zsdc this was decided the better long term fix * Removes hourly logrotate cron in favour of systemd timer override
2022-07-06firewall: T4500: Fix logrotate size to match rsyslog default valuesarthurdev
2022-07-05firewall: T2199: Fix migration when `icmpv6 type` is an integersarthurdev
2022-07-05T2719: convert the 'show system memory' script to the new styleDaniil Baturin
2022-07-05T2719: update op mode CLI definition for 'show version'Daniil Baturin
2022-07-05T2719: initial version of the route op mode scriptDaniil Baturin
2022-07-05T2719: convert 'show version' to the new op mode styleDaniil Baturin
2022-07-05Merge pull request #1389 from sever-sever/T4509Christian Poessinger
dns: T4509: Add dns64-prefix option
2022-07-05op-mode: bgp: T4494: re-use available building blocks for BGP resetsChristian Poessinger
2022-07-05op-mode: bgp: T4494: add "reset bgp" op-mode treeChristian Poessinger
2022-07-05dns: T4509: Add dns64-prefix optionViacheslav Hletenko
rfc6147: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers set service dns forwarding dns64-prefix 2001:db8:aabb::/96
2022-07-04ntp: T4456: call verify_vrf() before individual interface validationChristian Poessinger
It makes no sense to test against a VRF that might not exist at all.
2022-07-04dhclient: T2393: fix "Failed to parse boolean value, ignoring: SIGKILL"Christian Poessinger
Commit 19789463 ("dhclient: T2393: introduce 20 seconds stop timeout - required for smoketesting on Qemu") assigned a string to a boolean field. This has been fixed.
2022-07-04ntp: T4456: support listening on specified interfaceChristian Poessinger
When clients only use DHCP for interface addressing we can not bind NTPd to an address - as it will fail if the address changes. This commit adds support to bind ntpd to a given interface in addition to a given address. set system ntp interface <name>
2022-07-04Merge pull request #1382 from sever-sever/T4378Viacheslav Hletenko
dns: T4378: Allow wildcard A AAAA record with option all