summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2021-05-08vrf: bgp: T3523: bugfix Kernel route-map deploymentChristian Poessinger
Commit 4f9aa30f ("vrf: bgp: T3523: add route-map support for kernel routes") added the possibility to also filter BGP routes towards the OS kernel, but the smoketests failed. Reason was a non working CLI command applied to bgpd. Thus the VRF route-map and the BGP configuration is now split into two templates, one to be used for each daemon (zebra and bgpd). Nevertheless one more bug was found in vyos.frr which currently does not suppoort calling modify_section() inside a configuration "block". See [1] for more info. [1]: https://phabricator.vyos.net/T3529
2021-05-06vrf: T3523: fix regex when removing dynamic routing protocols with a kernel ↵Christian Poessinger
route-map
2021-05-05isis: T3520: verify interface MTU to be >= lsp-mtuChristian Poessinger
2021-05-02radius: T3510: authenticated users must use /sbin/radius_shell as shellChristian Poessinger
2021-05-02login: T1948: use long options when calling adduserChristian Poessinger
... just to make it easier for users to read the commandline.
2021-04-30bgp: T3504: add support for per-peer graceful shutdownChristian Poessinger
This commit has a dependecy on https://github.com/FRRouting/frr/issues/8403, thus support will be "commented out" by default.
2021-04-30openconnect: T3461: Delete CA crt file checkssever-sever
2021-04-27op-mode: ospfv3: T3335: re-use common vtysh_wrapper.sh wrapperChristian Poessinger
Instead of renaming the OSPFv3 commands for every individual XML invocation, also re-use the common helper shell script. One source, one truth!
2021-04-27Merge pull request #821 from bstepler/T3502Christian Poessinger
ecmp: T3502: fix check for "layer4-hashing" key
2021-04-27Merge pull request #822 from bstepler/T3503Christian Poessinger
bgp: T3503: allow "route-reflector-client" when "remote-as" is "internal"
2021-04-27ecmp: T3502: fix check for "layer4-hashing" keyBrandon Stepler
2021-04-27bgp: T3503: allow "route-reflector-client" when "remote-as" is "internal"Brandon Stepler
2021-04-27op-mode: T2946: only call 'stty size' if in terminalJohn Estabrook
2021-04-27Merge pull request #820 from sever-sever/T3473Christian Poessinger
ipsec: T3473: Decode byte csa-name for op-mode
2021-04-27Merge pull request #818 from sever-sever/T2216-portsChristian Poessinger
container: T2216: Add binding for ports and volumes
2021-04-27ipsec: T3473: Decode byte csa-name for op-modesever-sever
2021-04-27container: T2216: Add binding for ports and volumessever-sever
2021-04-26dhcpv6-server: T3494: Get address from network to correct sortingDmitriyEshenko
2021-04-25policy: T3497: add verify() that prefix-lists must carry a defined prefixChristian Poessinger
2021-04-25wireguard: T1802: add client name to configurationChristian Poessinger
2021-04-24wireguard: T1802: generate QR code for clients on CLIChristian Poessinger
generate wireguard mobile-config wg0 server wg.vyos.net address 1.2.2.2/24 WireGuard client configuration for interface: wg0 [Interface] PrivateKey = AEXrZ4b3xFVLg1lql3hy/93+d43q3+3vPdSMUGI6/Fo= Address = 1.2.2.2/24 [Peer] PublicKey = h1HkYlSuHdJN6Qv4Hz4bBzjGg5WUty+U1L7DJsZy1iE= Endpoint = wg.vyos.net:41751 AllowedIPs = 0.0.0.0/0, ::/0 The servers public key and port are automatically extracter from the running config.
2021-04-24policy: T2425: verify() must check if a policy is still usedChristian Poessinger
When deleting a route-map, prefix-list or access-list, we must ensure that this routing policy is not referenced by any other protocol or policy. When trying to remove a policy still in use, raise an error.
2021-04-21Merge pull request #816 from sever-sever/T2216-op-modeChristian Poessinger
container: T2216: Rewrite op-mode to python
2021-04-21container: T2216: Rewrite op-mode to pythonsever-sever
2021-04-21containers: T2216: the first IP address is always reserved for podmanChristian Poessinger
2021-04-21containers: T2216: used "address" must belong to the used container networkChristian Poessinger
2021-04-21containers: T2216: refine implementationChristian Poessinger
This commit is a cleanup and refinement of the container hosting implementation. - Renamed CLI node ipv4-prefix -> prefix so both IPv4 and IPv6 prefix can be supplied in the future. This is currently limited to IPv4 only as when using IPv6 networks in combination with IPv4 the IPv4 prefix is altered randomly - De-nested if clauses - Use "for foo, bar in baz.items()" to more easily iterate of dictionary values, this means "bar" can be used to access "baz[foo]"
2021-04-21bridge: T2653: remove superfluous "import re"Christian Poessinger
2021-04-21containers: T2216: add op-mode "show container network" commandChristian Poessinger
2021-04-20dhclient: T3471: Fixed process search for IPv4zsdc
Some software starts dhclient without IP protocol flag (`-4`, `-6`), this commit adds the ability to find such processes as well as with a protocol flag. Additionally, to handle rare situations when PID file may not exists (most likely, when multiple dhclient processes started with the same PID file path), added last-resort action to kill such dhclients.
2021-04-19policy: T2425: verify() route-map match criteriasChristian Poessinger
When we match on a community-list, extended community-list or even a large community-list ensure that the referenced list exists on the CLI.
2021-04-18policy: T2425: verify other policy types and probe for mandatory optionsChristian Poessinger
2021-04-18policy: T2425: add common verify() code for all types of policiesChristian Poessinger
2021-04-18policy: T2425: to simplify dictionary use get_first_key=True on ↵Christian Poessinger
get_config_dict()
2021-04-17policy: T2425: also modify route-map section when using FRR reloadChristian Poessinger
2021-04-17policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/PythonChristian Poessinger
2021-04-17Merge pull request #812 from erkin/currentChristian Poessinger
T3472: Move over commit-confirm-notify.py from vyatta-config-mgmt
2021-04-17T3472: Move over commit-confirm-notify.py from vyatta-config-mgmterkin
2021-04-15protocols: remove superfluous import of vyos.util.callChristian Poessinger
2021-04-15bgp: T2771: add vpn, multicast, flowspec address familiesCheeze-It
In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com>
2021-04-15Merge pull request #807 from zdc/T3392-sagittaChristian Poessinger
dhclient: T3392: Changed dhclient-script hooks for VRF
2021-04-15dhclient: T3392: Changed dhclient-script hooks for VRFzsdc
There were two problems with VRF support inside dhclient-script: - VRF check inside the `01-vyos-cleanup` hook was needless because it will be done inside the `03-vyos-ipwrapper` anyway; - VRF was ignored for in-kernel routes in `03-vyos-ipwrapper`. Theoretically, there must be no situation now when this can leads to a real problem, but better will be to keep both kernel and FRR backends in sync. Also, the way to get and use a VRF name was changed to an easier one.
2021-04-14Merge pull request #805 from sever-sever/T3333Christian Poessinger
ipsec: T3333: Fix status for SA state op-mode
2021-04-14policy: T2425: rename files from policy-list to policyChristian Poessinger
2021-04-14ipsec: T3333: Fix status for SA state op-modesever-sever
2021-04-14dhclient: T3471: Fixed dhclient processes searchzsdc
Since in some cases a dhclient command may not end with an interface name, the way to find out a list of dhclients running for a current interface was replaced to catch PIDs regardless of the exact command syntax.
2021-04-13Merge pull request #802 from sever-sever/T3455Christian Poessinger
login: T3455: Fix edit level configuration for user
2021-04-13Merge pull request #801 from sever-sever/T2216-podChristian Poessinger
containers: T2216: Add podman for containers
2021-04-13login: T3455: Fix edit level configuration for usersever-sever
2021-04-12static: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols static route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not staticd.