summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2021-04-21containers: T2216: add op-mode "show container network" commandChristian Poessinger
2021-04-20dhclient: T3471: Fixed process search for IPv4zsdc
Some software starts dhclient without IP protocol flag (`-4`, `-6`), this commit adds the ability to find such processes as well as with a protocol flag. Additionally, to handle rare situations when PID file may not exists (most likely, when multiple dhclient processes started with the same PID file path), added last-resort action to kill such dhclients.
2021-04-19policy: T2425: verify() route-map match criteriasChristian Poessinger
When we match on a community-list, extended community-list or even a large community-list ensure that the referenced list exists on the CLI.
2021-04-18policy: T2425: verify other policy types and probe for mandatory optionsChristian Poessinger
2021-04-18policy: T2425: add common verify() code for all types of policiesChristian Poessinger
2021-04-18policy: T2425: to simplify dictionary use get_first_key=True on ↵Christian Poessinger
get_config_dict()
2021-04-17policy: T2425: also modify route-map section when using FRR reloadChristian Poessinger
2021-04-17policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/PythonChristian Poessinger
2021-04-17Merge pull request #812 from erkin/currentChristian Poessinger
T3472: Move over commit-confirm-notify.py from vyatta-config-mgmt
2021-04-17T3472: Move over commit-confirm-notify.py from vyatta-config-mgmterkin
2021-04-15protocols: remove superfluous import of vyos.util.callChristian Poessinger
2021-04-15bgp: T2771: add vpn, multicast, flowspec address familiesCheeze-It
In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com>
2021-04-15Merge pull request #807 from zdc/T3392-sagittaChristian Poessinger
dhclient: T3392: Changed dhclient-script hooks for VRF
2021-04-15dhclient: T3392: Changed dhclient-script hooks for VRFzsdc
There were two problems with VRF support inside dhclient-script: - VRF check inside the `01-vyos-cleanup` hook was needless because it will be done inside the `03-vyos-ipwrapper` anyway; - VRF was ignored for in-kernel routes in `03-vyos-ipwrapper`. Theoretically, there must be no situation now when this can leads to a real problem, but better will be to keep both kernel and FRR backends in sync. Also, the way to get and use a VRF name was changed to an easier one.
2021-04-14Merge pull request #805 from sever-sever/T3333Christian Poessinger
ipsec: T3333: Fix status for SA state op-mode
2021-04-14policy: T2425: rename files from policy-list to policyChristian Poessinger
2021-04-14ipsec: T3333: Fix status for SA state op-modesever-sever
2021-04-14dhclient: T3471: Fixed dhclient processes searchzsdc
Since in some cases a dhclient command may not end with an interface name, the way to find out a list of dhclients running for a current interface was replaced to catch PIDs regardless of the exact command syntax.
2021-04-13Merge pull request #802 from sever-sever/T3455Christian Poessinger
login: T3455: Fix edit level configuration for user
2021-04-13Merge pull request #801 from sever-sever/T2216-podChristian Poessinger
containers: T2216: Add podman for containers
2021-04-13login: T3455: Fix edit level configuration for usersever-sever
2021-04-12static: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols static route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not staticd.
2021-04-12rip: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols rip route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ripd.
2021-04-12isis: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols isis route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not isisd.
2021-04-12ospf: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols ospf route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not ospfd.
2021-04-12bgp: T3328: route-map to zebra/kernel can not be removedChristian Poessinger
Removing the Zebra/Linux Kernel route-map added by "set protocols bgp route-map" was not removed once applied. This was because the removal must happen within the zebra daemon and not bgpd.
2021-04-12containers: T2216: Add podman for containerssever-sever
2021-04-11bgp: T3344: handle FRR vrf daemon configuration more elegantChristian Poessinger
2021-04-10bgp: T3460: add verify() steps for local-as overrideChristian Poessinger
It is only possible to set one local-as override per BGP neighbor/peer-group. In addition to this, the override AS number is not allowed to be the same as the one from the global BGP process. If this would still be the case frr-reload would error out: > frr-reload output: 184 % Cannot have local-as same as BGP AS number
2021-04-09bgp: T1711: remove extra script completion helper on peer-groupsChristian Poessinger
After commit 73557d68 ("bgp: T1711: remove ASN tagNode and move to 'local-as'") when the BGP tag node was removed there is no need anymore for a script based completion helper, we can rather rely on the build in "path" variant.
2021-04-09Merge pull request #791 from jack9603301/T3435Christian Poessinger
nat: op-mode: T3435: Filter extra rules that should not be processed
2021-04-08bgp: T3464: use common helper functions to verify route-maps and prefix-listsChristian Poessinger
2021-04-08protocols: T3464: proper handling of routing policy configurationChristian Poessinger
The introduction of key_mangling=('-', '_') when working with get_config_dict() caused more harm then good. This commit extends common helpers and adds new helpers when verifying the existence of route-maps, access-lists or prefix-lists.
2021-04-07vrf: T3344: re-add virtual network identifierChristian Poessinger
Commit 548d9057e3e (vrf: T3344: move dynamic routing protocols under "vrf name <name> protocols") temporary removed the possibility to specify the VNI for a given VRF to to changing of the CLI configuration nodes. As VNI is set inside zebra, we can re-use the now widely deployed frr python library to configure and change the configuration without any interference to other FRR daemons.
2021-04-05tunnel: T3030: move erspan type into regular tunnel interfaceChristian Poessinger
Instead of having a dedicated ERSPAN interface type, rather move the specifics into "interface tunnel". A migrator is not needed as there is yet no LTS release with this feature and this is considered experimental.
2021-04-05bgp: T3418: peer-group and remote-as must be present under interface nodeChristian Poessinger
When configuring a BGP neighbor via an interface, FRR requires that the peer-group and remote-as node from under the interface statement is used. This is now enforced by a verify() check.
2021-04-05vyos.template: T3418: add new is_interface helper functionChristian Poessinger
2021-04-04bgp: T1711: fix completion helpers after as number cli changeChristian Poessinger
2021-04-04nat: op-mode: T3435: Improved validation logic for the output of operational ↵jack9603301
mode rules
2021-04-04nat: op-mode: T3435: Filter extra rules that should not be processedjack9603301
2021-04-02frr: T3217: Abbility to save routing configssever-sever
2021-03-30bgp: T1711: remove migrator debug printChristian Poessinger
2021-03-30ripng: T3281: remove debug print statementsChristian Poessinger
2021-03-30Merge pull request #794 from erkin/currentDaniil Baturin
T3354: Handle user break and prematurely closed stdin in strip-private
2021-03-30T3354: Handle user break and prematurely closed stdinerkin
2021-03-29Merge pull request #793 from c-po/bgp-cliChristian Poessinger
bgp: T1711: remove ASN tagNode and move to "local-as"
2021-03-29Merge pull request #787 from jack9603301/T3055Christian Poessinger
op-mode: ipsec: T3055: Fixed parsing peer name error
2021-03-29bgp: T1711: remove ASN tagNode and move to "local-as"Christian Poessinger
Every time when set configuration bgp, you need set AS number. There is very less benefit in this system so the AS number is moved from a tagNode level down to a leafNode with the name "local-as", same as on the neighbor or peer-group level. This changes the CLI configuration from: set protocols bgp 100 neighbor 10.10.1.2 remote-as 200 to set protocols bgp local-as 100 set protocols bgp neighbor 10.10.1.2 remote-as 200
2021-03-29isis: T3417: fix invalid call to exit() in migration scriptChristian Poessinger
2021-03-28http-api: T3440: give uvicorn time to initialize before starting NginxJohn Estabrook