summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-07-22nat: T4545: Rewrite show nat source rules scriptViacheslav Hletenko
Rewrite 'show nat source rules' due to a large number of bugs in NAT rules statistics. Use new format 'vyos.opmode module' Ability to get raw_data and formatted_output for the future op-mode rewriting funcitonal Ability to get raw and formatted data
2022-07-22smoketest: router-advert: T4550: test deprecate-prefix & decrement-lifetime ↵Christian Poessinger
CLI option
2022-07-22smoketest: router-advert: use setUpClass()Christian Poessinger
2022-07-22Merge pull request #1421 from vfreex/radvd-prefix-specific-optionsChristian Poessinger
T4550: router-advert: Add deprecate-prefix & decrement-lifetimes options
2022-07-21fastnetmon: T4553: reduce ban-time lower limit to 1 secondChristian Poessinger
2022-07-21op-mode: T2659: show/monitor log - add ddos-protection logsChristian Poessinger
2022-07-21smoketest: fastnetmon: T4555: add IPv6 supportChristian Poessinger
2022-07-21fastnetmon: T2659: move configuration files to /runChristian Poessinger
2022-07-21fastnetmon: T4555: add IPv6 supportChristian Poessinger
2022-07-21fastnetmon: T4553: band-time - zero value is prohibitedChristian Poessinger
2022-07-21fastnetmon: T4553: add processing of XML defaultValue definitionsChristian Poessinger
2022-07-21T4550: router-advert: Add deprecate-prefix & decrement-lifetimes optionsYuxiang Zhu
DeprecatePrefix and DecrementLifetimes options in radvd is useful in a DHCPv6-PD environment to accommodate prefix changes from ISP's delegating router. Though there is currently no integration between the DHCP PD client (wide-dhcpv6-client) and radvd, it could be a good start point to have the 2 options configurable by the user. https://phabricator.vyos.net/T4550 - deprecate-prefix: Upon shutdown, deprecate the prefix. This is useful in a DHCPv6 PD environment: When ISP re-assigns a new prefix, deprecate the old prefix that was advertised. - decrement-lifetimes: Decrement the values of the preferred and valid lifetimes for the prefix over time. This is also useful in a DHCPv6 PD environment to keep the advertised prefix's lifetimes in sync with the prefix from delegating router.
2022-07-21fastnetmon: T4553: Allow to configure ban_time instead of 1900s default valueAdrian Almenar
2022-07-20Merge pull request #1351 from dmbaturin/genopJohn Estabrook
T2719: prototype of an op mode command runner based on type hints and introspection
2022-07-20T2719: fix unused importsDaniil Baturin
2022-07-20T2719: fix indentation in vyos.opmodeDaniil Baturin
2022-07-20T2719: fix a stray empty key in the CPU data dictDaniil Baturin
2022-07-20Merge pull request #1419 from goodNETnick/rm-pref-lenChristian Poessinger
route-map: T4542: match prefix-len BGP notice
2022-07-20route-map: T4542: match prefix-len BGP noticegoodNETnick
2022-07-19T2719: patch for general support for boolean optionsJohn Estabrook
Signed-off-by: Daniil Baturin <daniil@vyos.io>
2022-07-19smoketest: telegraf: use generic service availability checkChristian Poessinger
2022-07-18macsec: T4537: support online ciper and source-interface re-configurationChristian Poessinger
2022-07-18macsec: T4537: allow 32-byte keys for gcm-aes-256Christian Poessinger
2022-07-18bgp: T4490: check peer-group for AFI/SAFI before issuing warningChristian Poessinger
Commit 6cffe2aa82 ("bgp: T4490: Add informational message for peer withour AFI") only checked if an address-family is configured under the neighbor statement. This is not enough as the AFI can also be specified via a peer-group. Add a new verify_afi() helper that checks both the neighbor and the assigned peer-group.
2022-07-18Merge pull request #1407 from sever-sever/T4523Christian Poessinger
conntrack: T4523: Extend conntrack output direciton, mark, zone
2022-07-17login: T4536: add all accounts to frr groupChristian Poessinger
2022-07-17Merge pull request #1417 from sever-sever/T3435Christian Poessinger
op-mode: T3435: Fix SNAT any address and DNAT port dict check
2022-07-17op-mode: T3435: Fix SNAT any address and DNAT port dict checkViacheslav Hletenko
If SNAT source address in not exists use 'any' Add check if 'port' exists in dictionary
2022-07-15smoketest: component_version: print details on failureJohn Estabrook
2022-07-15monitoring: T4411: add monitoring-version.xml.i to component-versionsJohn Estabrook
When adding a new component version file, one must also include the file in xml-component-version.xml.in
2022-07-15Merge pull request #1414 from sever-sever/T4532Christian Poessinger
netflow: T4532: replace dot and colons to dash
2022-07-15smoketest: T4532: Update smoketest flow-accountingViacheslav Hletenko
2022-07-15netflow: T4532: replace dot and colons to dashViacheslav Hletenko
Fix for IPv6 netflow_plugin name When we use IPv6 uacctd.conf doesnt expect coluns in the plugin name. Replace dots and colons to dash.
2022-07-15interfaces: T4525: interfaces can not be member of a bridge/bond and a VRFChristian Poessinger
2022-07-15bond: T4525: fix adding member interface to bond after removing VRFChristian Poessinger
When removing a VRF from an ethernet interface and adding the interface to a bond in the same commit led to an OSError: [Errno 16] Device or resource busy!
2022-07-15vyos.configdict(): T4228: is_member() must return member interface config dictChristian Poessinger
This extends commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") and returns the config dict of the used member interfaces.
2022-07-15bond: bridge: T4534: error out if member interface is assigned to a VRF instanceChristian Poessinger
It makes no sense to enslave an interface to a bond or a bridge device if it is bound to a given VRF. If VRFs should be used - the encapuslating/master interface should be part of the VRF. Error out if the member interface is part of a VRF.
2022-07-14Merge pull request #1413 from DaniilHarun/currentChristian Poessinger
interface: T4056: Fix unexpected delete tc qdisc
2022-07-14interface: T4056: Fix unexpected delete tc qdiscDaniilHarun
2022-07-13Merge pull request #1411 from srividya0208/T4493Christian Poessinger
op-mode: T4493: Incorrect completion help of "show bgp neighbors"
2022-07-13op-mode: T4493: Incorrect completion help of "show bgp neighbors"srividya0208
the operational command "show bgp neighbors" is common for ipv4 and ipv6 so "IPv4" keyword in the help description might mislead.
2022-07-12Merge pull request #1409 from sever-sever/T4257Christian Poessinger
vrf: T4527: Prevent to create VRF with reserved names
2022-07-12vrf: T4527: Prevent to create VRF with reserved namesViacheslav Hletenko
VRF names: "add, all, broadcast, default, delete, dev, get, inet, mtu, link, type, vrf" are reserved and cannot be used for vrf name
2022-07-11conntrack: T4523: Extend conntrack output direciton, mark, zoneViacheslav Hletenko
Extent op-mode "show conntrack table ipv4" Add ability to see direction of flow: origianl - "Original src", "Original dst" reply - "Reply src", "Reply dst" Add "mark" and "zone" options
2022-07-11smoketest: bridge: also test QinQ bridge member interfacesChristian Poessinger
2022-07-11vyos.configdict(): T4228: is_member() must split VLAN interfacesChristian Poessinger
Commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") added a bugfix on calling is_member() to retrieve the real physical information about an interface. It did not include a code path to also split up VLAN interfaces. This has been fixed.
2022-07-10bond: T4522: add ability to specify mii monitor interval via CLIChristian Poessinger
Linux Kernel supports to specify the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. A value of 100 is a good starting point. The default value is 100. set interfaces bonding bond0 mii-mon-interval <n>
2022-07-10smoketest: bond: remove second instance of layer2+3 hash-policy testChristian Poessinger
2022-07-10vyos.configdict(): T4228: is_member() must use the "real" hardware interfaceChristian Poessinger
When is_member() is inspecting the bridge/Bond member interfaces it must work with the real interface (e.g. eth1) under the "ethernet" node and not work on the "member interface eth1" CLI tree, that makes no sense at all.
2022-07-10bond: T1557: re-add miimon configuration - lost in translationChristian Poessinger
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 14:49:51 +0000