summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-07-21T4550: router-advert: Add deprecate-prefix & decrement-lifetimes optionsYuxiang Zhu
DeprecatePrefix and DecrementLifetimes options in radvd is useful in a DHCPv6-PD environment to accommodate prefix changes from ISP's delegating router. Though there is currently no integration between the DHCP PD client (wide-dhcpv6-client) and radvd, it could be a good start point to have the 2 options configurable by the user. https://phabricator.vyos.net/T4550 - deprecate-prefix: Upon shutdown, deprecate the prefix. This is useful in a DHCPv6 PD environment: When ISP re-assigns a new prefix, deprecate the old prefix that was advertised. - decrement-lifetimes: Decrement the values of the preferred and valid lifetimes for the prefix over time. This is also useful in a DHCPv6 PD environment to keep the advertised prefix's lifetimes in sync with the prefix from delegating router.
2022-07-20Merge pull request #1351 from dmbaturin/genopJohn Estabrook
T2719: prototype of an op mode command runner based on type hints and introspection
2022-07-20T2719: fix unused importsDaniil Baturin
2022-07-20T2719: fix indentation in vyos.opmodeDaniil Baturin
2022-07-20T2719: fix a stray empty key in the CPU data dictDaniil Baturin
2022-07-20Merge pull request #1419 from goodNETnick/rm-pref-lenChristian Poessinger
route-map: T4542: match prefix-len BGP notice
2022-07-20route-map: T4542: match prefix-len BGP noticegoodNETnick
2022-07-19T2719: patch for general support for boolean optionsJohn Estabrook
Signed-off-by: Daniil Baturin <daniil@vyos.io>
2022-07-19smoketest: telegraf: use generic service availability checkChristian Poessinger
2022-07-18macsec: T4537: support online ciper and source-interface re-configurationChristian Poessinger
2022-07-18macsec: T4537: allow 32-byte keys for gcm-aes-256Christian Poessinger
2022-07-18bgp: T4490: check peer-group for AFI/SAFI before issuing warningChristian Poessinger
Commit 6cffe2aa82 ("bgp: T4490: Add informational message for peer withour AFI") only checked if an address-family is configured under the neighbor statement. This is not enough as the AFI can also be specified via a peer-group. Add a new verify_afi() helper that checks both the neighbor and the assigned peer-group.
2022-07-18Merge pull request #1407 from sever-sever/T4523Christian Poessinger
conntrack: T4523: Extend conntrack output direciton, mark, zone
2022-07-17login: T4536: add all accounts to frr groupChristian Poessinger
2022-07-17Merge pull request #1417 from sever-sever/T3435Christian Poessinger
op-mode: T3435: Fix SNAT any address and DNAT port dict check
2022-07-17op-mode: T3435: Fix SNAT any address and DNAT port dict checkViacheslav Hletenko
If SNAT source address in not exists use 'any' Add check if 'port' exists in dictionary
2022-07-15smoketest: component_version: print details on failureJohn Estabrook
2022-07-15monitoring: T4411: add monitoring-version.xml.i to component-versionsJohn Estabrook
When adding a new component version file, one must also include the file in xml-component-version.xml.in
2022-07-15Merge pull request #1414 from sever-sever/T4532Christian Poessinger
netflow: T4532: replace dot and colons to dash
2022-07-15smoketest: T4532: Update smoketest flow-accountingViacheslav Hletenko
2022-07-15netflow: T4532: replace dot and colons to dashViacheslav Hletenko
Fix for IPv6 netflow_plugin name When we use IPv6 uacctd.conf doesnt expect coluns in the plugin name. Replace dots and colons to dash.
2022-07-15interfaces: T4525: interfaces can not be member of a bridge/bond and a VRFChristian Poessinger
2022-07-15bond: T4525: fix adding member interface to bond after removing VRFChristian Poessinger
When removing a VRF from an ethernet interface and adding the interface to a bond in the same commit led to an OSError: [Errno 16] Device or resource busy!
2022-07-15vyos.configdict(): T4228: is_member() must return member interface config dictChristian Poessinger
This extends commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") and returns the config dict of the used member interfaces.
2022-07-15bond: bridge: T4534: error out if member interface is assigned to a VRF instanceChristian Poessinger
It makes no sense to enslave an interface to a bond or a bridge device if it is bound to a given VRF. If VRFs should be used - the encapuslating/master interface should be part of the VRF. Error out if the member interface is part of a VRF.
2022-07-14Merge pull request #1413 from DaniilHarun/currentChristian Poessinger
interface: T4056: Fix unexpected delete tc qdisc
2022-07-14interface: T4056: Fix unexpected delete tc qdiscDaniilHarun
2022-07-13Merge pull request #1411 from srividya0208/T4493Christian Poessinger
op-mode: T4493: Incorrect completion help of "show bgp neighbors"
2022-07-13op-mode: T4493: Incorrect completion help of "show bgp neighbors"srividya0208
the operational command "show bgp neighbors" is common for ipv4 and ipv6 so "IPv4" keyword in the help description might mislead.
2022-07-12Merge pull request #1409 from sever-sever/T4257Christian Poessinger
vrf: T4527: Prevent to create VRF with reserved names
2022-07-12vrf: T4527: Prevent to create VRF with reserved namesViacheslav Hletenko
VRF names: "add, all, broadcast, default, delete, dev, get, inet, mtu, link, type, vrf" are reserved and cannot be used for vrf name
2022-07-11conntrack: T4523: Extend conntrack output direciton, mark, zoneViacheslav Hletenko
Extent op-mode "show conntrack table ipv4" Add ability to see direction of flow: origianl - "Original src", "Original dst" reply - "Reply src", "Reply dst" Add "mark" and "zone" options
2022-07-11smoketest: bridge: also test QinQ bridge member interfacesChristian Poessinger
2022-07-11vyos.configdict(): T4228: is_member() must split VLAN interfacesChristian Poessinger
Commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") added a bugfix on calling is_member() to retrieve the real physical information about an interface. It did not include a code path to also split up VLAN interfaces. This has been fixed.
2022-07-10bond: T4522: add ability to specify mii monitor interval via CLIChristian Poessinger
Linux Kernel supports to specify the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. A value of 100 is a good starting point. The default value is 100. set interfaces bonding bond0 mii-mon-interval <n>
2022-07-10smoketest: bond: remove second instance of layer2+3 hash-policy testChristian Poessinger
2022-07-10vyos.configdict(): T4228: is_member() must use the "real" hardware interfaceChristian Poessinger
When is_member() is inspecting the bridge/Bond member interfaces it must work with the real interface (e.g. eth1) under the "ethernet" node and not work on the "member interface eth1" CLI tree, that makes no sense at all.
2022-07-10bond: T1557: re-add miimon configuration - lost in translationChristian Poessinger
2022-07-10bond: T4521: ARP monitor interval is not configured despite set via CLIChristian Poessinger
The code path for changing the interval is never executed.
2022-07-10smoketest: bond: add testcase for conflicting bridge memberChristian Poessinger
A bond member can not also be used as a member of a bridge interface.
2022-07-10smoketest: bond: add testcase for source-interface re-useChristian Poessinger
A bond member is not allowed to also be used as a source interface for e.g. PPPoE or MACsec.
2022-07-09Merge pull request #1405 from sever-sever/T4499Daniil Baturin
nat: T4499: Fix NAT not showing a single flow entry
2022-07-09nat: T4499: Fix NAT not showing a single flow entryViacheslav Hletenko
We must change dictionary if we get only onle flow entry I.e one NAT record With single entry we get: OrderedDict([('meta', xxx])) We expect: [OrderedDict([('meta', xxx]))]
2022-07-09Makefile: T4515: change from negative logic to positive logicChristian Poessinger
2022-07-09ip: T4517: drop forwarding from CLI "system ip ↵Christian Poessinger
disable-directed-broadcast-forwarding"
2022-07-09ip: T4517: add option to enable directed broadcast forwardingYuxiang Zhu
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1.
2022-07-09telegraf: T4515: we do not ship telegraf on arm64 builds - remove CLI ↵Christian Poessinger
definitions
2022-07-09Merge pull request #1404 from sever-sever/T4145Christian Poessinger
conntrack: T4145: Add show conntrack table ipv4
2022-07-09conntrack: T4145: Add show conntrack table ipv4Viacheslav Hletenko
After firewall rewriting, we lost the ability to show conntrack table as it used old code Rewrite and add it to XML/Python
2022-07-08Merge pull request #1401 from sever-sever/T4411Christian Poessinger
monitoring: T4411: Migrate influxdb options to influxdb node