summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-04-10nat: T2199: bugfix dry-run newly generated config before installChristian Poessinger
Commit bb76e8d7f1635 ("nat: T2199: dry-run newly generated config before install") added support to verify the generated nftables ruleset. Unfortunately if the verify failed - a Python exception was triggered: NameError: name 'nftables_ct_file' is not defined This was due to bad copy/pasting.
2022-04-10smoketest: nat: use setUpClass() over setUp()Christian Poessinger
2022-04-10nat(66): T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10eapol: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10dns: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-10ocserv: T4231: increment config version 1 -> 2Christian Poessinger
2022-04-09Merge pull request #1242 from goodNETnick/ocserv_local_otpChristian Poessinger
ocserv: T4231: Added OTP support for Openconnect 2FA
2022-04-09ocserv: T4231: Added OTP support for Openconnect 2FAgoodNETnick
2022-04-08Merge pull request #1278 from sever-sever/T4344Christian Poessinger
dhcp-server: T4344: Fix underscores for shared network name
2022-04-08Merge branch 'current' into T4344Viacheslav Hletenko
2022-04-08Merge pull request #1148 from tacerus/dhcpdDaniil Baturin
T4156: Add bootfile-size option
2022-04-08Merge branch 'current' into dhcpdGeorg
2022-04-08dhcp-server: T4344: Fix underscores for shared network nameViacheslav Hletenko
Shared network name should not be handled by tag node mangling I.e. should not replace underscores with dashed set service dhcp-server shared-network-name NET_01 shared-network NET_01 { authoritative; ... on commit { set shared-networkname = "NET_01"; } }
2022-04-08dhcp(v6): T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-08container: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-08smoketest: vrf: T4346: IPv6 address family can no longer be disabled in the ↵Christian Poessinger
Kernel
2022-04-08Merge pull request #1277 from jestabro/api-smoketestChristian Poessinger
T4347: Bug fix and extension of HTTP smoketest
2022-04-07smoketest: http: add check for missing keyJohn Estabrook
2022-04-07smoketest: http: bind http api to unix domain socketJohn Estabrook
2022-04-07http api: T4347: return complete and consistent error codesJohn Estabrook
2022-04-07policy: T4194: simplify prefix-list duplication checksChristian Poessinger
Commit 5dafe255d ("policy: T4194: Add prefix-list duplication checks") added first support for FRR prefix-list duplication checks. FRR does not allow to specify the same profix list rule multiple times. vyos(config)# ip prefix-list foo seq 10 permit 192.0.2.0/24 vyos(config)# ip prefix-list foo seq 20 permit 192.0.2.0/24 % Configuration failed. Error type: validation Error description: duplicated prefix list value: 192.0.2.0/24 There is a VyOS verify() function which simply probed for the prefix, action, le and ge settings - but as Python has excellent support when comparing data, this can be as simple as a dictionary comparison using "==".
2022-04-07ipv6: T4346: delete (migrate) CLI command to disable IPv6 address familyChristian Poessinger
2022-04-07ipv6: T4346: deprecate CLI command to disable IPv6 address familyChristian Poessinger
2022-04-07vyos.base: T4346: add common DeprecationWarning() classChristian Poessinger
2022-04-07qos: T4284: rename "traffic-policy" node to "qos policy"Christian Poessinger
"set traffic-policy" now becomes "set qos policy" "set interface ethernet eth0 traffic-policy" now bvecomes "set qos interface eth0"
2022-04-07qos: T4284: verify mirror/redirect target interface existsChristian Poessinger
2022-04-07qos: T4284: support mirror and redirect on vlan subinterfacesChristian Poessinger
2022-04-07qos: T4284: support mirror and redirect on all interface typesChristian Poessinger
2022-04-06dns: forwarding: T4343: add CLI option for PowerDNS network-timeoutBracken
Makes the powerdns `network-timeout` setting configurable via: `service dns forwarding timeout`. The powerdns default is 1500ms, VyOS now explicitly sets the same default value or the configured value so that the setting can have a readily apparent default in the help, rather than the user having to know it's powerdns.
2022-04-06Merge pull request #1275 from sarthurdev/firewall_limitChristian Poessinger
firewall: T4345: Fix incorrect firewall rule limit rate format
2022-04-06firewall: T4345: Fix incorrect rule limit rate syntaxsarthurdev
2022-04-06Merge pull request #1274 from srividya0208/T4342Christian Poessinger
op-comm: ospf : error for ospf neighbor address command
2022-04-06op-comm: ospf : error for ospf neighbor address commandsrividya0208
Error received when executed the sh ip ospf neighbor address 33.33.33.33 % Unknown command: sh ip ospf neighbor address 33.33.33.33
2022-04-06smoketest: http: test API authenticationChristian Poessinger
2022-04-06smoketest: http: verify nginx config fileChristian Poessinger
2022-04-06smoketest: vrf: T4331: IPv6 link-local addresses not configured for ↵Christian Poessinger
interface in VRF
2022-04-06dns: forwarding: T3804: fix warning message about "system name-server"Christian Poessinger
2022-04-05Merge pull request #1270 from sever-sever/T4331Christian Poessinger
interfaces: T4331: Fix assign link-local static IPv6 addr to vrf
2022-04-05interfaces: T4331: Fix assign link-local static IPv6 addr to vrfViacheslav Hletenko
If we have link-local static address and vrf, for example: set interfaces ethernet eth2 address 'fe80::5200:ff:fe55:222/64' set interfaces ethernet eth2 vrf 'foo' This IPv6 address was assigned before vrf, as result after attaching the intreface to vrf we lose this static linklocal address DEBUG/IFCONFIG cmd 'ip addr add fe80::5200:ff:fe55:222/64 dev eth2' DEBUG/IFCONFIG cmd 'ip link set dev eth2 master foo' DEBUG/IFCONFIG cmd 'ip addr add fe80::5208:ff:fe13:2/64 dev eth2' This commit fixes this, the address is assigned after vrf assign
2022-04-05dns: forwarding: T3804: bugfix DHCP name-servers used for recursionChristian Poessinger
Commit 2ecf7a9f9c ('name-server: T3804: merge "system name-servers-dhcp" into "system name-server"') missed out an old dictionary key "system_name_server_dhcp" and thus system nameservers configured via DHCP did not get used for the DNS forwar recursor.
2022-04-04login: T4341: busy wait on userdel(8) until the account was deleted successfullyChristian Poessinger
2022-04-04smoketest: login: verify test accounts are properly deletedChristian Poessinger
2022-04-04login: T4341: disable user account prior to deletionChristian Poessinger
2022-04-04smoketest: ssh: verify SSH service is stopped on removalChristian Poessinger
2022-04-04smoketest: ssh: verify login of valid and invalid test userChristian Poessinger
In order to test for proper system authentication and security setup a new testcase is added which performs an SSH login and command execution with a predefined user. The result (output of uname -a) must match the output if the command is run natively. We also try to login as an invalid user - this is not allowed to work.
2022-04-04wifi: T4339: tab-completion results in "No such file or directory"Christian Poessinger
2022-04-04wwan: T4339: tab-completion results in "No such file or directory"Christian Poessinger
2022-04-04wwan: T4338: changing interface description should not trigger reconnectChristian Poessinger
Changing the WWAN interface description will trigger an interface reconnect. Reconnects should only be triggered in changes to the connection parameters like bond interfaces.
2022-04-04Merge pull request #1267 from sever-sever/T2580Christian Poessinger
ipoe: T2580: Add pools and gateway options
2022-04-04ipoe: T2580: Add pools and gateway optionsViacheslav Hletenko
Add new feature to allow to use named pools Can be used also with Radius attribute 'Framed-Pool' set service ipoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service ipoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'