summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-04-24wireguard: T1802: generate QR code for clients on CLIChristian Poessinger
generate wireguard mobile-config wg0 server wg.vyos.net address 1.2.2.2/24 WireGuard client configuration for interface: wg0 [Interface] PrivateKey = AEXrZ4b3xFVLg1lql3hy/93+d43q3+3vPdSMUGI6/Fo= Address = 1.2.2.2/24 [Peer] PublicKey = h1HkYlSuHdJN6Qv4Hz4bBzjGg5WUty+U1L7DJsZy1iE= Endpoint = wg.vyos.net:41751 AllowedIPs = 0.0.0.0/0, ::/0 The servers public key and port are automatically extracter from the running config.
2021-04-24policy: T2425: verify() must check if a policy is still usedChristian Poessinger
When deleting a route-map, prefix-list or access-list, we must ensure that this routing policy is not referenced by any other protocol or policy. When trying to remove a policy still in use, raise an error.
2021-04-23Merge pull request #817 from erkin/currentChristian Poessinger
T3356: Add support for custom source address for connections
2021-04-23T3356: Add support for custom source address for connectionserkin
2021-04-21Merge pull request #816 from sever-sever/T2216-op-modeChristian Poessinger
container: T2216: Rewrite op-mode to python
2021-04-21container: T2216: Rewrite op-mode to pythonsever-sever
2021-04-21containers: T2216: the first IP address is always reserved for podmanChristian Poessinger
2021-04-21containers: T2216: used "address" must belong to the used container networkChristian Poessinger
2021-04-21containers: T2216: refine implementationChristian Poessinger
This commit is a cleanup and refinement of the container hosting implementation. - Renamed CLI node ipv4-prefix -> prefix so both IPv4 and IPv6 prefix can be supplied in the future. This is currently limited to IPv4 only as when using IPv6 networks in combination with IPv4 the IPv4 prefix is altered randomly - De-nested if clauses - Use "for foo, bar in baz.items()" to more easily iterate of dictionary values, this means "bar" can be used to access "baz[foo]"
2021-04-21bridge: T2653: remove superfluous "import re"Christian Poessinger
2021-04-21containers: T2216: add op-mode "show container network" commandChristian Poessinger
2021-04-20Merge pull request #815 from zdc/T3471-sagittaChristian Poessinger
dhclient: T3471: Fixed process search for IPv4
2021-04-20xml: T3488: when using regex one must use ^ and $ when checking string literalsChristian Poessinger
2021-04-20interfaces: T3488: harden regex for supplied address stringChristian Poessinger
The previously used regex allowed an address value of "dhcpfoo" which is invalid and will raise an OSError. Harden the regex that it explicitly must be dhcp or dhcpv6.
2021-04-20dhclient: T3471: Fixed process search for IPv4zsdc
Some software starts dhclient without IP protocol flag (`-4`, `-6`), this commit adds the ability to find such processes as well as with a protocol flag. Additionally, to handle rare situations when PID file may not exists (most likely, when multiple dhclient processes started with the same PID file path), added last-resort action to kill such dhclients.
2021-04-20Revert "T2175: properly exist FRR "router" context when rendering templates"Christian Poessinger
This reverts commit 619c518bfc904b060b5b59180940a804fe1beafd.
2021-04-19mroute: T2364: fix Jinja2 template indentationsChristian Poessinger
2021-04-19T2175: properly exist FRR "router" context when rendering templatesChristian Poessinger
When rendering a dynamic routing protocol ensure the context, e.g. "router bgp" or "router ospf" is proberly exited before applying any zebra route-map.
2021-04-19policy: T2425: verify() route-map match criteriasChristian Poessinger
When we match on a community-list, extended community-list or even a large community-list ensure that the referenced list exists on the CLI.
2021-04-18policy: template: T2425: convert DOS to UNIX line endingsChristian Poessinger
2021-04-18policy: T2425: add missing route-map options when rendering templateChristian Poessinger
The following options one can specify in a route-map not got rendered as they have been missed out: * set comm-list * set community * set extcommunity (both route-target and site-of-origin) * set table
2021-04-18xml: policy: T2425: add additional valueHelp or completionHelp nodesChristian Poessinger
* community-list gained proper valueHelp nodes * route-map set community gained proper valueHelp nodes * route-map set comm-list now has a completion helper searching in "policy community-list"
2021-04-18policy: T2425: verify other policy types and probe for mandatory optionsChristian Poessinger
2021-04-18policy: T2425: add common verify() code for all types of policiesChristian Poessinger
2021-04-18policy: T2425: to simplify dictionary use get_first_key=True on ↵Christian Poessinger
get_config_dict()
2021-04-18smoketest: temporary disable container testsChristian Poessinger
2021-04-17policy: T2425: also modify route-map section when using FRR reloadChristian Poessinger
2021-04-17Merge branch 't2425-policy' of github.com:c-po/vyos-1x into currentChristian Poessinger
* 't2425-policy' of github.com:c-po/vyos-1x: policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/Python
2021-04-17policy: T2425: re-implement "policy" tree from vyatta-cfg-quagga in XML/PythonChristian Poessinger
2021-04-17Merge pull request #814 from sever-sever/T2216-smoketestChristian Poessinger
smoketest: T2216: Containers set ip to test01
2021-04-17smoketest: kernel-modules: fail hard if module is unloadableChristian Poessinger
2021-04-17smoketest: policy: add test for the route-map logicChristian Poessinger
2021-04-17smoketest: T2216: Containeres set ip to test01sever-sever
2021-04-17Merge pull request #812 from erkin/currentChristian Poessinger
T3472: Move over commit-confirm-notify.py from vyatta-config-mgmt
2021-04-17T3472: Move over commit-confirm-notify.py from vyatta-config-mgmterkin
2021-04-16Merge pull request #811 from jestabro/no-tag-node-value-mangleJohn Estabrook
config: T3481: add switch to prevent mangling of tag node values
2021-04-16config: T3481: add switch to prevent mangling of tag node valuesJohn Estabrook
2021-04-16Merge pull request #809 from erkin/currentChristian Poessinger
util: T3356: Fix password variables
2021-04-16Merge pull request #810 from sever-sever/T2216-smokeChristian Poessinger
containers: T2216: Static ip for conteiner smoketest
2021-04-16containers: T2216: Static ip for conteiner smoketestsever-sever
2021-04-16util: T3356: Fix password variableserkin
2021-04-15protocols: remove superfluous import of vyos.util.callChristian Poessinger
2021-04-15Debian: add missing FRR dependenciesChristian Poessinger
As all routing protocol definitions have been moved from the soon deprecated vyatta-cfg-quagga package to vyos-1x, we also need to take care about all the dependencies. Add missing frr-rpki-rtrlib and frr-snmp dependency and enforce a FRR version of at least 7.5 which holds all the features we currently support.
2021-04-15smoketest: policy: inherit sequence numbersChristian Poessinger
In the vyatta-cfg-quagga days the access-list(6) or prefix-list(6) sequence numbers have been made up artifically. The new implementation from vyos-1x will re-use the rule number specified on the CLI as the sequence number, this we have to alter the tast cases to get a proper match from the beginning - covering both the old and new world. This can be done by using rule numbers that are multiples of 5.
2021-04-15Merge pull request #808 from sever-sever/T2216-smokeChristian Poessinger
containers: T2216: Add smoketest
2021-04-15containers: T2216: Add smoketestsever-sever
2021-04-15bgp: T2771: add vpn, multicast, flowspec address familiesCheeze-It
In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com>
2021-04-15Merge pull request #807 from zdc/T3392-sagittaChristian Poessinger
dhclient: T3392: Changed dhclient-script hooks for VRF
2021-04-15dhclient: T3392: Changed dhclient-script hooks for VRFzsdc
There were two problems with VRF support inside dhclient-script: - VRF check inside the `01-vyos-cleanup` hook was needless because it will be done inside the `03-vyos-ipwrapper` anyway; - VRF was ignored for in-kernel routes in `03-vyos-ipwrapper`. Theoretically, there must be no situation now when this can leads to a real problem, but better will be to keep both kernel and FRR backends in sync. Also, the way to get and use a VRF name was changed to an easier one.
2021-04-14xml: T3475: disable processing of syntaxVersion elementJohn Estabrook