summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-09-22openvpn: T2907: add 'none' encryption option to not encrypt any dataMarcus Hoff
2020-09-22Merge pull request #549 from sever-sever/T2915Christian Poessinger
conf-mode: T2915: Adding lost option proxy-arp-pvlan for vlan
2020-09-22conf-mode: T2915: Adding lost option proxy-arp-pvlan for vlansever-sever
2020-09-22smoketest: macsec: T2023: check that source-interface is not used by any ↵Christian Poessinger
other interface
2020-09-22ifconfig: T2653: bond: bridge: ensure member interface is not a source-interfaceChristian Poessinger
As we already check that a bond/bridge member interface is not a member of any other bridge or bond, the check must be extended. We also need to ensure that the bond member interface is not used as a source-interface to pppoe, macsec, tunnel, pseudo-ethernet, vxlan interfaces.
2020-09-22ifconfig: T2653: move is_member() from vyos.vylidate to vyos.configdictChristian Poessinger
2020-09-21macsec: T2788: source-interface must not be member of a bridgeChristian Poessinger
Add verify() step to ensure the macsec source-interface is not already part of a bridge interface. This should probably also be checked for bond interfaces.
2020-09-21bridge: ifconfig: T2653: only delete member interfaces which still existChristian Poessinger
When removing e.g. a macsec interface and also its associated member interface from the bridge, it will happen that the macsec interface instance is long gone before we reach the code in the bridge interface which will remove it from the bridge itself. When this is the case, we can not call BridgeIf.del_port() as it will throw an exception that the interface does not exist. We now only remove a bridge member if the interface in question is still available in the kernel.
2020-09-21wireless: T2887: help when searching hidden SSIDs in station modeChristian Poessinger
2020-09-21wireless: T2887: hostapd: add bridge optionChristian Poessinger
2020-09-21smoketest: kernel: check for mandatory bond/lacp and bridge optionsChristian Poessinger
2020-09-21smoketest: macsec: T2023: test MTU settingChristian Poessinger
2020-09-20macsec: T2023: add missing mtu CLI optionChristian Poessinger
Base MTU for MACsec is 1468 bytes (encryption headers), but we leave room for 802.1ad and 802.1q VLAN tags, thus the limit is lowered to 1460 bytes to not make the user juggle with the MTU bytes if he enables VLAN support later on, which is yet to come.
2020-09-20ifconfig: T2653: remove duplicates of get_config()Christian Poessinger
A lot of derived classes from Interface implemented their own get_config() method which more or less was the same everywhere. We also hat different qualifiers like @staticmethod or @classmethod. This is now changed to only have the @classmethod in Interface base class which will return the necessary dictionary keys for the required interfaces. This change is a mid reduction in lines of code which is always a very nice thing!
2020-09-20wwan: ifconfig: T2905: sync CLI nodes in dialup interfacesChristian Poessinger
Both PPPoE and WWAN interfaces are dialer interfaces handled by ppp, but use different CLI nodes for the same functionality. PPPoE has "connect-on-demand" to initiate an "on-demand" dialing and WWAN uses "ondemand" for this purpose. Rename WWAN "ondemand" node to "connect-on-demand".
2020-09-20vif-s: ifconfig: T2903: use explicit VLAN protocol over raw numbersChristian Poessinger
In the past we had to provide the ethertype value used for the VLAN protocol (0x88A8 -> 802.1ad or 0x8100 -> 802.1q). This should be changed to a more user friendly CLI node (protocol over ethertype) and 802.1ad over it's raw value 0x88A8. There is no need in presenting RAW information from the ethernet header to the user. Also iproute2 calls it protocol which makes way more sense over the "raw" value.
2020-09-20smoketest: T2903: test 802.1ad (Q-in-Q) ethertypeChristian Poessinger
2020-09-20vyos.configdict: T2665: cleanup get_interface_dict() default dict handlingChristian Poessinger
2020-09-19dns: forwarding: T2900: restore proper Config() level in verify()Christian Poessinger
Despite the fact that running verify on Config() is "bad" and "not as intended" the level of the configuration must match the keys that are checked by exits(). Re-set proper Config() level before querying the system nodes.
2020-09-19wifi: ifconfig: T2875: add_to_bridge() must be called after starting servicesChristian Poessinger
hostapd/wpa_supplicant will control the admin state of an interface, thus we should re-add it to a bridge after we have launched those services.
2020-09-19ifconfig: T2653: cleanup VLAN interface commentsChristian Poessinger
2020-09-19smoketest: T2886: validate RADIUS configurationChristian Poessinger
2020-09-19ifconfig: T2653: convert VLAN interfaces do discrete classChristian Poessinger
Instead of using an Adapter pattern to make interfaces VLAN-aware, create a derived class named VLANIf to represent a VLAN. This change was necessary to eliminate mixed code in Interfaces class which was VLAN - free, but recently gained some VLAN specific code for set_admin_state(). In addition this "autoresolves" the issue in T2894 as a bond vlan interface will no longer change the lower interface.
2020-09-17smoketest: bond: T2894: extend commentsChristian Poessinger
2020-09-17smoketest: bond: T2894: vlan interfaces must not remove bond membersChristian Poessinger
A regression showed that when adding a vif to a bond the bond interface will loose all its member interfaces. This is - of course - super bad!
2020-09-17Merge pull request #546 from DmitriyEshenko/cur-1x-rbChristian Poessinger
ethernet: T2891: Add ethernet ring-buffer CLI commands
2020-09-17ethernet: T2891: Add ethernet ring-buffer CLI commandsDmitriyEshenko
2020-09-16smoketest: T2886: typo, use assertIn over asserInChristian Poessinger
2020-09-16wireless: T2887: add smoketest for hostapdChristian Poessinger
2020-09-16wireless: T1627: "capabilities ht smps" is not a multi nodeChristian Poessinger
2020-09-16wireless: T2887: Jinja2 can not work on keys starting with a numberChristian Poessinger
... an error would be presented: jinja2.exceptions.TemplateSyntaxError: expected token 'end of statement block', got 'mhz_incapable', thus we simply rename the key before rendering the template.
2020-09-16wireless: T2887: hostapd template cleanupChristian Poessinger
2020-09-16wireless: T1627: "capabilities ht max_amsdu" is not a multi nodeChristian Poessinger
VyOS 1.2 confirmed it was a regular node - copy/paste error.
2020-09-16wireless: T2887: fix template renderint on ht and vht optionsChristian Poessinger
2020-09-16configd: T2885: fix output of error string to config sessionJohn Estabrook
2020-09-16smoketest: T2886: RADIUS requires CONFIG_AUDIT Kernel optionChristian Poessinger
2020-09-15completion: T2238: add licenseChristian Poessinger
2020-09-15bonding: T2515: preserve interface admin state when removing from bondChristian Poessinger
Removing a member from a bond/LACP will turn the physical interface always in admin-down state. This is invalid, the interface should be placed into the state configured on the VyOS CLI. Smoketest on bond interfaces is extended to check this behavior.
2020-09-15vyos.configdict: T2515: leaf_node_changed() should return list or NoneChristian Poessinger
2020-09-15configd: T2885: print commit errors to config session terminalJohn Estabrook
2020-09-14Merge pull request #545 from sever-sever/T2874Christian Poessinger
op-mode: T2874: Add new utill for mtu-check
2020-09-14op-mode: T2874: Add new utill for mtu-checksever-sever
2020-09-13op-mode: T2841: support IPv6 for "monitor bandwidth-test initiate"Christian Poessinger
2020-09-13bandwidth-test: T2841: enable IPv6 reception which can receive both on IPv4/IPv6Christian Poessinger
2020-09-13bonding: T2878: new op-mode command: show interfaces bonding bond0 detailChristian Poessinger
vyos@vyos:~$ show interfaces bonding bond5 detail Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: IEEE 802.3ad Dynamic link aggregation Transmit Hash Policy: layer2 (0) MII Status: down MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 802.3ad info LACP rate: slow Min links: 0 Aggregator selection policy (ad_select): stable Slave Interface: eth1 MII Status: down Speed: Unknown Duplex: Unknown Link Failure Count: 0 Permanent HW addr: 00:50:56:bf:ef:aa Slave queue ID: 0 Aggregator ID: 1 Actor Churn State: churned Partner Churn State: churned Actor Churned Count: 1 Partner Churned Count: 1 Slave Interface: eth2 MII Status: down Speed: Unknown Duplex: Unknown Link Failure Count: 0 Permanent HW addr: 00:50:56:bf:19:26 Slave queue ID: 0 Aggregator ID: 2 Actor Churn State: churned Partner Churn State: churned Actor Churned Count: 1 Partner Churned Count: 1
2020-09-13bonding: T2877: support configuration of minimum number of active linksChristian Poessinger
Specifies the minimum number of links that must be active before asserting carrier. It is similar to the Cisco EtherChannel min-links feature. This allows setting the minimum number of member ports that must be up (link-up state) before marking the bond device as up (carrier on). This is useful for situations where higher level services such as clustering want to ensure a minimum number of low bandwidth links are active before switchover. This option only affects 802.3ad mode. The default value is 0. This will cause carrier to be asserted (for 802.3ad mode) whenever there is an active aggregator, regardless of the number of available links in that aggregator. Note that, because an aggregator cannot be active without at least one available link, setting this option to 0 or to 1 has the exact same effect.
2020-09-13ddclient: T2858: migrate to get_config_dict()Christian Poessinger
2020-09-13qat: T2857: add very limited smoketestChristian Poessinger
2020-09-13qat: T2857: cleanup configuration scriptChristian Poessinger
2020-09-13configd: T2582: add .gitignoreChristian Poessinger