summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-07-12Merge pull request #1409 from sever-sever/T4257Christian Poessinger
vrf: T4527: Prevent to create VRF with reserved names
2022-07-12vrf: T4527: Prevent to create VRF with reserved namesViacheslav Hletenko
VRF names: "add, all, broadcast, default, delete, dev, get, inet, mtu, link, type, vrf" are reserved and cannot be used for vrf name
2022-07-11smoketest: bridge: also test QinQ bridge member interfacesChristian Poessinger
2022-07-11vyos.configdict(): T4228: is_member() must split VLAN interfacesChristian Poessinger
Commit 39157912 ("vyos.configdict(): T4228: is_member() must use the "real" hardware interface") added a bugfix on calling is_member() to retrieve the real physical information about an interface. It did not include a code path to also split up VLAN interfaces. This has been fixed.
2022-07-10bond: T4522: add ability to specify mii monitor interval via CLIChristian Poessinger
Linux Kernel supports to specify the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. A value of 100 is a good starting point. The default value is 100. set interfaces bonding bond0 mii-mon-interval <n>
2022-07-10smoketest: bond: remove second instance of layer2+3 hash-policy testChristian Poessinger
2022-07-10vyos.configdict(): T4228: is_member() must use the "real" hardware interfaceChristian Poessinger
When is_member() is inspecting the bridge/Bond member interfaces it must work with the real interface (e.g. eth1) under the "ethernet" node and not work on the "member interface eth1" CLI tree, that makes no sense at all.
2022-07-10bond: T1557: re-add miimon configuration - lost in translationChristian Poessinger
2022-07-10bond: T4521: ARP monitor interval is not configured despite set via CLIChristian Poessinger
The code path for changing the interval is never executed.
2022-07-10smoketest: bond: add testcase for conflicting bridge memberChristian Poessinger
A bond member can not also be used as a member of a bridge interface.
2022-07-10smoketest: bond: add testcase for source-interface re-useChristian Poessinger
A bond member is not allowed to also be used as a source interface for e.g. PPPoE or MACsec.
2022-07-09Merge pull request #1405 from sever-sever/T4499Daniil Baturin
nat: T4499: Fix NAT not showing a single flow entry
2022-07-09nat: T4499: Fix NAT not showing a single flow entryViacheslav Hletenko
We must change dictionary if we get only onle flow entry I.e one NAT record With single entry we get: OrderedDict([('meta', xxx])) We expect: [OrderedDict([('meta', xxx]))]
2022-07-09Makefile: T4515: change from negative logic to positive logicChristian Poessinger
2022-07-09ip: T4517: drop forwarding from CLI "system ip ↵Christian Poessinger
disable-directed-broadcast-forwarding"
2022-07-09ip: T4517: add option to enable directed broadcast forwardingYuxiang Zhu
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1.
2022-07-09telegraf: T4515: we do not ship telegraf on arm64 builds - remove CLI ↵Christian Poessinger
definitions
2022-07-09Merge pull request #1404 from sever-sever/T4145Christian Poessinger
conntrack: T4145: Add show conntrack table ipv4
2022-07-09conntrack: T4145: Add show conntrack table ipv4Viacheslav Hletenko
After firewall rewriting, we lost the ability to show conntrack table as it used old code Rewrite and add it to XML/Python
2022-07-08Merge pull request #1401 from sever-sever/T4411Christian Poessinger
monitoring: T4411: Migrate influxdb options to influxdb node
2022-07-07smoketest: T4411: Add influxdb nodeViacheslav Hletenko
2022-07-07Merge pull request #1397 from sever-sever/T4503Christian Poessinger
op-mode: T4503: Prevent restart service if commit in progress
2022-07-07monitoring: T4411: Migrate influxdb options to influxdb nodeViacheslav Hletenko
As we have specific configuration for each plugin: set service monitoring telegraf xxx - azure-data-explorer - prometheus-client - splunk We should to move configuration that related to influxdb under influxdb node Replace: set service monitoring telegraf - authentication xxx - bucket xxx - port xxx - url To: set service monitoring telegraf influxdb xxx
2022-07-07op-mode: T4503: Prevent restart service if commit in progressViacheslav Hletenko
Prevent op-mode scripts from restarting services if commit in progress
2022-07-07op-mode: T3457: rename "mon log colored" -> "mon log color"Christian Poessinger
2022-07-07dns: op-mode: T2488: retrieve log info from journalctlChristian Poessinger
2022-07-07dns: T4509: improve 6to4 error messageChristian Poessinger
2022-07-07smoketest: dns: T4509: use dedicated 6to4 testcaseChristian Poessinger
2022-07-07smoketest: dns: forwarding: use setUpClass()Christian Poessinger
2022-07-07Merge pull request #1399 from sarthurdev/T4500Christian Poessinger
syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotate
2022-07-07syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotatesarthurdev
After discussion with @zsdc this was decided the better long term fix * Removes hourly logrotate cron in favour of systemd timer override
2022-07-06Merge pull request #1398 from sarthurdev/T4500Christian Poessinger
firewall: T4500: Fix logrotate size to match rsyslog default value
2022-07-06firewall: T4500: Fix logrotate size to match rsyslog default valuesarthurdev
2022-07-06Merge pull request #1395 from aapostoliuk/T4513Viacheslav Hletenko
webproxy: T4513: Fixed path to webroxy log files
2022-07-06webproxy: T4513: Fixed path to webroxy log filesaapostoliuk
Fixed path to webproxy log files in webproxy monitor commands
2022-07-05Merge pull request #1394 from sarthurdev/zone_default_logChristian Poessinger
zone-policy: T4512: Add support for `enable-default-log`
2022-07-05Merge pull request #1393 from sarthurdev/firewall_migrateChristian Poessinger
firewall: T2199: Fix migration when `icmpv6 type` is an integer
2022-07-05zone-policy: T4512: Add support for `enable-default-log`sarthurdev
2022-07-05firewall: T2199: Fix migration when `icmpv6 type` is an integersarthurdev
2022-07-05Merge pull request #1389 from sever-sever/T4509Christian Poessinger
dns: T4509: Add dns64-prefix option
2022-07-05op-mode: bgp: T4494: re-use available building blocks for BGP resetsChristian Poessinger
2022-07-05op-mode: bgp: T4494: add "reset bgp" op-mode treeChristian Poessinger
2022-07-05dns: T4509: Add dns64-prefix optionViacheslav Hletenko
rfc6147: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers set service dns forwarding dns64-prefix 2001:db8:aabb::/96
2022-07-05op-mode: bgp: T4494: drop incomplete "reset ipv6 bgp" commandChristian Poessinger
2022-07-05Merge pull request #1379 from sever-sever/T4494Christian Poessinger
bgp: T4494: Ability to reset bgp in VRF
2022-07-04Merge pull request #1386 from sarthurdev/geoip_negateChristian Poessinger
firewall: T4299: Add ability to inverse match country-codes
2022-07-04firewall: T4299: Add ability to inverse match country codessarthurdev
2022-07-04ntp: T4456: call verify_vrf() before individual interface validationChristian Poessinger
It makes no sense to test against a VRF that might not exist at all.
2022-07-04dhclient: T2393: fix "Failed to parse boolean value, ignoring: SIGKILL"Christian Poessinger
Commit 19789463 ("dhclient: T2393: introduce 20 seconds stop timeout - required for smoketesting on Qemu") assigned a string to a boolean field. This has been fixed.
2022-07-04ntp: T4456: support listening on specified interfaceChristian Poessinger
When clients only use DHCP for interface addressing we can not bind NTPd to an address - as it will fail if the address changes. This commit adds support to bind ntpd to a given interface in addition to a given address. set system ntp interface <name>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-16 18:31:00 +0000