summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-05-03Merge pull request #3403 from c-po/netns-removalDaniil Baturin
netns: T6295: disable incomplete support in VyOS 1.4 sagitta
2024-05-03Merge pull request #3402 from c-po/sagittaJohn Estabrook
pppoe-server: T6234: fix permissions on migration script
2024-05-02netns: T6295: disable incomplete support in VyOS 1.4 sagittaChristian Breunig
The netns support currently available on the VyOS CLI is only a proof-of-technology, we have no real support for any service behind it. In order to not confuse anyone on the LTS branch we decided to remove the netns option for interfaces until there is a proper usecase and implementation available.
2024-05-02pppoe-server: T6234: fix permissions on migration scriptJohn Estabrook
(cherry picked from commit a1f4404739e0baf2f378fe7c890174350a59ffc4)
2024-05-02Merge pull request #3394 from vyos/mergify/bp/sagitta/pr-3367Christian Breunig
T6269: policy: ensure correct rule parsing when using, and when not using <set table> option in policy route. (backport #3367)
2024-05-02Merge pull request #3401 from vyos/mergify/bp/sagitta/pr-3400Daniil Baturin
qos: T6225: Fix QoS random-detect policy (backport #3400)
2024-05-02Merge pull request #3393 from vyos/mergify/bp/sagitta/pr-3392Daniil Baturin
bgp: T6189: L3VPN connectivity is broken after re-enabling VRF (backport #3392)
2024-05-02Merge pull request #3396 from vyos/mergify/bp/sagitta/pr-3386Daniil Baturin
T6056: Change static-host-mapping should not restart snmpd (backport #3386)
2024-05-02qos: T6225: Fix qos random-detect policykhramshinr
Fix default values for random-detect Remove dsmakr qdisc from gred cofig because dsmark was deleted from kernel (cherry picked from commit 0b54c1bc411a21833ec573031cf5ad98fe709a2f)
2024-05-02Merge pull request #3395 from vyos/mergify/bp/sagitta/pr-3307Daniil Baturin
ntp: T4909 rewrite NTP op mode in the new format (backport #3307)
2024-05-02T6056: Change static-host-mapping shold not restart snmpdViacheslav Hletenko
We have several config XML definitions that use the same python3 script `system_host-name.py` https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_name-server.xml.in https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_host-name.xml.in https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_static-host-mapping.xml.in https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_domain-name.xml.in https://github.com/vyos/vyos-1x/blob/current/interface-definitions/system_domain-search.xml.in Any change in these scripts calls to restart the `service snmpd` The service `snmpd` should be restarted only if `host-name` or `domain-name` was changed. It is a good idea to rewrite it to `get_config_dict` in the future. (cherry picked from commit 4f1db505791deed533dddf0c2f5bdedd6fba34b8)
2024-05-02ntp: T4909: Rewrite NTP op mode in new formatGinko
ntp: T4909: Rewrite NTP op mode in new format Adapts ntp.xml.in to reference new ntp.py file Add ntp.py Adds a check to ntp.py to verify if the ntp service is configured Adds raw mode to ntp.py For raw output, replaces the original method of parsing the command line output FROM re.split+regex TO csv.reader. Separates chrony commands into equivalent functions show_tracking, show_sources, source_sourcestats and show_activity Revises the names of raw dictionary keys variables to be lowercase Corrects a comment typo and renames function name used for raw mode (cherry picked from commit d2a82c30695c2f4265dc5ca2165d27d5aa3e2cef)
2024-05-02T6269: policy: ensure correct rule parsing when using, and when not using ↵Nicolas Fort
<set table> option in policy route. (cherry picked from commit d518386d74ab09c7e75fdbf7f67e14839180f24b)
2024-05-01Merge pull request #3388 from vyos/mergify/bp/sagitta/pr-3364Christian Breunig
pppoe-server: T6234: PPPoE-server pado-delay refactoring (backport #3364)
2024-05-01bgp: T6189: explicitly call vtysh to remove VRF L3VNI configurationChristian Breunig
After e7bb65894 ("vrf: T6189: render FRR L3VNI configuration when creating VRF instance") we need to ensure that the VRF L3VNI configuration is removed in FRR prior to removing the BGP VRF instance. The reason is [1] where FRR only allows VRF BGP instance to be removed when there is NO VNI configured anymore. 1: https://github.com/FRRouting/frr/blob/064c3494527b9e84260410006768ed38e57e1de7/bgpd/bgp_vty.c#L1646-L1650 (cherry picked from commit 7b46172a4aecc714d929aecb8768ab82633de3ba)
2024-05-01vrf: T6189: render FRR L3VNI configuration when creating VRF instanceChristian Breunig
When adding and removing VRF instances on the fly it was noticed that the vni statement under the VRF instance in FRR vanishes. This was caused by a race condition which was previously designed to fix another bug. The wierd design of a Python helper below the VRF tree to only generate the VNI configuration nodes is now gone and all is rendered in the proper place. (cherry picked from commit e7bb65894f86372dc0f6e8fd39b1628e0a224c68)
2024-05-01Merge pull request #3391 from vyos/mergify/bp/sagitta/pr-3390Christian Breunig
smoketest: T6199: remove redundant code when unpacking Kernel GZ config (backport #3390)
2024-05-01smoketest: T6199: remove redundant code when unpacking Kernel GZ configChristian Breunig
(cherry picked from commit 6bcb201a0e7ee9fea5874b963bd3e727ecec578f)
2024-05-01pppoe-server: T6234: PPPoE-server pado-delay refactoringNataliia Solomko
(cherry picked from commit 107ee099e82397b31fca8cf1ac3860cbf76f0596)
2024-05-01Merge pull request #3385 from vyos/mergify/bp/sagitta/pr-3369Christian Breunig
firewall: T6257: Show member information for dynamic groups in op-mode (backport #3369)
2024-05-01firewall: T6257: Show member information for dynamic groups in op-modesarthurdev
(cherry picked from commit 456419c7930405b80d322586736734f707affaed)
2024-05-01Merge pull request #3383 from vyos/mergify/bp/sagitta/pr-3382Christian Breunig
haproxy: T6179: fix rule generation (backport #3382)
2024-05-01haproxy: T6179: fix rule generationNicolas Vollmar
(cherry picked from commit 0be0cdb932ca2d7399c026f1f601b56e179cc9c3)
2024-04-30Merge pull request #3377 from vyos/mergify/bp/sagitta/pr-3371Christian Breunig
openconnect: T4982: Support defining minimum TLS version in openconnect VPN (backport #3371)
2024-04-30Merge pull request #3380 from vyos/mergify/bp/sagitta/pr-3379Christian Breunig
T6169: DNS forwarding should allow underscore for srv record (backport #3379)
2024-04-30Merge pull request #3381 from vyos/mergify/bp/sagitta/pr-3368Christian Breunig
T6267: Check interface wireless module before apply config (backport #3368)
2024-04-30T6267: Check interface wireless module before apply configViacheslav Hletenko
Check if the wireless device/modem exists in the system and the module `ieee802111` was loaded In cases where we do not have wireless devices, it prevents the unexpected traceback ``` set interfaces wireless wlan0 address 192.0.2.5/32 commit Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/interfaces_wireless.py", line 269, in <modu> c = get_config() ^^^^^^^^^^^^ File "/usr/libexec/vyos/conf_mode/interfaces_wireless.py", line 104, in get_cg tmp = find_other_stations(conf, base, wifi['ifname']) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/libexec/vyos/conf_mode/interfaces_wireless.py", line 54, in find_os for phy in os.listdir('/sys/class/ieee80211'): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ FileNotFoundError: [Errno 2] No such file or directory: '/sys/class/ieee80211' ``` (cherry picked from commit 09c302d7e57a0fdb6c51ae8f61d5ad6371a30b67)
2024-04-30T6169: DNS forwarding should allow underscore for srv recordViacheslav Hletenko
This srv recors looks valid: ``` set service dns forwarding authoritative-domain _tcp.db.mongors1.example.com records srv _mongodb entry 0 hostname 'mongors1.example.com' ``` But FQDN validator cannot validate it correctly, use regex to fix (cherry picked from commit 3c37b6a44dca552da950b5288a30c7e074d58704)
2024-04-30Merge pull request #3378 from vyos/mergify/bp/sagitta/pr-3374Christian Breunig
T6273: Allowed the use of "-" and "_" in PPPoE access-concentrator name (backport #3374)
2024-04-30T6273: Allowed the use of "-" and "_" in PPPoE access-concentrator nameaapostoliuk
Allowed the use of "-" and "_" in PPPoE access-concentrator name (cherry picked from commit de38b01710958b7f7dababcff9557e4be98c8450)
2024-04-30openconnect: T4982: Support defining minimum TLS version in openconnect VPNAlex W
(cherry picked from commit 9ff74d4370f0a5f66c303074796dab8b1ca5c4a5)
2024-04-29Merge pull request #3376 from vyos/mergify/bp/sagitta/pr-3375Christian Breunig
T6272: Changed interface existence verification in pppoe/ipoe to Warning (backport #3375)
2024-04-29T6272: Changed interface existence verification in pppoe/ipoe to Warningaapostoliuk
Throwing Warning message instead of Error if interface which is used in pppoe/ipoe does not exist. (cherry picked from commit af7277c7d525c22749bc236ad2096bec5c08d998)
2024-04-29Merge pull request #3373 from jestabro/sagitta-configdep-redundancyDaniil Baturin
T5660: Remove redundant calls to config dependency scripts
2024-04-28configdep: T6276: do not call dependencies on script errorJohn Estabrook
(cherry picked from commit 9438f1f8394b7c90bb536292882571c88556ce87)
2024-04-28configdep: T5660: remove global redundancies under vyos-configdJohn Estabrook
(cherry picked from commit 70e1df1b5fcb3b1791cca320ed45b71e01e1ffda)
2024-04-28configdep: T5839: remove trivially redundant config dependency callsJohn Estabrook
(cherry picked from commit 5c173c5935eab3a8bd0f169759617c4296a92df7)
2024-04-28configdep: T5836: add boolean check whether script called as dependencyJohn Estabrook
(cherry picked from commit 80077eee89e4f0aa3af5dca1a4b2b5e1665bda6f)
2024-04-26Merge pull request #3365 from vyos/mergify/bp/sagitta/pr-3316Christian Breunig
qos: T4248: Allow to remove the only rule from the qos class (backport #3316)
2024-04-25Merge pull request #3366 from vyos/mergify/bp/sagitta/pr-3363Christian Breunig
T6263: Groups 224.0.0.0/24 are reserved and cannot be joined (backport #3363)
2024-04-25Merge pull request #3362 from vyos/mergify/bp/sagitta/pr-3361Christian Breunig
T6258: Add sysctl base-reachable-time for IPv6 (backport #3361)
2024-04-25T6263: Groups 224.0.0.0/24 are reserved and cannot be joinedViacheslav Hletenko
The join addresses within the multicast group 224.0.0.0/24 are reserved and cannot be joined FRR ``` r4(config)# interface eth2 r4(config-if)# ip igmp join 224.0.0.0 224.0.0.10 % Configuration failed. Error type: validation Error description: Groups within 224.0.0.0/24 are reserved and cannot be joined r4(config-if)# ``` Add verify check (cherry picked from commit c8f9acf5d91827b0d1266d3061a5e15a82628323)
2024-04-25qos: T4248: Allow to remove the only rule from the qos classkhramshinr
(cherry picked from commit da40bd2b2a826986de128354ea1bfc041ada0016)
2024-04-25T6258: Add sysctl base-reachable-time for IPv6Viacheslav Hletenko
Add abiilty to change `base_reachable_time_ms` option /proc/sys/net/ipv6/neigh/{ifname}/base_reachable_time_ms (cherry picked from commit 0bf4b570fe2d239b9fbabd3ae801ad3f04a06bde)
2024-04-24Merge pull request #3360 from vyos/mergify/bp/sagitta/pr-3359Daniil Baturin
T5833: Not all AFIs compatible with VRF add verify check (backport #3359)
2024-04-24T5833: Not all AFIs compatible with VRF add verify checkViacheslav Hletenko
Not all FRR address-families compatibe with VRF ``` r4# conf t r4(config)# router bgp 65001 vrf bgp r4(config-router)# r4(config-router)# address-family ipv4 flowspec Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# r4(config-router)# address-family ipv4 labeled-unicast Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# r4(config-router)# address-family ipv4 vpn Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# ``` Add verify AFI for VRF (cherry picked from commit a3713cd64f2f43f321a5138db94bb1a87edbffdd)
2024-04-24Merge pull request #3351 from c-po/action-updateDaniil Baturin
GitHub actions update for sagitta
2024-04-24Merge pull request #3358 from vyos/mergify/bp/sagitta/pr-3355Viacheslav Hletenko
T6109: Fix remote logging for sudo commands (backport #3355)
2024-04-24T6109: Fix remote logging for sudo commandsViacheslav Hletenko
This fix for bug when `sudo` commands were not send to the remote syslog server. They stop before the directive that includes all configurations `$IncludeConfig /etc/rsyslog.d/*.conf` (cherry picked from commit 7164ad40f5cc47f35c7903626d4d4da048a25113)
2024-04-23Merge pull request #3357 from vyos/mergify/bp/sagitta/pr-3340Christian Breunig
T6255: static-routing: don't render whitespace from static table descriptions (backport #3340)