| Age | Commit message (Collapse) | Author |
|
vpp: T9018: Auto-enable promiscuous mode for interfaces with VLANs
|
|
remote: T8829: fall back to GET when HEAD is not supported
|
|
VPP drops VLAN-tagged frames unless the parent interface has promiscuous
mode enabled, causing VLAN sub-interfaces to lose connectivity.
Automatically enable promiscuous mode on VPP interfaces that have VLAN
sub-interfaces (vif/vif-s) configured.
|
|
deleted
Deleting "protocols static" set config_dict['static'] to a dict object shared
by reference across every deleted protocol. Merging the PPPoE/DHCP default-route
data into it left the "deleted" marker in place, so the entire staticd section -
including the just-merged default route - was skipped during FRR rendering,
dropping the default route from the RIB/FIB.
Copy the shared deleted-protocol marker before mutating it, and clear the marker
once DHCP/PPPoE content has been merged in so the section is still rendered.
|
|
This change re-implements the intended behaviour from T4180 aswell as from
T4506, it ensures that both the vrf-member interface aswell as the vrf itself
is added as an oifname -> meaning that traffic traversing and originating from
withing VyOS is matches outbound.
Changes done by c-po:
* re-sort dependency list to keep diff low
* vyos.configdict.is_vrf_changed() should return early and not carry
over the to-be return value
* keep common coding style (dict by . separation) in nftables-zone.j2
Co-authored-by: Christian Breunig <christian@breunig.cc>
|
|
**kwargs)
"show system commit diff <rev>" produces no output (exit 0) for any revision,
regardless of how much the revisions differ. The revision store and diff engine
are intact - "show system commit file <rev>" works, and so does
ConfigMgmt().compare(rev1=0, rev2=1) which returns the correct diff when called
directly.
Commit a29d73d00 ("op-mode: T8362: "compare" command lacks catch_broken_pipe
decorator") added @catch_broken_pipe to ConfigMgmt.show_commit_diff to suppress
BrokenPipeError tracebacks when piping output, but the decorator calls the
wrapped function without returning its value. Thus the op-mode framework will
receive None and prints nothing.
|
|
ifconfig: T9008: refactor vyos.ifconfig to use cmdl() for safer subprocess execution
|
|
ci: T8490: fix typos in comments, strings, and local identifiers
|
|
utils: T9003: add list-argument variant of cmd() for safer subprocess execution
|
|
Reaches a clean typos baseline for the T8490 ruleset pilot. Categories:
- Comments/docs: recursivly, taret, passsed, characted, arhive, AtrributeError;
"ned" -> "new" (migration comments).
- Messages/strings: writeable -> writable (x5); OCaml log "Commandis" -> "Command is".
- Local variables (all refs in-function): commited, formating, presistent;
inpt_range -> input_range; tz_datas -> tz_data_raw (avoids the tz_data collision).
- Self-contained renames (definition + all references in-file): formated_stats,
_get_formatted_output_conections -> ..._connections, expension_failure ->
expansion_failure (ping + traceroute), snmpd_restart_reqired -> ..._required.
False positives are allowlisted centrally (vyos/.github, separate PR), NOT changed
here: mke2fs, Maya-calendar "Mak", RFC 4122 "IDentifier" (hostapd), and VPP's
"U-Forwrd" bridge-domain column header (op_mode/vpp.py + the VPP smoketest assert
the real upstream `vppctl` output). Verified: typos clean, py_compile of every
edited .py, zero remaining old-identifier references.
🤖 Generated by [robots](https://vyos.io)
|
|
geoip: T8987: Support updates via source-address/vrf
|
|
T8097: strongswan: add CLI for ESN
|
|
|
|
T9015: fix thread safety of configtree read/write_cache
|
|
T8993: initialize ReferenceTree module from string not file
|
|
geoip: T5746: Add GeoIP ASN support
|
|
For thread-safe calls, move file operations to the Python side, leaving
only string operations for calls to ctypes bindings.
|
|
Avoid initialization error in threaded applications, for example when
calling libvyosconfig functions from FastAPI background tasks.
The read_internal function from file relies on the inherently non
thread-safe Unix module; read string first and pass to lib read_string.
|
|
concurrent rekey
The vti-up-down hook and vpn_ipsec.py modify a flat-file DB
(/tmp/ipsec_vti_interfaces) through three context managers that do an
unlocked read-modify-write. During a coordinated rekey, strongSwan fires
the hook for many VTIs concurrently, so the writers lost-update each
other: an interface whose up-client add is overwritten is left admin-down
while its CHILD_SA stays installed.
Serialise all DB access by reusing vyos.utils.locking.Lock. A new
_vti_updown_db_lock() context manager wraps the three public context
managers, and remove_vti_updown_db() holds the lock across both the DB
processing and the os.unlink() to close the create/delete race.
Make the helpers absence-safe under the lock so callers no longer compose
a separate existence check with a locked operation:
open_vti_updown_db_readonly() yields None when the DB does not exist and
remove_vti_updown_db() is a no-op when it is absent. Drop the
now-redundant unlocked vti_updown_db_exists() pre-checks in vti.py and
vpn_ipsec.py and handle the None yield.
|
|
T8099: strongswan: 6.0.6 + Post quantum options
|
|
vpp: T8913: Skip bond teardown for non-structural config changes
|
|
Add options for mlkem*
|
|
Introduce 'anycast-gateway' leafNode for pseudo-ethernet interfaces.
When set, a local FDB entry is installed on the parent bridge to
prevent the shared anycast MAC from leaking over the VXLAN overlay.
|
|
vpp: T8603: Expand ACL support to logical interfaces
|
|
HttpC.download() always probed remote URLs with HEAD before GET to
discover redirects and Content-Length. Some APIs (e.g. AbuseIPDB)
reject HEAD with 405 Method Not Allowed, causing firewall remote-group
downloads to fail and leave empty cached list files.
Treat HEAD 405/501 as unsupported and proceed with GET using the
original URL. When HEAD does not provide Content-Length, read it from
the GET response headers instead. Validate available storage after
determining file size and before opening the destination file.
Log sanitized download errors in vyos-domain-resolver when a remote-
group list-file fetch fails. Add unit tests with mock servers that
return 405 or 501 on HEAD and 200 on GET.
|
|
execution
Replace all cmd() calls in the vyos.ifconfig library with cmdl(), passing
arguments as lists instead of interpolated strings. This eliminates a class
of command-injection risks that arise when building shell commands with
f-strings or other string formatting.
|
|
The decode argument of cmd() is never changed and thus always pointing to
utf-8, remove the code.
|
|
A list-argument variant of cmd() for safer subprocess execution named cmdl().
Command must be a list of strings; no shell interpolation is performed, which
eliminates a class of command-injection risks present when building commands
with f-strings or other string formatting.
|
|
get_wrapper() now returns [] instead of None. It makes the existing string
format usage in cmd() cleaner, as it will show just the command in debug runs
rather then "None /[path/to/cmd"
|
|
Add CLI commands:
set vpn ipsec ike-group MyIKEGroup proposal 1 esn ESN-VALUE
set vpn ipsec esp-group MyESPGroup proposal 1 esn ESN-VALUE
Where ESN-VALUE can be one of:
* required: only establish connection using ESN
* optional: try using ESN, but if not available, accept non-ESN
* disabled (default): don't use ESN
StrongSwan 6.0.6 doesn't allow connections between proposal with
'-noesn' and without '-esn'/'-noesn'. To make it work as expected, use
two proposals for 'optional' and 'disabled':
* required: PROPOSAL-esn
* optional: PROPOSAL-esn-noesn,PROPOSAL
* disabled: PROPOSAL-noesn,PROPOSAL
|
|
config: T8858: fix mutable default argument in config API methods
|
|
firewall: T8546: Fix conntrack_required for global state-policy
|
|
flush_ip() used flush_addr(label=iface_name) which only matches addresses
whose label equals exactly the interface name. Secondary IP addresses are
assigned with :N suffixed labels (e.g. defunct_eth0:2, defunct_eth0:3)
and are not matched, so they remain on the interface.
Fix by flushing addresses by interface index instead of label, which
removes all addresses regardless of their label.
|
|
|
|
|
|
T8923: normalize "can not" to "cannot" and other typo fixes
|
|
|
|
|
|
Replace two-word "can not" / "Can not" with "cannot" across comments,
ConfigError messages, CLI help text, and op-mode output.
Standard SNMP MIB files under mibs/ are left unchanged.
|
|
|
|
|
|
This is no real need to have these in config_mgmt; moving to config_sync
will localize needed modifications to local/remote configs for exclusion
mask.
|
|
Add util for commonly used retrieval of ConfigTree of the saved config.
|
|
|
|
vrf: T8936: Specify `pref 1998` when deleting fwmark routing rules on VRF removal
|
|
T8503: clean up linting errors, reformatting, and minor refactoring
|
|
remote: T8956: stop leaking URL credentials in TftpC.upload()
|
|
removal
|
|
VPP bond teardown was triggered on every commit regardless of
what changed, dropping all subinterfaces and BGP sessions even
for trivial changes like descriptions or IP addresses.
Only mode, hash-policy and mac_address require full recreation
since VPP has no in-place update API for these; all other
changes are now applied incrementally.
|
|
TftpC.upload() printed `{command} "{urlstring}"` to stdout before running the
command. This was debug code from the time where VRF support was added. As TFTP
has no authentication - no credentials got leaked.
|