Age | Commit message (Collapse) | Author |
|
Using threaded as CLI node is a very deep term used by kernel threads. To make
this more understandable to users, rename the node to per-client-thread.
It's also not necessary to test if any one peer is configured and probing if
the option is set. There is a base test which requires at least one peer
to be configured.
|
|
Added 'set interfaces wireguard wgX threaded' command.
Process traffic from each peer in a dedicated thread.
|
|
ipsec: T5426: Added exceptions in vici functions calls
|
|
wireguard: T5413: Blocked adding the peer with the router's public key
|
|
Disabeled adding the peer with the same public key as the router has.
Added smoketest
|
|
Added exceptions in vici functions calls
|
|
When no-release is specified, dhcp6c client will not release allocated address or prefix on client exit.
vyos.ifconfig: dhcpv6: T5387: re-use options_file for no release flag [WIP]
* Todo: render Jinja2 template and fill it
vyos.ifconfig: dhcpv6: T5387: finish options_file and no release flag in cli
vyos.ifconfig: dhcpv6: T5387: fix missing/wrong end tag
vyos.ifconfig: dhcpv6: T5387: fix options, no var for -n
dhcpv6-client: T5387: fix missing / from filepaths
|
|
|
|
|
|
xml: T5403: add support for supplemental xml cache
|
|
|
|
|
|
|
|
- added ability to set a timeout, with default value 10s
- added exceptions handling to show nicer messages for users
- denied to use untrusted SSH hosts in non-interactive mode
|
|
T4889: NAT Redirect: adddestination nat redirection (to local host) feature.
|
|
|
|
The fix for T5345 dropped a necessary adjusment in the case of
get_first_key=False.
|
|
|
|
|
|
|
|
|
|
|
|
* FixedDict can be found in vyos.utils.dict.FixedDict
* Move vyos.authutils to vyos.utils.auth
|
|
|
|
|
|
* T5195: move run, cmd, call, rc_cmd helper to vyos.utils.process
* T5195: use read_file and write_file implementation from vyos.utils.file
Changed code automatically using:
find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import read_file$/from vyos.utils.file import read_file/g' {} +
find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import write_file$/from vyos.utils.file import write_file/g' {} +
* T5195: move chmod* helpers to vyos.utils.permission
* T5195: use colon_separated_to_dict from vyos.utils.dict
* T5195: move is_systemd_service_* to vyos.utils.process
* T5195: fix boot issues with missing imports
* T5195: move dict_search_* helpers to vyos.utils.dict
* T5195: move network helpers to vyos.utils.network
* T5195: move commit_* helpers to vyos.utils.commit
* T5195: move user I/O helpers to vyos.utils.io
|
|
|
|
|
|
|
|
config: T5330: add boolean check for additions by default in config dict
|
|
|
|
This check can raise a false positive exception in the case of a
tag-node value name equal to the tag-node name; it is unneeded in any
case as the functions are called with well-defined paths, respectively,
with a correct verification.
|
|
|
|
|
|
|
|
|
|
|
|
VPP: T1797: Optimizations for VPP memory allocation during startup
|
|
T5314: Fix default QOS classes not getting qdisc
|
|
|
|
|
|
- modified `sysctl_read()` to return the whole value
- modified `sysctl_write()` logic to return `True` only in case a value was
changed successfully
- added `sysctl_apply()` to apply a dictionary of values at once
|
|
|
|
|
|
Prevent duplicatte prio fot tc command
|
|
QoS index priority should be used only for qostype 'shaper'
otherwise we set priority 2 times, that is incorrect.
OSError: [Errno 255] failed to run command:
tc filter add dev eth2 parent 1: prio 5 protocol all prio 1 u32 match ip src 10.1.1.0/24 flowid 1:1e
exit code: 255
Fix it
|
|
Fix QoS tc class with multiple matches generates one rule but
expects multiple filter rules:
set qos policy shaper test class 23 match one ip protocol 'tcp'
set qos policy shaper test class 23 match two ip protocol 'udp'
tc filter add dev eth0 parent 1: protocol all prio 1 u32 match ip protocol 6 0xff flowid 1:17
tc filter add dev eth0 parent 1: protocol all prio 2 u32 match ip protocol 17 0xff flowid 1:17
|
|
tc filter rate limit should be used only if qostype is 'limiter'
and not 'shaper'
|
|
T1797: Add initial vpp configuration
|
|
- added extra renaming operation to be sure that interface has the same name as
before in the system after it was moved from VPP to kernel
- added extra check after PCI device removal/adding
- added check for proper `retval` for CPI calls where it is available
- replaced empty return with an error in `_get_pci_address_by_interface()`
because not resolved address will lead to inconsistency of the system later
|