summaryrefslogtreecommitdiff
path: root/smoketest/configs
AgeCommit message (Collapse)Author
2022-09-21ipoe: T4678: T4703: rewrite to get_config_dict()Christian Poessinger
In addition to the rewrite to make use of get_config_dict() the CLI is slightly adjusted as specified in T4703. * Rename vlan-id and vlan-range to simply vlan * Rename network-mode to simply mode * Re-use existing common Jinja2 template for Accel-PPP which are shared with PPPoE and SSTP server. * Retrieve default values via defaultValue XML node
2022-09-17pppoe-server: T4703: combine vlan-id and vlan-range into single CLI nodeChristian Poessinger
The initial Accel-PPP PPPoE implementation used: set service pppoe-server interface <name> vlan-id <id> set service pppoe-server interface <name> vlan-range <start-stop> This is actually a duplicated CLI node.
2022-08-29smoketest: config: drop almost empty https service testChristian Poessinger
2022-08-28smoketest: T4643: bind sstp service to port 8443Christian Poessinger
2022-08-27smoketest: T4643: create individual configs fot https service and sstp vpnChristian Poessinger
2022-08-27Revert "smoketest: T4643: Change openconnect default port"Christian Poessinger
This reverts commit fa91f567b7b5f009aaaed569b3f5e5db4b638d39.
2022-08-27Revert "smoketest: T4643: Delete vpn sstp from config as we have HTTP"Christian Poessinger
This reverts commit c2fc87c02dd556dd1569ff2fd81c9e2485a80459.
2022-08-26smoketest: T4643: Delete vpn sstp from config as we have HTTPViacheslav Hletenko
HTTP and sstp cannot work together and in the test config 1.4-rolling-202106290839 we didnot have configurable port for such services So we shoud delete sstp from this smoketest config test In fact it is never working at all 'smoketest/configs/pki-misc' It commits without errors before but in the real life we get 3 services (https openconnect sstp) that bound the same port
2022-08-25smoketest: T4643: Change openconnect default portViacheslav Hletenko
Change openconnect port as both ocserv and sstp bind by default the same port 443
2022-07-07syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotatesarthurdev
After discussion with @zsdc this was decided the better long term fix * Removes hourly logrotate cron in favour of systemd timer override
2022-07-05firewall: T2199: Fix migration when `icmpv6 type` is an integersarthurdev
2022-07-01openvpn: T4485: Add CRL to OpenVPN config testsarthurdev
2022-06-29openvpn: T4485: Update PKI migrator to handle full CA chain migrationsarthurdev
* Also determines and maps to correct CA for migrated CRL
2022-05-31smoketest: policy: T3976: add migratable config snippetChristian Poessinger
2022-05-25configtest: T4382: no migration to 'bgp local-as' under vrfJohn Estabrook
The migration script bgp/0-to-1 did not address 'protocols bgp ASN' -> 'protocols bgp local-as ASN' under a vrf. Move to configs.no-load for review on extending/adding a migration script.
2022-05-25configtest: T4382: missing block in migration script vrf/0-to-1John Estabrook
The config vrf-basic reveals a missing block in the migration script vrf/0-to-1, moving 'next-hop-vrf' to 'vrf'. As this only exists in Sagitta, modify script 0-to-1. Also, fix the 'system nt' typo seen in vrf-ospf.
2022-05-25configtest: T4382: inconsistent ipsec component versionJohn Estabrook
The pki-ipsec sagitta-era config contains 'vpn ipsec ipsec-interfaces interface eth0' with ipsec component version ipsec@6, however, this construction is successfully moved by migration script ipsec/5-to-6. Consequently, this must have been an error in translation of the config file. Note that this is unrelated to the corrected error regarding an empty 'ipsec-interfaces' node. Move config to configs.no-load for review.
2022-05-25configtest: T4382: bgp_small_as has a nonsensical entryJohn Estabrook
bgp_small_as contains set commands such as: 'protocols static route 10.0.0.0/8 MY-NAS distance 254' which would appear to have no meaning, in any VyOS version. Move to config.no-load for analysis.
2022-05-25configtest: T4382: 'nat ... log' takes no 'enable' argumentJohn Estabrook
The component version in bgp-dmvpn-spoke is nat@5, however, 4-to-5 removes the boolean argument. It is confirmed that the migration script works correctly, hence, it must be a typo in translation; remove argument 'enable'.
2022-05-25configtest: T4382: system@20 cannot have 'user level' (16-to-17)John Estabrook
The config file isis-small has system@20, but 'user level' which was migrated in system/16-to-17; remove the line in the config, as there is no problem with the migration script in question.
2022-05-25configtest: T4382: remove typoJohn Estabrook
This is a typo in vrf-ospf: 'system nt' on the line before 'system ntp'.
2022-05-05smoketest: do not auto-load big firewall config on smoketestChristian Poessinger
This takes a very long time, but keep the config for manual runs
2022-05-05policy: T4414: add support for route-map "as-path prepend last-as x"Christian Poessinger
2022-04-30smoketest: import large firewall config from T1230Christian Poessinger
2022-04-29smoketest: add basic QoS configurationChristian Poessinger
2022-04-28arp: T4397: change CLI syntax to support interface and VRF bound ARP entriesChristian Poessinger
* set protocols static arp interface eth0 address 192.0.2.1 mac 01:23:45:67:89:01
2022-04-25smoketest: config: T4397: add ARP entries for a second interfaceChristian Poessinger
2022-04-25smoketest: config: T4397: add some static ARP entriesChristian Poessinger
2022-04-07ipv6: T4346: delete (migrate) CLI command to disable IPv6 address familyChristian Poessinger
2022-04-06firewall: T4345: Fix incorrect rule limit rate syntaxsarthurdev
2022-03-06smoketest: config: add "recent" firewall rule to dialup-routerChristian Poessinger
2022-02-28ssh: T4273: bugfix cipher and key-exchange multi nodesChristian Poessinger
After hardning the regex validator to be preceeded with ^ and ending with $ it was no longer possible to have a comma separated list as SSH ciphers. The migrations cript is altered to migrate the previous comma separated list to individual multi node entries - cipher and key-exchange always had been multinodes - so this just re-arranges some values and does not break CLI compatibility
2022-01-17firewall: policy: T4178: Migrate and refactor tcp flagssarthurdev
* Add support for ECN and CWR flags
2022-01-11policy: T2199: Refactor policy route script for better error handlingsarthurdev
* Migrates all policy route references from `ipv6-route` to `route6` * Update test config `dialup-router-medium-vpn` to test migration of `ipv6-route` to `route6`
2021-12-25flow-accounting: T4105: drop "sflow agent-address auto"Christian Poessinger
The implementation of the "auto" option to specify the sflow/netflow agent-address is very error prone. The current implementation will determine the IP address used for the "auto" value as follow: Get BGP router-id 1) If not found use OSPF router-id 2) If not found use OSPFv3 router-id 3) If not found use "the first IP address found on the system Well, what is the "first IP address found"? Also this changes if DHCP is in use. Also another disadvantage is when the BGP/OSPF/OSPFv3 router-id is changed, the agent-address is not updated upon the next reboot of the system. This task is about removing the "auto" keyword from the CLI at all and make it either entirely configurable by the user and hardcode the value in CLI, or not use this at all. If "auto" is specified we will query the system in the above order and set the proper router-id in the CLI. If none can be found the CLI node is removed.
2021-10-31smoketest: config: add DMVPN hub and spoke examplesChristian Poessinger
2021-10-22tunnel: T3925: fix configtest - source-interface does not work with gretapChristian Poessinger
2021-10-21tunnel: T3925: dhcp-interface was of no use - use source-interface insteadChristian Poessinger
(cherry picked from commit c1015d8ce0013719eb898b60b14ffec192b8141c)
2021-10-05smoketest: bgp: T3741: bugfix invalid IP address (missing prefix size)Christian Poessinger
2021-10-04bgp: T3741: "parameter default no-ipv4-unicast" is now a default optionChristian Poessinger
2021-09-06smoketest: config: add DHCP name-server to dialup-router-medium-vpn configChristian Poessinger
T3804 changed how DHCP servers from DHCP interfaces are read in and passed to the system. The config migrator is tested with this addition.
2021-08-26smoketest: config: drop empty newline at EOF for "isis-small" testChristian Poessinger
2021-07-26smoketest: config: azure: also utilize "default-esp-group" featureChristian Poessinger
2021-07-22ipsec: T2816: remove "auto-update" CLI optionChristian Poessinger
Update/refresh of DNS records is now handled internally by Strongswan.
2021-07-22pki: https: T3642: Migrate HTTPS to use PKI configurationsarthurdev
2021-07-20pki: sstp: T3642: Migrate SSTP to PKI configurationsarthurdev
2021-07-20pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configurationsarthurdev
2021-07-15pki: ipsec: l2tp: T2816: T3642: Move IPSec/L2TP code into vpn_ipsec.py and ↵sarthurdev
update to use PKI.
2021-07-07pki: T3642: Migrate rsa-keys to PKI configurationsarthurdev
2021-06-29pki: ipsec: T3642: Migrate IPSec to use PKI configurationsarthurdev