Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-04-09 | ocserv: T4231: Added OTP support for Openconnect 2FA | goodNETnick | |
2022-03-31 | vyos.ifconfig: T4330: bugfix changing MTU when IPv6 is disabled | Christian Poessinger | |
Commit f8b3d8999c ("ipv6: T4319: do not configure IPv6 related settings if it's disabled") moved the MTU configuration part under the code path which is only run if IPv6 is enabled on the system. This prevented MTU changes on IPv6 disabled systems. | |||
2022-03-31 | Merge pull request #1258 from c-po/t4319-disable-ipv6 | Christian Poessinger | |
T4319: bugfixes for disabled IPv6 (current) | |||
2022-03-31 | bgp: T4326: Add bgp parameter no-suppress-duplicates | Viacheslav Hletenko | |
Add new bgp parameter 'no-suppress-duplicates' set protocols bgp parameters no-suppress-duplicates | |||
2022-03-30 | smoketest: T4319: verify correct assignment of loopback IP addresses | Christian Poessinger | |
2022-03-25 | smoketest: ipv6: fix testcase after using new sysctl interface | Christian Poessinger | |
2022-03-25 | smoketest: mpls: disable debug output | Christian Poessinger | |
2022-03-19 | smoketest: Verify export-list rule to ospf-area | fett0 | |
2022-03-16 | frr: T4302: fix Jinja2 template to match new FRR syntax | Christian Poessinger | |
According to a wrong bug [1] there is no longer a vrf suffix available for interfaces. This got changed in [2] which no longer print vrf name for interface config when using vrf-lite. 1: https://github.com/FRRouting/frr/issues/10805 2: https://github.com/FRRouting/frr/pull/10411 | |||
2022-03-16 | smoketest: remove failfast=True from certian tests | Christian Poessinger | |
2022-03-15 | frr: T4302: upgrade to version 8.2 | Christian Poessinger | |
2022-03-10 | Revert "component_version: T4291: consolidate read/write functions" | John Estabrook | |
This reverts commit 534f677d36285863decb2cdff179687b4fd690cb. Revert while investigating failure in vyos-configtest. | |||
2022-03-08 | component_version: T4291: consolidate read/write functions | John Estabrook | |
2022-03-03 | static: T4283: support "reject" routes - emit an ICMP unreachable when matched | Christian Poessinger | |
2022-03-01 | flow-accounting: T4277: support sending flow-data via VRF interface | Christian Poessinger | |
It should be possible to send the gathered data via a VRF bound interface to the collector. This is somehow related to T3981 but it's the opposite side of the netflow process. set system flow-accounting vrf <name> | |||
2022-02-26 | smoketest: lldp: add testcase | Christian Poessinger | |
(cherry picked from commit 2fd5eea801bb524c12217c26d98c44a819b2086e) | |||
2022-02-25 | smoketest: zone-policy: use setUpClass() over setUp() | Christian Poessinger | |
2022-02-25 | smoketest: webproxy: use setUpClass() over setUp() | Christian Poessinger | |
2022-02-23 | smoketest: tunnel: indention fixup | Christian Poessinger | |
2022-02-23 | tunnel: T4267: "parameters ip key" on GRE not required for different remotes | Christian Poessinger | |
2022-02-22 | Merge pull request #1230 from sever-sever/T1856 | Christian Poessinger | |
ipsec: T1856: Ability to set SA life bytes and packets | |||
2022-02-21 | Merge pull request #1231 from sever-sever/T3948 | Christian Poessinger | |
ipsec: T3948: Add CLI site-to-site peer connection-type none | |||
2022-02-21 | smoketest: vxlan: T4120: verify support for multiple remote addresses | Christian Poessinger | |
2022-02-20 | vxlan: T4120: add ability to set multiple remotes (PR #1127) | Andreas | |
VXLAN does support using multiple remotes but VyOS does not. Add the ability to set multiple remotes and add their flood lists using "bridge" command. | |||
2022-02-20 | ipsec: T3948: Add CLI site-to-site peer connection-type none | Viacheslav Hletenko | |
set vpn ipsec site-to-site peer 192.0.2.14 connection-type none | |||
2022-02-20 | smoketest: dhcp: T4203: set missing interface options if present | Christian Poessinger | |
Commit 5d14a04b ("smoketest: dhcp: T4203: move testcase to base class") added global support in the test case framework for DHCP tests. Some interfaces (e.g. MACsec) require additional options to be passed before the test can be launched. In the MACsec case this includes a source interface, or encryption ciphers. | |||
2022-02-20 | ipsec: T1856: Ability to set SA life bytes and packets | Viacheslav Hletenko | |
set vpn ipsec esp-group grp-ESP life-bytes '100000' set vpn ipsec esp-group grp-ESP life-packets '2000000' | |||
2022-02-20 | Merge branch 't4203-dhcp' into current | Christian Poessinger | |
* t4203-dhcp: smoketest: dhcp: T4203: move testcase to base class static: T4203: obey interface dhcp default route distance interface: T4203: prevent DHCP client restart if not necessary | |||
2022-02-20 | Merge pull request #1226 from sever-sever/T4254 | Christian Poessinger | |
vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options | |||
2022-02-20 | smoketest: dhcp: T4203: move testcase to base class | Christian Poessinger | |
We do not only provide DHCP functionality to ethernet interfaces, it's a common feature so the testcase should be made available for multiple interface types. | |||
2022-02-19 | vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options | Viacheslav Hletenko | |
Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn charon.install_virtual_ip_on swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z set vpn ipsec options flexvpn set vpn ipsec options virtual-ip set vpn ipsec options interface tunX set vpn ipsec site-to-site peer x.x.x.x virtual-address x.x.x.x | |||
2022-02-19 | smoketest: T4258: dhcp: bugfix failover ports | Christian Poessinger | |
Commit 5fc9ef9e ("DHCP : T4258: Set correct port for dhcp-failover") changed how the failover port is rendered into the ISC DHCPd configuration - adjustment of the smoketests was missed out. | |||
2022-02-17 | pki: eapol: T4245: Add full CA and client cert chains to wpa_supplicant PEM ↵ | Andrew Gunnerson | |
files This commit updates the eapol code so that it writes the full certificate chains for both the specified CA and the client certificate to `<iface>_ca.pem` and `<iface>_cert.pem`, respectively. The full CA chain is necessary for validating the incoming server certificate when it is signed by an intermediate CA and the intermediate CA cert is not included in the EAP-TLS ServerHello. In this scenario, wpa_supplicant needs to have both the intermediate CA and the root CA in its `ca_file`. Similarly, the full client certificate chain is needed when the ISP expects/requires that the client (wpa_supplicant) sends the client cert + the intermediate CA (or even + the root CA) as part of the EAP-TLS ClientHello. Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com> | |||
2022-02-16 | xml: T3474: add smoketest to check xml component versions are maintained | John Estabrook | |
Add smoketest to catch updates to a component version in legacy curver_DATA that is not present in xml syntaxVersion. | |||
2022-02-10 | smoketest: T3872: Fix token check for monitoring test | Viacheslav Hletenko | |
As INFLUX_TOKEN is present in override.conf.tmpl environment we expect variable "$INFLUX_TOKEN" in the telegraf template and config but not value of the token | |||
2022-02-06 | smoketest: bond: T4228: verify bond member is only used once | Christian Poessinger | |
2022-01-31 | smoketest: upnpd: T3420: refine code and re-use paths | Christian Poessinger | |
2022-01-31 | Merge pull request #1196 from hensur/current-ipv6-local-route-iif | Christian Poessinger | |
policy: T4219: add local-route(6) inbound-interface support | |||
2022-01-30 | policy: T4219: add local-route(6) incoming-interface | Henning Surmeier | |
2022-01-29 | firewall: T4218: Adds a prefix to all user defined chains | sarthurdev | |
2022-01-29 | Merge pull request #1195 from hensur/current-ipv6-local-route | Christian Poessinger | |
policy: T4151: bugfix multiple commits and smoketest | |||
2022-01-30 | Merge pull request #789 from jack9603301/T3420 | Daniil Baturin | |
upnpd: T3420: Support UPNP protocol | |||
2022-01-29 | policy: T4151: bugfix smoketest | Henning Surmeier | |
.sort() is an inplace operation and return None... | |||
2022-01-28 | policy: T4151: remove all previous rules on edit | Henning Surmeier | |
2022-01-21 | policy: T4151: Bugfix policy ipv6-local-route | Henning Surmeier | |
2022-01-20 | Merge pull request #1144 from hensur/current-ipv6-local-route | Christian Poessinger | |
policy: T4151: Add policy ipv6-local-route | |||
2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
2022-01-17 | Merge pull request #1174 from sarthurdev/firewall | Christian Poessinger | |
firewall: T4178: T3873: tcp flags syntax refactor, intra-zone-filtering fix | |||
2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
* Add support for ECN and CWR flags | |||
2022-01-15 | smoketest: ntp: T4184: check for "restrict default ignore" presencex | Christian Poessinger | |