summaryrefslogtreecommitdiff
path: root/smoketest/scripts
AgeCommit message (Collapse)Author
2024-01-18smoketest: T5779: clear conntrack config on test startupChristian Breunig
2024-01-18Merge pull request #2839 from josephillips85/currentChristian Breunig
dhcp: T5952: Fix validate duplicate MAC Address on same subnet
2024-01-18dhcp: T5952: validate duplicate DUID in static-mappings incl. smoketestsChristian Breunig
2024-01-17Merge pull request #2832 from aapostoliuk/T5865-circinusChristian Breunig
T5865: Moved ipv6 pools to named ipv6 pools in accel-ppp
2024-01-16T5865: Moved ipv6 pools to named ipv6 pools in accel-pppaapostoliuk
Moved ipv6 pools to named ipv6 pools in accel-ppp services
2024-01-14bgp: T591: add VPN nexthop support per address-familyChristian Breunig
set protocols bgp address-family ipv4-unicast nexthop vpn export <ipv4-address|ipv6-address> set protocols bgp address-family ipv6-unicast nexthop vpn export <ipv4-address|ipv6-address>
2024-01-14bgp: T591: add SRv6 per address-family SID supportChristian Breunig
set protocols bgp address-family ipv4-unicast sid vpn export <auto|1-1048575> set protocols bgp address-family ipv6-unicast sid vpn export <auto|1-1048575>
2024-01-13Merge pull request #2817 from sarthurdev/kea6-optionsChristian Breunig
dhcpv6: T3316: Extend scope of DHCP options, bugfixes
2024-01-13dhcpv6: T3316: Move options to separate node and extend scopessarthurdev
* Also migrate `address-range` to `range` tag node for consistency with dhcpv4 server syntax
2024-01-12T5922: firewall: fix intra-zone filtering parsing rules; update firewall ↵Nicolas Fort
smoketest
2024-01-11dhcp: dhcpv6: T3316: Add `subnet-id` so leases remain mapped to entries in ↵Simon
the lease file (#2796)
2024-01-10Merge pull request #2787 from c-po/bgp-5913Viacheslav Hletenko
bgp: T5913: allow peer-group support for ipv4|6-labeled-unicast SAFI
2024-01-10bgp: T5913: allow peer-group support for ipv4|6-labeled-unicast SAFIChristian Breunig
2024-01-10Merge pull request #2785 from sarthurdev/kea-optionsChristian Breunig
dhcp: T3316: T5787: T5912: Extend scope of DHCP options, bugfixes
2024-01-10dhcp: T5787: Prevent duplicate IP addresses on static mappingssarthurdev
2024-01-10dhcp: T3316: Fix `listen-address` handling and add `listen-interface` as ↵sarthurdev
supported by Kea
2024-01-10dhcp: T3316: Move options to separate node and extend scopessarthurdev
2024-01-09pki: T5911: fix service update algorithm if certificate name contains a ↵Christian Breunig
hyphen (-) When testing for changed PKI certificates using node_changed(), we should not use key_mangling=('-', '_'), as this will make certificate updates with a hypen not possible.
2024-01-09https: T5902: remove virtual-host configurationChristian Breunig
We have not seen the adoption of the https virtual-host CLI option. What it did? * Create multiple webservers each listening on a different IP/port (but in the same VRF) * All webservers shared one common document root * All webservers shared the same SSL certificates * All webservers could have had individual allow-client configurations * API could be enabled for a particular virtual-host but was always enabled on the default host This configuration tried to provide a full webserver via the CLI but VyOS is a router and the Webserver is there for an API or to serve files for a local-ui. Changes Remove support for virtual-hosts as it's an incomplete and thus mostly useless "thing". Migrate all allow-client statements to one top-level allow statement.
2024-01-07Merge pull request #2768 from c-po/pki-ipsec-T5905Christian Breunig
pki: T5905: do not use expand_nodes=Diff.ADD|Diff.DELETE) in node_changed()
2024-01-07smoketest: T5195: fix BasicInterfaceTest tearDown() timeout penaltyChristian Breunig
Commit ad9bdfc24 ("T5195: add timeout argument to process_named_running()") added a 2*10 seconds penalty for every interface test (dhcp and dhcpv6). This leads to long runs of "make test" after an ISO build. There is no need to wait 10 seconds for a test that checks for a process not running. The timeout is there to give the process some time to startup.
2024-01-07smoketest: T5905: always delete pki in ipsec test startupChristian Breunig
2024-01-06T5195: add timeout argument to process_named_running()Christian Breunig
Smoketests heavily rely on process_named_running() so in order to "relax" system constraints during a test we will add a timeout of 10 seconds for every testcase provided by base_interfaces_test.py
2024-01-06dns: T5900: fix smoketests for serve-stale-extension and ↵Christian Breunig
exclude-throttle-address This fixes commit 199ceb1f0a ("dns: T5900: add dont-throttle-netmasks and serve-stale-extensions powerdns features") where after the latest review round the Jinja2 template was inconsitently changed and smoketests were not re-run.
2024-01-06dns: T5900: add dont-throttle-netmasks and serve-stale-extensions powerdns ↵fvlaicu
features
2024-01-04Merge pull request #2749 from c-po/kernel-6.6Christian Breunig
smoketests: T5887: remove IXGB driver
2024-01-04T5159: nat: add option to map network and ports. Feature used for large ↵Nicolás Fort
deployments in cgnat. (#2694)
2024-01-04configdict: T5894: add get_config_dict() flag with_pkiChristian Breunig
VyOS has several services relaying on the PKI CLI tree to retrieve certificates. Consuming services like ethernet, openvpn or ipsec all re-implemented the same code to retrieve the certificates from the CLI. This commit extends the signature of get_config_dict() with a new option with_pki that defaults to false. If this option is set, the PKI CLI tree will be blended into the resulting dictionary.
2024-01-03smoketests: T5887: remove IXGB driverChristian Breunig
From Kernel commit e485f3a6eae0 ("ixgb: Remove ixgb driver") There are likely no users of this driver as the hardware has been discontinued since 2010. Remove the driver and all references to it in documentation.
2024-01-02pki: T3642: add missing base64 constraint on PEM keysChristian Breunig
2024-01-01tunnel: T5879: properly verify source-interface used for tunnelsChristian Breunig
A tunnel interface can not properly be sourced from a pppoe0 interface when such interface is not (yet) connected to the BRAS. It might work on a running system, but subsequent reboots will fail as the source-interface most likely does not yet exist.
2023-12-31T5474: establish common file name pattern for XML conf mode commandsChristian Breunig
We will use _ as CLI level divider. The XML definition filename and also the Python helper should match the CLI node. Example: set interfaces ethernet -> interfaces_ethernet.xml.in set interfaces bond -> interfaces_bond.xml.in set service dhcp-server -> service_dhcp-server-xml.in
2023-12-30T5870: ipsec remote access VPN: add x509 ("pubkey") authentication.Lucas Christian
2023-12-30ipsec: T1210: extend remote-access smoketest with IP pool configurationChristian Breunig
This extends commit 1a84c4d0e ("ipsec: T1210: add smoketest for remote-access (road-warrior) users") in a way that also the IPv4 pool and its DNS servers get validated. There is no separate IPv6 test, as both address families behave the same way when configuring these.
2023-12-30Merge pull request #2722 from c-po/t1210-ipsec-smoketestViacheslav Hletenko
ipsec: T1210: add smoketest for remote-access (road-warrior) users
2023-12-30ipsec: T1210: add smoketest for remote-access (road-warrior) usersChristian Breunig
2023-12-30Merge pull request #2718 from indrajitr/shorten-domain-search-pathChristian Breunig
system: T5877: Shorten system domain-search config path
2023-12-30smoketest: remove base accel-ppp testcase function commentsChristian Breunig
Python unittest framework treads the comments as test names during execution: Example: test_accel_ipv4_pool (__main__.TestVPNPPTPServer.test_accel_ipv4_pool) Test accel-ppp IPv4 pool ... ok
2023-12-29system: T5877: Update smoketests for domain-search and related configIndrajit Raychaudhuri
In addition to testing for shortening the domain-search path, add and improve tests for other resolv.conf entries.
2023-12-29smoketest: T5867: extend container tests for IPv4 and IPv6 networksChristian Breunig
2023-12-28Merge pull request #2658 from aapostoliuk/T5801-circinusChristian Breunig
T5801: Rewritten L2TP to get_config_dict
2023-12-28Merge pull request #2650 from indrajitr/kea-reservation-fixChristian Breunig
dhcp: T3316: Support hostname, DUID and MAC address in reservation
2023-12-27Merge pull request #2693 from aapostoliuk/T5859-circinusChristian Breunig
T5859: Fixed format of pool range in the accel-ppp config
2023-12-27T5859: Fixed format of pool range in the accel-ppp configaapostoliuk
Fixed format of ipv4 pool range from 'x.x.x.x-x.x.x.y' to 'x.x.x.x-y'
2023-12-26firewall: T5834: Add support for default log for route policyIndrajit Raychaudhuri
One can now do `set policy route foo default-log` which will add log to the policy route chain.
2023-12-26firewall: T5834: Rename 'enable-default-log' to 'default-log'Indrajit Raychaudhuri
Rename chain level defaults log option from `enable-default-log` to `default-log` for consistency.
2023-12-25snmp: T5855: migrate "set service lldp snmp enable" to "set service lldp snmp"Christian Breunig
2023-12-21dhcp: T3316: Update smoketest for hostname, DUID, MAC in reservationIndrajit Raychaudhuri
Also, have the smoketest start with a clean CLI instance.
2023-12-21Merge pull request #2663 from c-po/srv6-part2Christian Breunig
srv6: T591: enable SR enabled packet processing on defined interfaces
2023-12-20T2898: add ndp-proxy serviceChristian Breunig
VyOS CLI command set service ndp-proxy interface eth0 prefix 2001:db8::/64 mode 'static' Will generate the following NDP proxy configuration $ cat /run/ndppd/ndppd.conf # autogenerated by service_ndp-proxy.py # This tells 'ndppd' how often to reload the route file /proc/net/ipv6_route route-ttl 30000 # This sets up a listener, that will listen for any Neighbor Solicitation # messages, and respond to them according to a set of rules proxy eth0 { # Turn on or off the router flag for Neighbor Advertisements router no # Control how long to wait for a Neighbor Advertisment message before invalidating the entry (milliseconds) timeout 500 # Control how long a valid or invalid entry remains in the cache (milliseconds) ttl 30000 # This is a rule that the target address is to match against. If no netmask # is provided, /128 is assumed. You may have several rule sections, and the # addresses may or may not overlap. rule 2001:db8::/64 { static } }