summaryrefslogtreecommitdiff
path: root/smoketest
AgeCommit message (Collapse)Author
2024-07-24smoketest: T6592: verify no interface stalls in conntrack ct_iface_map on ↵mergify/bp/circinus/pr-3857Christian Breunig
deletion Now that interfaces are deleted from ct_iface_map during deletion it's time to also add a smoketest ensuring there is no entry in the ct_iface_map once an interface was deleted from the CLI. (cherry picked from commit 1c42ee9d16dd49fff2cbde652bf24a38f364526c)
2024-07-24interface: T6592: remove interface from conntrack ct_iface_map on deletionChristian Breunig
We always have had stale interface entries in the ct_iface_map of nftables/ conntrack for any interface that once belonged to a VRF. This commit will always clean the nftables interface map when the interface is deleted from the system. (cherry picked from commit 17c12bde5c6f314311e7524842fd1ddc254009b4)
2024-07-24smoketest: T6600: ospf: enable MPLS LDP on dummy interfacesmergify/bp/circinus/pr-3838Christian Breunig
(cherry picked from commit 71926f64385d7ab66431c60afa1fc8554ad7e2dc)
2024-07-22smoketest: T6406: use check_kmod() helper over native call()Christian Breunig
(cherry picked from commit 8bf6687b5276589e64988c3c54dbf61a628ee2a0)
2024-07-22smoketest: T6597: add "commit" debug informationChristian Breunig
(cherry picked from commit f6485f7df8713298d81ec0d45c548417db111523)
2024-07-22wireless: T6320: add 802.11ax at 6GHzAlain Lamar
Authored-By: Alain Lamar <alain_lamar@yahoo.de> (cherry picked from commit d5e988ba2d0fa0189feff22374c9b46eb49e2e79)
2024-07-22wireless: T6425: adjust to latest country-code changesmergify/bp/circinus/pr-3576Christian Breunig
Commit 9e22ab6b2a ("wireless: T6318: move country-code to a system wide configuration") removed the per wifi interface setting for a country-code. This commit adjust the smoketests to the new design. (cherry picked from commit 312273c9569d973c510d871adb941709804d8868)
2024-07-22wireless: T6425: Add smoketests for VHT beamformingAlain Lamar
(cherry picked from commit 578fbe0eb436697132e5a738fec5a4ac61ced8da)
2024-07-22T6599: ipsec: fix incorect default behavior for dead-peer-detectionmergify/bp/circinus/pr-3841Lucas Christian
(cherry picked from commit 23a3419d512139650cfe3dc76759b370b0c0c3d6)
2024-07-22T6599: ipsec: support disabling rekey of CHILD_SA.Lucas Christian
Also adds support for life_bytes, life_packets, and DPD for remote-access connections. Changes behavior of remote-access esp-group lifetime setting to have parity with site-to-site connections. (cherry picked from commit fd5d7ff0b4fd69b248ecb29c6ec1f3cf844c41cf)
2024-07-20utils: migrate to new get_vrf_tableid() helperChristian Breunig
Commit 452068ce7 ("interfaces: T6592: moving an interface between VRF instances failed") introduced a new helper to retrieve the VRF table ID from the Kernel. This commit migrates the old code path where the individual fields got queried to the new helper vyos.utils.network.get_vrf_tableid(). (cherry picked from commit 36f3791e0c15267483d59a3bb74465811d08df88)
2024-07-20interfaces: T6592: moving an interface between VRF instances failedChristian Breunig
To reproduce: set vrf name mgmt table '150' set vrf name no-mgmt table '151' set interfaces ethernet eth2 vrf 'mgmt' commit set interfaces ethernet eth2 vrf no-mgmt commit This resulted in an error while interacting with nftables: [Errno 1] failed to run command: nft add element inet vrf_zones ct_iface_map { "eth2" : 151 } The reason is that the old mapping entry still exists and was not removed. This commit adds a new utility function get_vrf_tableid() and compares the current and new VRF table IDs assigned to an interface. If the IDs do not match, the nftables ct_iface_map entry is removed before the new entry is added. (cherry picked from commit 452068ce78581bb6fba2df4dba197e95b9aeb33d)
2024-07-17configdep: T6559: add smoketest of dependency script errormergify/bp/circinus/pr-3813John Estabrook
(cherry picked from commit ad43aa885a8ef689da212088d6ebb37c32d72883)
2024-07-03Merge pull request #3757 from natali-rs1985/T5487-currentChristian Breunig
openvpn: T5487: Remove deprecated option --cipher for server and client mode
2024-07-03ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms optionkhramshinr
(cherry picked from commit 06e6e011cdf12e8d10cf1f6d4d848fd5db51720d)
2024-07-03openvpn: T5487: Remove deprecated option --cipher for server and client modeNataliia Solomko
2024-06-28T6477: Add telegraf loki output pluginViacheslav Hletenko
Add Loki plugin to telegraf set service monitoring telegraf loki url xxx (cherry picked from commit 3365eb7ab99fa9a259fe440eb51e82fc0a0a4dc6)
2024-06-24smoketest: T6510: ensure one cannot delete the current user in "system login"Christian Breunig
(cherry picked from commit 4c7719efa27d9d2966b70b924c90aa2c90022388)
2024-06-19macsec: T5447: fix error message syntax - there is no tx and rx key, only keyChristian Breunig
(cherry picked from commit f29caa824c02c833a3978b9236391e4277c1a6ba)
2024-06-13Merge pull request #3639 from natali-rs1985/T5487-currentDaniil Baturin
openvpn: T5487: Remove deprecated option --cipher for server and client mode
2024-06-11openvpn: T5487: Remove eprecated option --cipher for server and client modeNataliia Solomko
2024-06-11firewall: T3900: fix migration and smoketestsChristian Breunig
Commit 770edf016838523 ("T3900: T6394: extend functionalities in firewall") changed the position in the CLI for conntrack timeout. This lead to failing smoketests because of a regression in the migrator.
2024-06-10Merge pull request #3606 from c-po/utils-cpu-T5195Christian Breunig
vyos.utils: T5195: import vyos.cpu to this package
2024-06-10T6219: align with system sysctl and limit parameters to supportedNicolas Vollmar
2024-06-10container: T6219: Add support for container sysctl / kernel parametersBen Pilgrim
2024-06-10vyos.utils: T5195: import vyos.cpu to this packageChristian Breunig
The intention of vyos.utils package is to have a common ground for repeating actions/helpers. This is also true for number of CPUs and their respective core count. Move vyos.cpu to vyos.utils.cpu
2024-06-06Merge pull request #3578 from nicolas-fort/raw-hookDaniil Baturin
T3900: Add support for raw tables in firewall
2024-06-05Merge pull request #3571 from fett0/T6429Daniil Baturin
isis: T6429: fix isis metric-style configuration missing
2024-06-04ISIS: T6332: add smoketest optionfett0
2024-06-04T3900: T6394: extend functionalities in firewall; move netfilter sysctl ↵Nicolas Fort
timeout parameters defined in conntrack to firewall global-opton section.
2024-06-03reverse-proxy: T6434: Support additional healthcheck options (#3574)Alex W
2024-05-31Merge pull request #3557 from haimgel/T6422/allow-multiple-ns-recordsChristian Breunig
dns: T6422: allow multiple redundant NS records
2024-05-31T5307: QoS - traffic-class-map services (#3492)Roman Khramshin
added new syntax to work with class match filters in QoS policy
2024-05-30T6422: Smoke test for NS record configration in authoritative DNS, typo & ↵Haim Gelfenbeyn
style fixes
2024-05-30Merge pull request #3510 from HollyGurza/T4576Daniil Baturin
T4576: Accel-ppp logging level configuration
2024-05-30Merge pull request #3546 from c-po/haproxyChristian Breunig
reverse-proxy: T6419: build full CA chain when verifying backend server
2024-05-29reverse-proxy: T5231: better mark v4v6 listen any addressChristian Breunig
haproxy supports both ":::80 v4v6" and "[::]:80 v4v6" as listen statement, where the later one is more humand readable. Both act in the same way.
2024-05-29Merge pull request #3534 from sever-sever/T6411Daniil Baturin
T6411: CGNAT fix sequences for external address ranges
2024-05-29Merge pull request #3537 from fett0/T6332Christian Breunig
ISIS: T6332: Fix isis not working only ipv6
2024-05-29ISIS: T6332: Fix isis not working only ipv6fett0
2024-05-28Merge pull request #3529 from HollyGurza/T5786Christian Breunig
T5786: Add set/show system image to /image endpoint
2024-05-28T6411: CGNAT fix sequences for external address rangesViacheslav Hletenko
Fix the bug where address external alocation was not rely on sequences of the external IP addresses (if set)
2024-05-28T6406: rename cpus to cpuNicolas Vollmar
2024-05-28T6406: add container cpu limit optionNicolas Vollmar
2024-05-27T6406: check for required kernel configNicolas Vollmar
2024-05-27T5786: Add set/show system image to /image endpointkhramshinr
2024-05-27T4576: Accel-ppp logging level configurationkhramshinr
add ability to change logging level config for: * VPN L2TP * VPN PPTP * VPN SSTP * IPoE Server * PPPoE Serve
2024-05-26smoketest: T6395: check for VFIO options to be presentChristian Breunig
2024-05-23Merge pull request #3487 from Embezzle/T6370Christian Breunig
reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses
2024-05-22nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel ↵Christian Breunig
>=5.0 random - In kernel 5.0 and newer this is the same as fully-random. In earlier kernels the port mapping will be randomized using a seeded MD5 hash mix using source and destination address and destination port. https://git.netfilter.org/nftables/commit/?id=fbe27464dee4588d906492749251454