summaryrefslogtreecommitdiff
path: root/smoketest
AgeCommit message (Collapse)Author
2022-04-06smoketest: http: test API authenticationChristian Poessinger
2022-04-06smoketest: http: verify nginx config fileChristian Poessinger
2022-04-06smoketest: vrf: T4331: IPv6 link-local addresses not configured for ↵Christian Poessinger
interface in VRF
2022-04-04smoketest: login: verify test accounts are properly deletedChristian Poessinger
2022-04-04smoketest: ssh: verify SSH service is stopped on removalChristian Poessinger
2022-04-04smoketest: ssh: verify login of valid and invalid test userChristian Poessinger
In order to test for proper system authentication and security setup a new testcase is added which performs an SSH login and command execution with a predefined user. The result (output of uname -a) must match the output if the command is run natively. We also try to login as an invalid user - this is not allowed to work.
2022-04-03smoketest: ospfv3: remove obsolete "end=''" statement in VRF interfaceChristian Poessinger
This is actually no longer required in FRR 8.2.2
2022-04-03smoketest: ospfv3: T4302: adjust to FRR 8.2 CLIChristian Poessinger
2022-04-03smoketest: ospf(v3): ensure we can also run this test on a live systemChristian Poessinger
2022-04-03smoketest: isis: support running on live systemsChristian Poessinger
2022-04-03smoketest: isis: extend testcase to verify 'is-type level-2-only' can be setChristian Poessinger
2022-04-01smoketest: bgp: adjust test parameter indentionChristian Poessinger
2022-04-01bgp: T4332: addpath-tx-per-as requires BGP deterministic-med paramtere to be setChristian Poessinger
2022-04-01smoketest: bgp: verify graceful-restart options per neighborChristian Poessinger
2022-03-31vyos.ifconfig: T4330: bugfix changing MTU when IPv6 is disabledChristian Poessinger
Commit f8b3d8999c ("ipv6: T4319: do not configure IPv6 related settings if it's disabled") moved the MTU configuration part under the code path which is only run if IPv6 is enabled on the system. This prevented MTU changes on IPv6 disabled systems.
2022-03-31Merge pull request #1258 from c-po/t4319-disable-ipv6Christian Poessinger
T4319: bugfixes for disabled IPv6 (current)
2022-03-31bgp: T4326: Add bgp parameter no-suppress-duplicatesViacheslav Hletenko
Add new bgp parameter 'no-suppress-duplicates' set protocols bgp parameters no-suppress-duplicates
2022-03-30smoketest: T4319: verify correct assignment of loopback IP addressesChristian Poessinger
2022-03-25smoketest: ipv6: fix testcase after using new sysctl interfaceChristian Poessinger
2022-03-25smoketest: mpls: disable debug outputChristian Poessinger
2022-03-19smoketest: Verify export-list rule to ospf-areafett0
2022-03-16frr: T4302: fix Jinja2 template to match new FRR syntaxChristian Poessinger
According to a wrong bug [1] there is no longer a vrf suffix available for interfaces. This got changed in [2] which no longer print vrf name for interface config when using vrf-lite. 1: https://github.com/FRRouting/frr/issues/10805 2: https://github.com/FRRouting/frr/pull/10411
2022-03-16smoketest: remove failfast=True from certian testsChristian Poessinger
2022-03-15frr: T4302: upgrade to version 8.2Christian Poessinger
2022-03-10Revert "component_version: T4291: consolidate read/write functions"John Estabrook
This reverts commit 534f677d36285863decb2cdff179687b4fd690cb. Revert while investigating failure in vyos-configtest.
2022-03-08component_version: T4291: consolidate read/write functionsJohn Estabrook
2022-03-06smoketest: config: add "recent" firewall rule to dialup-routerChristian Poessinger
2022-03-03static: T4283: support "reject" routes - emit an ICMP unreachable when matchedChristian Poessinger
2022-03-01flow-accounting: T4277: support sending flow-data via VRF interfaceChristian Poessinger
It should be possible to send the gathered data via a VRF bound interface to the collector. This is somehow related to T3981 but it's the opposite side of the netflow process. set system flow-accounting vrf <name>
2022-02-28ssh: T4273: bugfix cipher and key-exchange multi nodesChristian Poessinger
After hardning the regex validator to be preceeded with ^ and ending with $ it was no longer possible to have a comma separated list as SSH ciphers. The migrations cript is altered to migrate the previous comma separated list to individual multi node entries - cipher and key-exchange always had been multinodes - so this just re-arranges some values and does not break CLI compatibility
2022-02-26smoketest: lldp: add testcaseChristian Poessinger
(cherry picked from commit 2fd5eea801bb524c12217c26d98c44a819b2086e)
2022-02-25smoketest: zone-policy: use setUpClass() over setUp()Christian Poessinger
2022-02-25smoketest: webproxy: use setUpClass() over setUp()Christian Poessinger
2022-02-23smoketest: tunnel: indention fixupChristian Poessinger
2022-02-23tunnel: T4267: "parameters ip key" on GRE not required for different remotesChristian Poessinger
2022-02-22Merge pull request #1230 from sever-sever/T1856Christian Poessinger
ipsec: T1856: Ability to set SA life bytes and packets
2022-02-21Merge pull request #1231 from sever-sever/T3948Christian Poessinger
ipsec: T3948: Add CLI site-to-site peer connection-type none
2022-02-21smoketest: vxlan: T4120: verify support for multiple remote addressesChristian Poessinger
2022-02-20vxlan: T4120: add ability to set multiple remotes (PR #1127)Andreas
VXLAN does support using multiple remotes but VyOS does not. Add the ability to set multiple remotes and add their flood lists using "bridge" command.
2022-02-20ipsec: T3948: Add CLI site-to-site peer connection-type noneViacheslav Hletenko
set vpn ipsec site-to-site peer 192.0.2.14 connection-type none
2022-02-20smoketest: dhcp: T4203: set missing interface options if presentChristian Poessinger
Commit 5d14a04b ("smoketest: dhcp: T4203: move testcase to base class") added global support in the test case framework for DHCP tests. Some interfaces (e.g. MACsec) require additional options to be passed before the test can be launched. In the MACsec case this includes a source interface, or encryption ciphers.
2022-02-20ipsec: T1856: Ability to set SA life bytes and packetsViacheslav Hletenko
set vpn ipsec esp-group grp-ESP life-bytes '100000' set vpn ipsec esp-group grp-ESP life-packets '2000000'
2022-02-20Merge branch 't4203-dhcp' into currentChristian Poessinger
* t4203-dhcp: smoketest: dhcp: T4203: move testcase to base class static: T4203: obey interface dhcp default route distance interface: T4203: prevent DHCP client restart if not necessary
2022-02-20Merge pull request #1226 from sever-sever/T4254Christian Poessinger
vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options
2022-02-20smoketest: dhcp: T4203: move testcase to base classChristian Poessinger
We do not only provide DHCP functionality to ethernet interfaces, it's a common feature so the testcase should be made available for multiple interface types.
2022-02-19vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on optionsViacheslav Hletenko
Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn charon.install_virtual_ip_on swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z set vpn ipsec options flexvpn set vpn ipsec options virtual-ip set vpn ipsec options interface tunX set vpn ipsec site-to-site peer x.x.x.x virtual-address x.x.x.x
2022-02-19smoketest: T4258: dhcp: bugfix failover portsChristian Poessinger
Commit 5fc9ef9e ("DHCP : T4258: Set correct port for dhcp-failover") changed how the failover port is rendered into the ISC DHCPd configuration - adjustment of the smoketests was missed out.
2022-02-17pki: eapol: T4245: Add full CA and client cert chains to wpa_supplicant PEM ↵Andrew Gunnerson
files This commit updates the eapol code so that it writes the full certificate chains for both the specified CA and the client certificate to `<iface>_ca.pem` and `<iface>_cert.pem`, respectively. The full CA chain is necessary for validating the incoming server certificate when it is signed by an intermediate CA and the intermediate CA cert is not included in the EAP-TLS ServerHello. In this scenario, wpa_supplicant needs to have both the intermediate CA and the root CA in its `ca_file`. Similarly, the full client certificate chain is needed when the ISP expects/requires that the client (wpa_supplicant) sends the client cert + the intermediate CA (or even + the root CA) as part of the EAP-TLS ClientHello. Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com>
2022-02-16xml: T3474: add smoketest to check xml component versions are maintainedJohn Estabrook
Add smoketest to catch updates to a component version in legacy curver_DATA that is not present in xml syntaxVersion.
2022-02-10smoketest: T3872: Fix token check for monitoring testViacheslav Hletenko
As INFLUX_TOKEN is present in override.conf.tmpl environment we expect variable "$INFLUX_TOKEN" in the telegraf template and config but not value of the token