summaryrefslogtreecommitdiff
path: root/smoketest
AgeCommit message (Collapse)Author
2024-09-21T6630: ntp: move interface timestamping configuration under ptp nodeChristian Breunig
2024-09-21T6630: ntp: rename ptp-transport to ptp and use defaultValue for portChristian Breunig
2024-09-21T6630: ntp: add chrony "ntp over ptp" transportLucas Christian
2024-09-21T6630: ntp: add hardware timestamp offloadLucas Christian
2024-09-21T6630: ntp: add "interleave" optionLucas Christian
2024-09-15bond: T6709: add EAPoL supportChristian Breunig
2024-09-14ethernet: T6709: move EAPoL support to common frameworkChristian Breunig
Instead of having EAPoL (Extensible Authentication Protocol over Local Area Network) support only available for ethernet interfaces, move this to common ground at vyos.ifconfig.interface making it available for all sorts of interfaces by simply including the XML portion #include <include/interface/eapol.xml.i>
2024-09-12Merge pull request #4021 from natali-rs1985/T6652-currentDaniil Baturin
openfabric: T6652: Add support for OpenFabric protocol
2024-09-12Merge pull request #4041 from natali-rs1985/T6685-currentDaniil Baturin
pppoe-server: T6685: Add options to accept any and blank service names
2024-09-12pppoe-server: T6685: Possibility of any services name or blank in pppoeNataliia Solomko
2024-09-12Merge pull request #4032 from dvlogic/Allow_Container_DNS_DisableChristian Breunig
T6701: Added ability to disable the container DNS plugin
2024-09-11T6294: Service dns forwarding add the ability to configure ZonetoCachekhramshinr
2024-09-11Merge pull request #4023 from nvollmar/T6679Christian Breunig
T6679: add group option for nat66
2024-09-11Merge pull request #4028 from alainlamar/T6693Christian Breunig
T6693: wireless: Enable WiFi-6 (802.11ax) for 2.4GHz AccessPoints
2024-09-11container: T6701: add support to disable container network DNS supportDave Vogel
Add ability to set the container network with a disable-dns setting to disable the DNS plugin that is on be default. set container network <network> no-name-server
2024-09-10T6698: firewall: add matcher for vlan type. (#4027)Nicolás Fort
2024-09-07T6693: wireless: Enable WiFi-6 (802.11ax) for 2.4GHz AccessPointsAlain Lamar
2024-09-06container: T6702: re-add missing UNIX API socketChristian Breunig
During podman upgrade and a build from the original source the UNIX socket definition for systemd got lost in translation. This commit re-adds the UNIX socket which is started on boot to interact with Podman. Example: curl --unix-socket /run/podman/podman.sock -H 'content-type: application/json' \ -sf http://localhost/containers/json
2024-09-04openfabric: T6652: Add support for OpenFabric protocolNataliia Solomko
OpenFabric is a routing protocol providing link-state routing with efficient flooding for topologies like spine-leaf networks. FRR implements OpenFabric in a daemon called fabricd
2024-09-02T6679: add destination groupsNicolas Vollmar
2024-09-02Merge pull request #4018 from nicolas-fort/T6647Daniil Baturin
T6647: firewall. Introduce patch for accepting invalid ARP and DHCP
2024-09-01smoketest: T6681: radvd: verify new "no-send-interval" CLI optionChristian Breunig
2024-08-28T6647: firewall. Introduce patch for accepting ARP and DHCP replies on ↵Nicolas Fort
stateful bridge firewall. This patch is needed because ARP and DHCP are marked as invalid connections. Also, add ehternet-type matcher in bridge firewall.
2024-08-25T6671: add smoketest for dependency deferred to priorityJohn Estabrook
2024-08-21T6672: Fix system option ssh-client source-interfaceViacheslav Hletenko
Fix for system option ssh-client source-interface For the `verify_source_interface` the key `ifname` if required
2024-08-20Merge pull request #3975 from lucasec/t6183Christian Breunig
T6183: interfaces openvpn: suppport specifying IP protocol version
2024-08-16Merge pull request #3987 from natali-rs1985/T6649-currentDaniil Baturin
ipoe_server: T6649: Accel-ppp separate vlan-mon from listen interfaces
2024-08-15T6649: Accel-ppp separate vlan-mon from listen interfacesNataliia Solomko
2024-08-15Merge pull request #3982 from nicolas-fort/T6636Christian Breunig
T6636: firewall: fix firewall template in order print logs for default-action
2024-08-14T6636: firewall: fix firewall template in order to write logs for ↵Nicolas Fort
default-action in order to match same structure as in rules. This way op-mode command for showing firewall log prints logs for default-actions too
2024-08-14T6646: conntrack: in ignore rules, if protocols=all, do not append it to the ↵Nicolas Fort
rule
2024-08-13T6183: interfaces openvpn: suppport specifying IP protocol versionLucas Christian
2024-08-09T6643: firewall: fix ip address range parsing on firewall rules.Nicolas Fort
2024-08-06smoketest: T6614: add op-mode test for Kernel version (#3946)Christian Breunig
2024-08-05sysctl: T3204: restore sysctl setttings overwritten by tunedChristian Breunig
2024-08-05smoketest: T6555: openvpn: NameError: name 'elf' is not definedChristian Breunig
2024-08-05smoketest: T6555: openvpn: SyntaxError: '(' was never closedChristian Breunig
2024-08-05Merge branch 'current' into feature/T4694/gre-match-fieldsChristian Breunig
2024-08-05Merge pull request #3920 from fett0/T6555Christian Breunig
OPENVPN: T6555: add server-bridge options in mode server
2024-08-04firewall: T4694: Adding GRE flags & fields matches to firewall rulesAndrew Topp
* Only matching flags and fields used by modern RFC2890 "extended GRE" - this is backwards-compatible, but does not match all possible flags. * There are no nftables helpers for the GRE key field, which is critical to match individual tunnel sessions (more detail in the forum post) * nft expression syntax is not flexible enough for multiple field matches in a single rule and the key offset changes depending on flags. * Thus, clumsy compromise in requiring an explicit match on the "checksum" flag if a key is present, so we know where key will be. In most cases, nobody uses the checksum, but assuming it to be off or automatically adding a "not checksum" match unless told otherwise would be confusing * The automatic "flags key" check when specifying a key doesn't have similar validation, I added it first and it makes sense. I would still like to find a workaround to the "checksum" offset problem. * If we could add 2 rules from 1 config definition, we could match both cases with appropriate offsets, but this would break existing FW generation logic, logging, etc. * Added a "test_gre_match" smoketest
2024-08-04Merge pull request #3901 from nicolas-fort/T4072-extend-bridge-fwallChristian Breunig
T4072: firewall extend bridge firewall
2024-08-02T6619: Remove the remaining uses of per-protocol FRR configs (#3916)Roman Khramshin
2024-08-02OPENVPN: T6555: fix name to bridgefett0
2024-08-02T4072: change same helpers in xml definitions; add notrack action for ↵Nicolas Fort
prerouting chain; re introduce <set vrf> in policy; change global options for passing traffic to IPvX firewall; update smoketest
2024-08-01T4072: firewall: extend firewall bridge smoketestNicolas Fort
2024-08-01Merge pull request #3221 from lucasec/t5873Christian Breunig
T5873: ipsec remote access VPN: support VTI interfaces.
2024-07-31OPENVPN: T6555: add server-bridge options in mode serverfett0
2024-07-30Merge pull request #3883 from c-po/vrf-conntrackChristian Breunig
vrf: T6603: conntrack ct_iface_map must only contain one entry for iifname/oifname
2024-07-30pbr: T6430: Allow forwarding into VRFs by name as well as route table IDsAndrew Topp
* PBR can only target table IDs up to 200 and the previous PR to extend the range was rejected * PBR with this PR can now also target VRFs directly by name, working around targeting problems for VRF table IDs outside the overlapping 100-200 range * Validation ensures rules can't target both a table ID and a VRF name (internally they are handled the same) * Added a simple accessor (get_vrf_table_id) for runtime mapping a VRF name to table ID, based on vyos.ifconfig.interface._set_vrf_ct_zone(). It does not replace that usage, as it deliberately does not handle non-VRF interface lookups (would fail with a KeyError). * Added route table ID lookup dict, global route table and VRF table defs to vyos.defaults. Table ID references have been updated in code touched by this PR. * Added a simple smoketest to validate 'set vrf' usage in PBR rules
2024-07-29Merge pull request #3804 from HollyGurza/T6362Daniil Baturin
T6362: Create conntrack logger daemon
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-05 10:26:52 +0000