summaryrefslogtreecommitdiff
path: root/src/conf_mode/flow_accounting_conf.py
AgeCommit message (Collapse)Author
2023-01-14systemd: T2185: always place generated override files in /runChristian Breunig
This prevents any stale override files when the system is beeing rebooted, but the actual configuration was not saved. /run is a tmpfs and thus always fresh after boot.
2022-07-26T4571: add sflow vrf to sflow agent address IP validationDavid
2022-05-21flow-accounting: T4099: "source-address" must exist locallyChristian Poessinger
2022-05-21flow-accounting: T4437: also install rule to IPv6 VYOS_CT_PREROUTING_HOOKChristian Poessinger
2022-05-01flow-accounting: T4353: fix Jinja2 linting errorsChristian Poessinger
2022-03-01flow-accounting: T4277: support sending flow-data via VRF interfaceChristian Poessinger
It should be possible to send the gathered data via a VRF bound interface to the collector. This is somehow related to T3981 but it's the opposite side of the netflow process. set system flow-accounting vrf <name>
2021-12-31Merge branch 'firewall' of https://github.com/sarthurdev/vyos-1x into currentChristian Poessinger
* 'firewall' of https://github.com/sarthurdev/vyos-1x: zone_policy: T3873: Implement intra-zone-filtering policy: T2199: Migrate policy route op-mode to XML/Python policy: T2199: Migrate policy route to XML/Python zone-policy: T2199: Migrate zone-policy op-mode to XML/Python zone-policy: T2199: Migrate zone-policy to XML/Python firewall: T2199: Migrate firewall op-mode to XML/Python firewall: T2199: Migrate firewall to XML/Python
2021-12-26flow-accounting: T4097: move configuration file to /runChristian Poessinger
2021-12-26flow-accounting: T4097: bugfix removing service from CLIChristian Poessinger
2021-12-25flow-accounting: T4106: support specification of capture packet lengthChristian Poessinger
2021-12-25flow-accounting: T4105: drop "sflow agent-address auto"Christian Poessinger
The implementation of the "auto" option to specify the sflow/netflow agent-address is very error prone. The current implementation will determine the IP address used for the "auto" value as follow: Get BGP router-id 1) If not found use OSPF router-id 2) If not found use OSPFv3 router-id 3) If not found use "the first IP address found on the system Well, what is the "first IP address found"? Also this changes if DHCP is in use. Also another disadvantage is when the BGP/OSPF/OSPFv3 router-id is changed, the agent-address is not updated upon the next reboot of the system. This task is about removing the "auto" keyword from the CLI at all and make it either entirely configurable by the user and hardcode the value in CLI, or not use this at all. If "auto" is specified we will query the system in the above order and set the proper router-id in the CLI. If none can be found the CLI node is removed.
2021-12-25flow-accounting: T4099: rename "netflow source-ip" to source-addressChristian Poessinger
sFlow uses the source-address CLI node and netflow uses source-ip this is just confusing and should be synced to the common source-address CLI node.
2021-12-25flow-accounting: T4097: move to get_config_dict()Christian Poessinger
2021-12-06firewall: T2199: Migrate firewall to XML/Pythonsarthurdev
2021-12-06sflow: T4046: Add source-address for sflowViacheslav
2021-10-31netflow: T3953: use warning if "netflow source-ip" does not exist instead of ↵Christian Poessinger
error
2021-06-04flow-accounting: T3132: fix egress iptables chainJan-Philipp Benecke
(cherry picked from commit 95cc2e4b4c11414cc71749af12abb575e96e5bd4)
2020-12-17flow-accounting: T3132: enable egress traffic accountingJan-Philipp Benecke
2020-07-04cleanup: no need to call sudo for configuration mode scriptsChristian Poessinger
2020-05-29airbag: T2088: explicit enabling of the featureThomas Mangin
airbag must now be explicitly installed. the patch also allow to fully disables the installation of the logging code at setup (and not just installing and doing nothing)
2020-05-13flow-accounting: T2456: Replace old functionDmitriyEshenko
2020-04-17flow-accounting: T2275: fix NameError: name 'stdout' is not definedChristian Poessinger
2020-04-17flow-accounting: T2275: import render template from correct libraryChristian Poessinger
2020-04-13flow-accounting: T2185: explicitly specify systemd serviceChristian Poessinger
2020-04-12template: T2230: use render to generate templatesThomas Mangin
convert all call to jinja to use template.render
2020-04-11Merge pull request #329 from thomas-mangin/T2226Christian Poessinger
util: T2226: improvement and fixes
2020-04-11ifconfig: T2223: rename Section.listing to interfacesThomas Mangin
update all code using the API. Interface.interfaces() could be used but the code was change to use Section.interfaces() which make more sense when reading it.
2020-04-11util: T2226: do not use universal_newlinesThomas Mangin
2020-04-06util: T2226: rewrite flow accounting to use cmdThomas Mangin
The failure are now reported slightly differently using the cmd "raising" feature which will allow down the line to intercept the issue and present them better to the user
2020-04-05flow-accounting: T2230: move inlined templates to dedicated filesChristian Poessinger
2020-03-24ifconfig: T2057: remove need for interface-types.jsonThomas Mangin
2019-12-24flow-accounting: T1890: Fixed bugs in flow-accountingzsdc
* fixed improper `process.returncode` invokes * added check for if an in-memory table is active before using IMT for flows show * replaced `--nflog-range` to `--nflog-size` in iptables rules, as `--nflog-range` had never works. **WARNING: this change break compatibility with Debian 8!**
2019-12-19flow-accounting: T1890: fixed scripts permissionszsdc
2019-12-18flow-accounting: T1890: flow-accounting rewritten with Python and XMLzsdc
This patch keep compatibility with old configuration and software, but now it is much easier to add a lot of other useful things Completely replaces vyatta-netflow package (except some outdated and not available via CLI parts)