summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2020-10-04pppoe-server: T2829: shift config migrators by oneChristian Poessinger
As VyOS vrux (1.2.7) requires a mirgator (1-to-2) for the MPPE node change (T2829) we need to shift all other migrators in 1.3 by one. As migrators probe the existance of nodes no negative side-effects are expected.
2020-10-04pppoe-server: migrators: fix python styleChristian Poessinger
2020-10-04pppoe-server: T2829: fix broken migration script (exit called)Christian Poessinger
A test statement was still present in the production code introduced in commit efeac80f8 ("pppoe-server: T2829: migrate 'ppp-options mppe' to leafNode"). This has been fixed.
2020-10-04pppoe-server: T2953: rename CLI local-ip to gateway-addressChristian Poessinger
Required to get a common CLI for all services provided by Accel-PPP. Once the CLI for each service is consitent - Jinja2 templates can be reused together with get_config_dict().
2020-10-04sstp: T2953: migrate gateway-address, client-ip-settings to common levelChristian Poessinger
* move "network-settings gateway-address" to "gateway-address" * move "network-settings client-ip-settings" to "client-ip-pool"
2020-10-03sstp: T2953: migrate mtu to common levelChristian Poessinger
Preparation before using get_config_dict() and common Jinja2 templates.
2020-10-03vpn: sstp: T2008: set DA/CoA default port 1700Christian Poessinger
2020-10-03sstp: T2953: migrate name-server settions to common levelChristian Poessinger
In order to reuse as much as possible before migrationg to get_config_dict() and re-use Jinja2 snippets the name-server node must be moved one level up to 'set vpn sstp name-server'.
2020-10-03openvpn: T2957: fix path to openvpn status fileChristian Poessinger
2020-10-03openvpn: T2957: Marcus Hoff
Status file directory for show command was wrong, resulting in no output. Now points to '/var/run/openvpn/{}.status'
2020-10-03pppoe-server: T2936: three IPv6 name-servers are supportedChristian Poessinger
2020-10-03pppoe-server: T2936: move v4/v6 nameserver lists out of for loopChristian Poessinger
2020-10-03pppoe-server: T2956: make use of defaultValue list featureChristian Poessinger
2020-10-03accel-ppp: T2953: fix missing defaultValue on mppeChristian Poessinger
Commit ba050937 ("accel-ppp: T2953: drop redundant CLI definitions ") dropped the defaultValue of 'prefer' for MPPE making the smoketests fail. This has been corrected.
2020-10-02configd: T2952: synchronize received messages in case of client timeoutJohn Estabrook
2020-10-02configd: T2582: catch config initialization errorsJohn Estabrook
2020-10-02configd: T2582: remove unused variablesJohn Estabrook
2020-10-02sstp: T2953: migrate ppp-settings to ppp-options nodeChristian Poessinger
2020-10-01wireless: T2653: mangle RADIUS default valuesChristian Poessinger
With commit 38ae3032 ("pppoe-server: T2936: move to get_config_dict()") there are now RADIUS default values present in the XML definitions - those must be proberly mangled for the WiFi interface.
2020-10-01nat: T2948: fix validation of IP address rangeChristian Poessinger
2020-10-01macsec: T2023: use proper config path for source-interface on removalChristian Poessinger
The config path is altered in get_interface_dict() to the base of the interface in question, e.g. 'interfaces macsec macsec1' - this must be reflected when calling othe methods of Config().
2020-10-01pppoe-server: T2936: move to get_config_dict()Christian Poessinger
For easier configuration read in (CLI) validation and also template rendering it makes sense to drop the old, single implementation and move to the new, generic get_config_dict() approach. Recurring configuration parts like ip-pool, ipv6-pool and nameservers have also been split our into individual templates which will be included through Jinja2 - leading to a single-source of the template sections, too.
2020-09-30wireguard: T2939: bugfix when removing individual peersChristian Poessinger
When individual peers that have been removed got determined they have been added to the config dict as list instead of string - which broke the system plumbing commands as they can not handle a Python list.
2020-09-30macsec: T2023: only remove interface when it existsChristian Poessinger
If for whatever reason the macsec interface dropped out of the Kernel - only call .remove() when it still exists to avoid any exceptions at all.
2020-09-29vrrp: T2933: Add option virtual-address-excludedsever-sever
2020-09-28pppoe-server: T2919: Add possibility change Called-Station-Id formatDmitriyEshenko
2020-09-26Merge pull request #554 from sever-sever/T2918Christian Poessinger
accel-ppp: T2918: Add accounting interim jitter option
2020-09-26accel-ppp: T2918: Add accounting interim jitter optionsever-sever
2020-09-26macsec: vxlan: T2653: bugfix in verify() on lower interface MTU sizeChristian Poessinger
Introduced in commit 818a75c024e ("ifconfig: T2653: get_mtu() should return int() for easier comparison") where the variable used in the formatted string has not been adjusted.
2020-09-26login: migration: T2929: add missing if condition when probing for radius-serverChristian Poessinger
2020-09-26accel-ppp: T2917: Add Preallocate NAS-port-idsever-sever
2020-09-26ifconfig: mtu: T2928: remove bridge mtu check as our bridge interface has no mtuChristian Poessinger
2020-09-26ifconfig: mtu: disallow MTU < 1280 bytes when IPv6 is enabled on the interfaceChristian Poessinger
Using an MTU less then the required 1280 bytes (as per RFC) on an interface where IPv6 is not explicitly disabled by: - set interfaces ethernet eth1 ipv6 address no-default-link-local - not having any other IPv6 address configured Will now trigger a commit error via verify() instead of raising FileNotFoundError!
2020-09-25T2926: Missing importkroy
2020-09-25ethernet: T2912: verify() that hardware supports specified MTU valueChristian Poessinger
Check the hardware if MTU value is supported at all.
2020-09-25ifconfig: T2653: get_mtu() should return int() for easier comparisonChristian Poessinger
2020-09-25syslog: T2899: shift system migration files +1 to allow for cruxJohn Estabrook
2020-09-25syslog: T1845: fix indentation levelJohn Estabrook
2020-09-25dns: forwarding: T2921: migrate to get_config_dict()Christian Poessinger
2020-09-24wireless: T2241: add "wds" CLI optionChristian Poessinger
2020-09-24dns: forwarding: T2921: template cleanupChristian Poessinger
2020-09-22openvpn: T2907: add 'none' encryption option to not encrypt any dataMarcus Hoff
2020-09-22ifconfig: T2653: bond: bridge: ensure member interface is not a source-interfaceChristian Poessinger
As we already check that a bond/bridge member interface is not a member of any other bridge or bond, the check must be extended. We also need to ensure that the bond member interface is not used as a source-interface to pppoe, macsec, tunnel, pseudo-ethernet, vxlan interfaces.
2020-09-22ifconfig: T2653: move is_member() from vyos.vylidate to vyos.configdictChristian Poessinger
2020-09-21macsec: T2788: source-interface must not be member of a bridgeChristian Poessinger
Add verify() step to ensure the macsec source-interface is not already part of a bridge interface. This should probably also be checked for bond interfaces.
2020-09-20macsec: T2023: add missing mtu CLI optionChristian Poessinger
Base MTU for MACsec is 1468 bytes (encryption headers), but we leave room for 802.1ad and 802.1q VLAN tags, thus the limit is lowered to 1460 bytes to not make the user juggle with the MTU bytes if he enables VLAN support later on, which is yet to come.
2020-09-20ifconfig: T2653: remove duplicates of get_config()Christian Poessinger
A lot of derived classes from Interface implemented their own get_config() method which more or less was the same everywhere. We also hat different qualifiers like @staticmethod or @classmethod. This is now changed to only have the @classmethod in Interface base class which will return the necessary dictionary keys for the required interfaces. This change is a mid reduction in lines of code which is always a very nice thing!
2020-09-20wwan: ifconfig: T2905: sync CLI nodes in dialup interfacesChristian Poessinger
Both PPPoE and WWAN interfaces are dialer interfaces handled by ppp, but use different CLI nodes for the same functionality. PPPoE has "connect-on-demand" to initiate an "on-demand" dialing and WWAN uses "ondemand" for this purpose. Rename WWAN "ondemand" node to "connect-on-demand".
2020-09-20vif-s: ifconfig: T2903: use explicit VLAN protocol over raw numbersChristian Poessinger
In the past we had to provide the ethertype value used for the VLAN protocol (0x88A8 -> 802.1ad or 0x8100 -> 802.1q). This should be changed to a more user friendly CLI node (protocol over ethertype) and 802.1ad over it's raw value 0x88A8. There is no need in presenting RAW information from the ethernet header to the user. Also iproute2 calls it protocol which makes way more sense over the "raw" value.
2020-09-19dns: forwarding: T2900: restore proper Config() level in verify()Christian Poessinger
Despite the fact that running verify on Config() is "bad" and "not as intended" the level of the configuration must match the keys that are checked by exits(). Re-set proper Config() level before querying the system nodes.