vyos.vyos.git/tests/unit, branch 3.0.0

Change parameter 'disabled' to 'disable' in test_vyos_firewall_rules.py (#240)

2022-03-01T16:01:04+00:00

Change parameter 'disabled' to 'disable' in test_vyos_firewall_rules.py SUMMARY Fixes #239 ISSUE TYPE Bugfix Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: Nilashish Chakraborty Reviewed-by: Sagar Paul Reviewed-by: GomathiselviS Reviewed-by: Rohit Thakur Reviewed-by: None

firewall_rules: Fix incorrect behavior when IPv4 and IPv6 rule sets have the same name (#236)

2022-02-25T18:28:54+00:00

firewall_rules: Fix incorrect behavior when IPv4 and IPv6 rule sets have the same name SUMMARY VyOS supports IPv4 and IPv6 rule sets having the same name, but there are a couple places in the Ansible module that don't handle this situation. The fact gathering for ansible_network_resources.firewall_rules has been updated to look for name or ipv6-name instead of just . The vyos_firewall_rules module has been updated to take the afi into consideration when comparing the have and want states. V4-EGRESS and V6-EGRESS have been renamed to just EGRESS in the tests. The existing tests seem to be complete enough to test this same-name situation. (V4-INGRESS and V6-INGRESS were not renamed.) ISSUE TYPE Bugfix Pull Request COMPONENT NAME vyos_facts and vyos_firewall_rules ADDITIONAL INFORMATION An example of a configuration that was originally causing an issue: (Click to expand): name wan-lan { default-action drop rule 1 { action accept state { established enable related enable } } rule 2 { action drop log enable state { invalid enable } } } ipv6-name wan-lan { default-action drop rule 1 { action accept state { established enable related enable } } rule 2 { action drop log enable state { invalid enable } } rule 10 { action accept protocol icmpv6 } } With this configuration, ansible_network_resources.firewall_rules would show the icmpv6 rule under both ipv4 and ipv6: (Click to expand): [ { "afi": "ipv4", "rule_sets": [ { "default_action": "drop", "name": "wan-lan", "rules": [ { "action": "accept", "number": 1, "state": { "established": true, "related": true } }, { "action": "drop", "number": 2, "state": { "invalid": true } }, { "action": "accept", "number": 10, "protocol": "icmpv6" } ] }, ] }, { "afi": "ipv6", "rule_sets": [ { "default_action": "drop", "name": "wan-lan", "rules": [ { "action": "accept", "number": 1, "state": { "established": true, "related": true } }, { "action": "drop", "number": 2, "state": { "invalid": true } }, { "action": "accept", "number": 10, "protocol": "icmpv6" } ] }, ] } ] A similar issue would happen when using vyos_firewall_rules as well, where it would attempt to change rules for the wrong afi. Reviewed-by: GomathiselviS Reviewed-by: None

vyos_firewall_rules: Add support for log enable on individual rules (#238)

2022-02-22T21:30:07+00:00

vyos_firewall_rules: Add support for log enable on individual rules SUMMARY ISSUE TYPE Feature Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: Rohit Thakur Reviewed-by: None

Add Vyos hostname resource module (#237)

2022-02-17T15:10:20+00:00

Add Vyos hostname resource module SUMMARY ISSUE TYPE New Module Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: Nilashish Chakraborty Reviewed-by: None

Vyos snmp_server Resource Module (#227)

2022-02-01T00:41:29+00:00

Vyos snmp_server Resource Module SUMMARY Added vyos_snmp_server resource module ISSUE TYPE New Module Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: Nilashish Chakraborty Reviewed-by: Ashwini Mhatre Reviewed-by: None

Enable configuring ntp server pool in ntp_global (#225)

2022-01-19T23:19:45+00:00

Enable configuring ntp server pool in ntp_global Signed-off-by: GomathiselviS gomathiselvi@gmail.com SUMMARY Fixes #221 ISSUE TYPE Bugfix Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: Shawn Wilsher Reviewed-by: None

tests: remove unintended .swp file (#218)

2021-12-08T21:05:57+00:00

tests: remove unintended .swp file SUMMARY Depends-On: #220 .swp files are VI temporary files and it was likely not intended to be added to the repository. ISSUE TYPE Bugfix Pull Request COMPONENT NAME tests Reviewed-by: GomathiselviS Reviewed-by: None

Add vyos_ntp resource module (#175)

2021-10-02T17:28:30+00:00

Add vyos_ntp resource module SUMMARY Resource module vyos_ntp ISSUE TYPE New Module Pull Request COMPONENT NAME vyos_ntp ADDITIONAL INFORMATION Reviewed-by: GomathiselviS Reviewed-by: Nilashish Chakraborty Reviewed-by: None

Add support for IPv6 `address_group` and `network_group` (#202)

2021-09-20T23:25:49+00:00

Add support for IPv6 `address_group` and `network_group` SUMMARY This adds support for ipv6 in network and address groups by adding an afi parameter, but defaulting it to ipv4 for backwards compatibility. Fixes #137. ISSUE TYPE Feature Pull Request COMPONENT NAME vyos_firewall_global Reviewed-by: GomathiselviS Reviewed-by: Shawn Wilsher Reviewed-by: None

Fix `vyos.vyos.vyos_firewall_rules` `state: replaced` to match documentation (#203)

2021-09-20T23:25:42+00:00

Fix `vyos.vyos.vyos_firewall_rules` `state: replaced` to match documentation SUMMARY vyos.vyos.vyos_firewall_rules should only try to change listed firewall rules, as documented, when the state is set to replaced. As currently implemented (prior to this PR), it better matches what overridden is meant to do. Fixes #201 ISSUE TYPE Bugfix Pull Request COMPONENT NAME vyos.vyos.vyos_firewall_rules ADDITIONAL INFORMATION Cleanup and document existing code for clarity Add a failing idempotent test Add a failing change test Fix failing tests Add change fragment Reviewed-by: GomathiselviS Reviewed-by: Shawn Wilsher Reviewed-by: None