| Age | Commit message (Collapse) | Author |
|---|
|
|
|
* T7083 p2p removed
|
|
* T7008: update to fix interface tests
* T7006: fix: tests for interfaces
* T7006: further work on interfaces
* test: attempt to fix codecov on branch
* test: unwind cli_config loops for 1.4
* fix: vif handling in replace,override,delete
* fix: vif handling and docs
|
|
* T6817 updates
* updates / additions to unit tests and code for fw_rules (t6817)
* code and use cases for override fw_rules
* ovr idem unit test for fw rules v14 in WIP
* Fixed replace add_rule func to remove unmatching confug - t6825
* first cut of unit tests for t6825 and t6817 - dfaft
* Fixed replaced unit tests and code for inbound/outbound interface attributes
* use network_cli's remove_empties
* fixed disabled=True and a few unit tests in v1.3
* add_log func for firewall_rules updated
* firewall_rules log attribute processing for v1.4 and idemp
* + In overriden :
- Added func to compare r_sets
- Added code to isolate r_set changes to only targeted
- Fixed parsers for packet_length_exclude
- started to troubleshoot filter processing
* completed fixes and unit tests for firewall_rules as in T6817 and T6825
* T7004 integration tests init fix
* 'state' attrib processing fix
* deleted and merged integration tests fixed for 1.3- and 1.4+
* fixed deleted, parsed, replaced integration tests for 1.3- and 1.4+
* fixed _remove_config, merged integration tests
* added comments to unit tests
* more v1.3- unit tests moved to 1.4+ unit test suite
* 1.3/1.4 unit test suite synced
* overridden integration test fixed
* fixed replaced idempotency
* moved data to vars (integration tests)
* updated parsed (integration tests)
* D.R.Y. for integration tests for firewall_rules plugin
* vanilla data set for integration tests to support 1.5
|
|
* T68987: update for 1.4+
* chore: remove redundant vars
* tests: fix vyos_facts integration tests
* tests: fix integration tests for vyos_config
* fix: restore documentation samples
* chore: update readme
|
|
* T6988: fix: remove role/level, fix tests
* feature: add support for SSH keys
* tests: add integration tests for public_keys
* feat: add encrypted password support
* tests: add unit for encrypted
* tests: fix wrapping in YAML
* tests: fix smoke tests
|
|
* fix: get SNMP integration tests running
* fix: remove no_log from docs because it fails sanity
* tests: fix unit tests and no_log args
* tests: fix error in hostname integration test
|
|
* VyOS v1.4 support for BGP (T6892)
* WIP: chnages to scanners and facts for BGP on v1.4
* scanners and facts modification to support as_numberless commands
* remove optional regex groups
* VyOS v1.4 BGP system-as functionality
* bgp_af linter
* bgp_global mods and testing
* bgp_global v.1.4 support
* linter fixes
* bgp_global and bgp_af fixed 1.3 test cases
* unit tests for bgp modules for both versions
* obsolete stranzas removed from bgp_global for both versions
* some typos removed
* bgp_global rst updates
* t6829 related draft changes
* Draft changes to unit tests fot original set and t6888 updates
* changelog
* D.R.Y for bgp_global and testmodule names
* linter fixes
* fixtures for bgp_af options testts
* stranzas options processing
* T6888 bgp option test func and cases
* clean-up draft code and update to rm_templates
* v14 system-as change supported in conf and tests
* T6822 BGP global passive bugfix
* clean-up
* T6829: update integration tests
* T6829: fix integration tests for global
* T6829: fix integration tests for bgp_global
* T6829: fix for 1.4 AF integration tests
* T6829: fix unit tests after removing obsolete items
* T6829: fix sanity test failures
* T6829: fix documentation
* Lint and comments are addressed
* rtt.yaml and fix to integration tests
* updated fragments for bgp_global
* lint fixes
---------
Co-authored-by: Gaige B. Paulsen <gaige@cluetrust.com>
|
|
* tests: ntp: parsed
* tests: ntp tests working with 1.3
* T6894 : test: update 1.4 tests for compatibility
* fix: path replacement, docs, unit tests for 1.3-1.5
* T6894: fix: 1.4+ requires valid hostnames
* fix: update tests to handle deletion
* T6894: separate changelog
* fix: final test fixes
|
|
chore: update firewall_rules from module
fix: update firewall_global from resource model
chore: update to sync with resource module
chore: update README
fix: comment and formatting
fix: formatting issues
fix: missing imports
fix: import and metadata violations
fix: interface fixes
fix: move the arg spec comment
fix: update interface docs
fix: remove comments for non-RM versions
* T6910: fix documentation and argspecs
* T6910: docs: update per review
* T6910: docs: fix missing pipe
|
|
* VyOS v1.4+ chronyd conf support
* template typo fix
* Making replace tool more robust by distinctive placeholder
* allow-clients workaround
* test for ntp_global and v1.4
* sanity and change log
* sanity fix
* updates to tests (dynamic >.pool) and docs
* doc update 'system' > 'service'
|
|
* - Add feature for bonding interface in the firewall_interfaces
- Add feature for vlan interface in the firewall_interfaces
* fix a bug when invoking replaced in the module firewall_rules.
* - Add feature for bonding interface in the firewall_interfaces
- Add feature for vlan interface in the firewall_interfaces
* test: add tests
* fix: support for interface types
* docs: fixed for 1.4 deprecation
---------
Co-authored-by: Maxime.L <maxime@nfrance.com>
Co-authored-by: Gaige B. Paulsen <gaige@cluetrust.com>
Co-authored-by: Gaige B Paulsen <gaige@cluetrust.net>
|
|
* T6882: fix: firewall global-options
Updated a couple of RST files due to pre-commit
* T6882: chore: update changelog
* T6882: chore: update changelog
* T6882: test: update tests to cover change
|
|
* Fix change detection for recent Vyos versions
* Fix PEP8 styling
* Add changelogs fragment
|
|
* omnibus update for 1.3-1.4 (with some support for 1.5)
(see contents in release fragments)
---------
Co-authored-by: Om Nom <omnom62@outlook.com>
|
|
* Remove deprecation notice for vyos.vyos
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
* Add changelog
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
* fix review comments
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
* chore: auto fixes from pre-commit.com hooks
---------
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
|
* Add deprecation notice in README
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
* Remove tox.ini
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
---------
Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
|
* Update l3_interfaces.py
Fix for issue:
https://github.com/ansible-collections/vyos.vyos/issues/295
* Added Changelog Fragment
* Add support for Tunnel, Bridge and Dummy
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
---------
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Kate Case <kcase@redhat.com>
|
|
* Update l3_interfaces.py
Fix for issue:
https://github.com/ansible-collections/vyos.vyos/issues/295
---------
Co-authored-by: Kate Case <this.is@katherineca.se>
|
|
|
|
* BGP Password fix
Updated command to use neighbor.password rather than neighbor.address
* Added changelog fragment
|
|
* vyos docs interfaces
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
---------
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Kate Case <this.is@katherineca.se>
|
|
* [pre-commit.ci] pre-commit autoupdate
updates:
- [github.com/psf/black: 22.12.0 → 23.1.0](https://github.com/psf/black/compare/22.12.0...23.1.0)
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
---------
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
|
* [command] run at least once when retries is 0
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
---------
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
|
* Add prettier and isort to pre-commit.
* Bump line-length to 100
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
|
* Redirect ResourceModule to new location
* Add changelog
* Move NetworkTemplate too
|
|
* Remove deprecated modules and provider
* Remove tests for removed modules
* Remove references to vyos_argument_spec
|
|
* support 1.3 version output
Co-authored-by: Kate Case <this.is@katherineca.se>
|
|
* Use FQCN for modules in documentation
Co-authored-by: Baptiste Mille-Mathias <baptiste.millemathias@gmail.com>
|
|
Add support for icmpv6 type-name in firewall_rules
Signed-off-by: GomathiselviS gomathiselvi@gmail.com
SUMMARY
Fixes #257
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Sagar Paul <sagpaul@redhat.com>
|
|
updated references of base plugins to netcommon
SUMMARY
Minimum required ansible.netcommon version is 2.5.1
Updated base plugin references to ansible.netcommon
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Nathaniel Case <this.is@nathanielca.se>
|
|
Remove warning for default value of gather_subset from vyos_facts
Signed-off-by: GomathiselviS gomathiselvi@gmail.com
SUMMARY
The warning is no more needed because the default value has been changed by #252
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Nilashish Chakraborty <nilashishchakraborty8@gmail.com>
|
|
vyos_facts: change default subset to min
Signed-off-by: GomathiselviS gomathiselvi@gmail.com
SUMMARY
Fixes #231
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Nathaniel Case <this.is@nathanielca.se>
|
|
Create symmlinks for redirection of vyos modules
Signed-off-by: GomathiselviS gomathiselvi@gmail.com
SUMMARY
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Sagar Paul <sagpaul@redhat.com>
Reviewed-by: None <None>
|
|
Change preconfig hostname in integration test
SUMMARY
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: None <None>
|
|
Change parameter 'disabled' to 'disable' in test_vyos_firewall_rules.py
SUMMARY
Fixes #239
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Nilashish Chakraborty <nilashishchakraborty8@gmail.com>
Reviewed-by: Sagar Paul <sagpaul@redhat.com>
Reviewed-by: GomathiselviS <None>
Reviewed-by: Rohit Thakur <rohitthakur2590@outlook.com>
Reviewed-by: None <None>
|
|
same name (#236)
firewall_rules: Fix incorrect behavior when IPv4 and IPv6 rule sets have the same name
SUMMARY
VyOS supports IPv4 and IPv6 rule sets having the same name, but there are a couple places in the Ansible module that don't handle this situation.
The fact gathering for ansible_network_resources.firewall_rules has been updated to look for name <name> or ipv6-name <name> instead of just <name>.
The vyos_firewall_rules module has been updated to take the afi into consideration when comparing the have and want states.
V4-EGRESS and V6-EGRESS have been renamed to just EGRESS in the tests. The existing tests seem to be complete enough to test this same-name situation. (V4-INGRESS and V6-INGRESS were not renamed.)
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
vyos_facts and vyos_firewall_rules
ADDITIONAL INFORMATION
An example of a configuration that was originally causing an issue:
(Click to expand):
name wan-lan {
default-action drop
rule 1 {
action accept
state {
established enable
related enable
}
}
rule 2 {
action drop
log enable
state {
invalid enable
}
}
}
ipv6-name wan-lan {
default-action drop
rule 1 {
action accept
state {
established enable
related enable
}
}
rule 2 {
action drop
log enable
state {
invalid enable
}
}
rule 10 {
action accept
protocol icmpv6
}
}
With this configuration, ansible_network_resources.firewall_rules would show the icmpv6 rule under both ipv4 and ipv6:
(Click to expand):
[
{
"afi": "ipv4",
"rule_sets": [
{
"default_action": "drop",
"name": "wan-lan",
"rules": [
{
"action": "accept",
"number": 1,
"state": {
"established": true,
"related": true
}
},
{
"action": "drop",
"number": 2,
"state": {
"invalid": true
}
},
{
"action": "accept",
"number": 10,
"protocol": "icmpv6"
}
]
},
]
},
{
"afi": "ipv6",
"rule_sets": [
{
"default_action": "drop",
"name": "wan-lan",
"rules": [
{
"action": "accept",
"number": 1,
"state": {
"established": true,
"related": true
}
},
{
"action": "drop",
"number": 2,
"state": {
"invalid": true
}
},
{
"action": "accept",
"number": 10,
"protocol": "icmpv6"
}
]
},
]
}
]
A similar issue would happen when using vyos_firewall_rules as well, where it would attempt to change rules for the wrong afi.
Reviewed-by: GomathiselviS <None>
Reviewed-by: None <None>
|
|
vyos_firewall_rules: Add support for log enable on individual rules
SUMMARY
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Rohit Thakur <rohitthakur2590@outlook.com>
Reviewed-by: None <None>
|
|
Add Vyos hostname resource module
SUMMARY
ISSUE TYPE
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Nilashish Chakraborty <nilashishchakraborty8@gmail.com>
Reviewed-by: None <None>
|
|
Vyos snmp_server Resource Module
SUMMARY
Added vyos_snmp_server resource module
ISSUE TYPE
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Nilashish Chakraborty <nilashishchakraborty8@gmail.com>
Reviewed-by: Ashwini Mhatre <mashu97@gmail.com>
Reviewed-by: None <None>
|
|
Enable configuring ntp server pool in ntp_global
Signed-off-by: GomathiselviS gomathiselvi@gmail.com
SUMMARY
Fixes #221
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Shawn Wilsher <None>
Reviewed-by: None <None>
|
|
Add libssh dependency for vyos collection
Signed-off-by: GomathiselviS gomathiselvi@gmail.com
SUMMARY
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Rohit Thakur <rohitthakur2590@outlook.com>
Reviewed-by: None <None>
|
|
Add vyos_ntp resource module
SUMMARY
Resource module vyos_ntp
ISSUE TYPE
New Module Pull Request
COMPONENT NAME
vyos_ntp
ADDITIONAL INFORMATION
Reviewed-by: GomathiselviS <None>
Reviewed-by: Nilashish Chakraborty <nilashishchakraborty8@gmail.com>
Reviewed-by: None <None>
|
|
Add support for IPv6 `address_group` and `network_group`
SUMMARY
This adds support for ipv6 in network and address groups by adding an afi parameter, but defaulting it to ipv4 for backwards compatibility.
Fixes #137.
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
vyos_firewall_global
Reviewed-by: GomathiselviS <None>
Reviewed-by: Shawn Wilsher <None>
Reviewed-by: None <None>
|
|
(#203)
Fix `vyos.vyos.vyos_firewall_rules` `state: replaced` to match documentation
SUMMARY
vyos.vyos.vyos_firewall_rules should only try to change listed firewall rules, as documented, when the state is set to replaced. As currently implemented (prior to this PR), it better matches what overridden is meant to do.
Fixes #201
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
vyos.vyos.vyos_firewall_rules
ADDITIONAL INFORMATION
Cleanup and document existing code for clarity
Add a failing idempotent test
Add a failing change test
Fix failing tests
Add change fragment
Reviewed-by: GomathiselviS <None>
Reviewed-by: Shawn Wilsher <None>
Reviewed-by: None <None>
|
|
IPV6 ICMP type name in vyos.vyos.vyos_firewall_rules is not idempotent
SUMMARY
fix issue: #170
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: GomathiselviS <None>
Reviewed-by: None <None>
|
|
Fix pylint sanity issues
Signed-off-by: GomathiselviS gomathiselvi@gmail.com
SUMMARY
ISSUE TYPE
Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Nilashish Chakraborty <nilashishchakraborty8@gmail.com>
Reviewed-by: None <None>
|
|
Docs fixed - wrong platform mentioned
SUMMARY
updated docs corrected wrong platform mentioned
ISSUE TYPE
Docs Pull Request
COMPONENT NAME
bgp_address_family
ospf_interfaces
ADDITIONAL INFORMATION
Reviewed-by: GomathiselviS <None>
Reviewed-by: None <None>
|
|
vyos logging_global resource module
SUMMARY
Logging resource module vyos_logging_global
ISSUE TYPE
New Module Pull Request
COMPONENT NAME
vyos_logging_global
Reviewed-by: Nilashish Chakraborty <nilashishchakraborty8@gmail.com>
|
|
fix issue in route-maps facts code when route-maps facts are empty.
SUMMARY
fixes: #181
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
ADDITIONAL INFORMATION
Reviewed-by: Rohit Thakur <rohitthakur2590@outlook.com>
|
