]>
git.ipfire.org Git - people/ms/network.git/log
Michael Tremer [Sat, 22 Sep 2018 11:55:10 +0000 (12:55 +0100)]
colors: Remove extra space character in BLOCKING msg
This message was not properly aligned
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 21:58:01 +0000 (22:58 +0100)]
Move creating port configurations into network-hotplug-rename
This script is now actually creating a new configuration while
it is holding the lock.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 21:47:17 +0000 (22:47 +0100)]
Refactor network-hotplug-rename
This is now using a new locking mechanism that is working
faster and more reliable then looping for forever.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 15:00:24 +0000 (17:00 +0200)]
port: ethernet: Correctly create new configurations
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 14:31:12 +0000 (16:31 +0200)]
ports: Fix saving HOOK name
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 14:27:58 +0000 (16:27 +0200)]
Refactor hotplug script
This script is doing the same as before, but has been refactored
to be cleaner and faster.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 13:44:44 +0000 (15:44 +0200)]
hotplug: Continue running through script for ipsec devices
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 13:43:46 +0000 (15:43 +0200)]
zones: Drop unused commands
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 13:19:58 +0000 (15:19 +0200)]
Extend "network status"
This now takes ports, devices and PHYs and prints the appropriate
status.
This is very handy and just a shortcut.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 13:06:53 +0000 (15:06 +0200)]
Speed up device_list() by removing the alphabetical sort
We are now returning all devices, then all PHYs, then all
serial devices.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 13:05:21 +0000 (15:05 +0200)]
Fix generating device_list()
It was returning values like bonding_masters which are not
an actual device.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 13:00:44 +0000 (15:00 +0200)]
Validate input for --offloading flag and throw an error when empty
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 12:58:39 +0000 (14:58 +0200)]
ports: ethernet+bonding: Allow to disable all offloading
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 12:50:12 +0000 (14:50 +0200)]
Move offloading code into an own file
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 12:22:39 +0000 (14:22 +0200)]
Add support for hardware offloading
Hardware offloading will now be enabled on physical
and bonding devices automatically.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 11:35:30 +0000 (13:35 +0200)]
Move DEFAULT_MTU to constants
This is where it belongs
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Sep 2018 11:33:33 +0000 (13:33 +0200)]
ipsec: Rewrite adding routes script
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 12:51:36 +0000 (14:51 +0200)]
constants: Remove unused BATMAN variable
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 23:18:45 +0000 (00:18 +0100)]
port: ethernet: Use combined setting for advertised link speeds
This patch removes the speed and duplex settings and replaces them
with a configuration option that allows to change advertised link
speeds to a certain speed.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 22:26:45 +0000 (23:26 +0100)]
port: ethernet: Allow setting duplex mode
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 22:19:02 +0000 (23:19 +0100)]
port: ethernet: Allow setting link speed
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 22:18:04 +0000 (23:18 +0100)]
port: ethernet: Bring back accidentially dropped hook_create function
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 22:05:00 +0000 (23:05 +0100)]
port: ethernet: Return OK only to rename ports
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 22:04:44 +0000 (23:04 +0100)]
port: ethernet: Use default hook_new() function
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 22:04:21 +0000 (23:04 +0100)]
header-port: Start with empty set of settings
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 22:01:42 +0000 (23:01 +0100)]
port: ethernet: Allow setting the MTU
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 21:42:54 +0000 (22:42 +0100)]
Restart ports after edit to apply settings
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 21:35:58 +0000 (22:35 +0100)]
header-port: Print errors if config could not be read/written
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 21:33:07 +0000 (22:33 +0100)]
ports: ethernet: Allow changing MAC address
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Sep 2018 21:16:00 +0000 (22:16 +0100)]
Add support for LEDs
This patch configures LEDs on some Wireless PHYs to flash
on activity. This makes debugging easier.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 16:45:32 +0000 (17:45 +0100)]
hostapd: Add support for 802.11ac
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 15:01:34 +0000 (16:01 +0100)]
hostapd: Always enable 802.11d
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 14:59:53 +0000 (15:59 +0100)]
hostapd: Write VHT capabilities to configuration
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 14:56:33 +0000 (15:56 +0100)]
libnetwork: Actually store index
Index was always zero and therefore only the first PHY could
be queried only.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 14:46:21 +0000 (15:46 +0100)]
libnetwork: Remove debug output
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 14:42:20 +0000 (15:42 +0100)]
libnetwork: Fix typo in RX-LDPC HT capability
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 14:41:16 +0000 (15:41 +0100)]
libnetwork: Fix looping though HT capabilities
The last capability was never looped through
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 14:39:48 +0000 (15:39 +0100)]
ibnetwork: Add command to show available VHT capabilities of phys
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 13:02:09 +0000 (14:02 +0100)]
hostapd: Always enable all HT caps
Signed-off-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 12:10:41 +0000 (14:10 +0200)]
ip-tunnel: Make --peer optional
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 11:46:53 +0000 (13:46 +0200)]
ipsec: VTI keys are static now and don't need to be updated
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Sep 2018 11:43:58 +0000 (13:43 +0200)]
ipsec: GRE/VTI connections are now possible as on-demand
This change implements using zones as GRE/VTI devices so that
we can use IPsec connections in on-demand mode, too.
The device will be created first (as a zone) and might trigger
an IPsec connection. If that happens, the settings of the device
will be updated automatically.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 18 Sep 2018 12:01:12 +0000 (14:01 +0200)]
ip-tunnel: Add support for VTI interfaces
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 18 Sep 2018 11:33:30 +0000 (13:33 +0200)]
ipsec: Show ZONE setting when configuration is being dumped
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 18 Sep 2018 11:30:17 +0000 (13:30 +0200)]
ipsec: Change mode to transport/tunnel only
VTI is being removed and will be possible via the new
zone command.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 18 Sep 2018 11:21:19 +0000 (13:21 +0200)]
ipsec: Allow adding a zone to a VPN connection
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 18 Sep 2018 10:16:02 +0000 (12:16 +0200)]
ipsec: security policies: Fix typos in plural variables
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 15:23:44 +0000 (16:23 +0100)]
nitsi: Add tests for ip-tunnels in GRE mode
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 14:54:45 +0000 (16:54 +0200)]
Makefile: Forgot to remove 6to4-tunnel hook
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 14:46:16 +0000 (15:46 +0100)]
Merge remote-tracking branch 'jschlag/master'
Michael Tremer [Mon, 17 Sep 2018 14:30:17 +0000 (16:30 +0200)]
Drop 6to4-tunnel hook which is (partly) replaced by ip-tunnel
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 14:06:38 +0000 (16:06 +0200)]
man: Add documentation for IP tunnel hook
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 13:30:00 +0000 (15:30 +0200)]
Add generic IP tunnel zone hook
This is useful to create GRE connections and can easily
be extended to do more later.
Fixes: #11607
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 13:29:32 +0000 (15:29 +0200)]
ip-tunnel: Create a function that determines if all IP addresses match
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 13:25:55 +0000 (15:25 +0200)]
ip-tunnel: Fix protocol detection when local address is empty
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 11:49:24 +0000 (13:49 +0200)]
ipsec: security policies: Add documentation for pseudo-random-functions command
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 17 Sep 2018 11:45:49 +0000 (13:45 +0200)]
CLI: Fix destroying zones
The old delayed removal process doesn't exist any more
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 16 Sep 2018 14:16:43 +0000 (16:16 +0200)]
Merge remote-tracking branch 'upstream/master'
Michael Tremer [Sun, 16 Sep 2018 14:15:53 +0000 (15:15 +0100)]
ipsec: security policies: Make integrity command plural
References: #11446
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 16 Sep 2018 14:15:52 +0000 (16:15 +0200)]
Merge remote-tracking branch 'upstream/master'
Jonatan Schlag [Sun, 16 Sep 2018 14:13:56 +0000 (16:13 +0200)]
Move vpn tests into an own directory structure
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 14:11:36 +0000 (15:11 +0100)]
ipsec: security policies: Make group type command plural
References: #11446
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 16 Sep 2018 14:00:00 +0000 (16:00 +0200)]
Adjust include paths because of the new include path feature
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 14:00:42 +0000 (16:00 +0200)]
ipsec: security policies: Show PRFs when dumping SecPol conf
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 13:57:31 +0000 (15:57 +0200)]
ipsec: security polices: Make cipher command plural
References: #11446
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 16 Sep 2018 13:54:04 +0000 (15:54 +0200)]
Use new include path feature of nitsi
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 13:51:31 +0000 (15:51 +0200)]
ipsec: security-policies: Make PRF command plural
References: #11446
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 13:45:45 +0000 (15:45 +0200)]
ipsec: security-policies: Add CLI to modify PRFs
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 13:19:55 +0000 (15:19 +0200)]
ipsec: Generate IKE proposals with PRFs
This is now a requirement for AEAD ciphers and strongswan
refuses to start.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 16 Sep 2018 12:36:26 +0000 (14:36 +0200)]
Nitsi: port vlan test- check if detach works
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Jonatan Schlag [Sun, 16 Sep 2018 12:03:37 +0000 (14:03 +0200)]
Add vlan port test for nitsi
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 11:53:53 +0000 (12:53 +0100)]
Merge remote-tracking branch 'jschlag/master'
Michael Tremer [Sun, 16 Sep 2018 11:52:39 +0000 (12:52 +0100)]
nitsi: Add test for PPPoE server/client
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 11:50:30 +0000 (12:50 +0100)]
pppoe: Bring up port when zone is coming up
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 16 Sep 2018 11:16:23 +0000 (13:16 +0200)]
Add VPN n2n tests for vti
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Jonatan Schlag [Sun, 16 Sep 2018 11:13:43 +0000 (13:13 +0200)]
Use new phase1 and setup recipes in vpn tests
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 08:21:53 +0000 (09:21 +0100)]
nitsi: Make sure that we are always running with the most recent source
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 08:16:21 +0000 (09:16 +0100)]
nitsi: Automatically drop to a shell in case a test fails
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 09:26:22 +0000 (11:26 +0200)]
pppoe-server: Run with absolute path
Because PATH has been changed this script is executing
itself recursively
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 09:24:28 +0000 (11:24 +0200)]
pppoe-server: Read configuration again
This was broken since config IDs have been introduced
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 16 Sep 2018 08:55:38 +0000 (10:55 +0200)]
Install ppp scripts with executable permissions
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sat, 15 Sep 2018 22:14:36 +0000 (00:14 +0200)]
Merge remote-tracking branch 'upstream/master'
Michael Tremer [Sat, 15 Sep 2018 22:11:36 +0000 (23:11 +0100)]
nitsi: Drop Hello World test
This is a little bit useless now that we have tests
that do stuff that is more useful.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 21:57:09 +0000 (22:57 +0100)]
nitsi: Add phase1
This is supposed to be a good base to build on for any test that
needs a working layer 2 and some IP addresses on the network
to reach any other machines
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 16:04:40 +0000 (17:04 +0100)]
Make make distcheck happy
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sat, 15 Sep 2018 15:59:49 +0000 (17:59 +0200)]
Change ipv6 addresses from global to "private" addresses in nitsi
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Jonatan Schlag [Sat, 15 Sep 2018 15:55:01 +0000 (17:55 +0200)]
Make setting of traffic selectors in nitsi test easier
We now include the file for ipv4 and for ipv6 into the file for ipv64
which makes maintenance easier.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Jonatan Schlag [Sat, 15 Sep 2018 15:49:26 +0000 (17:49 +0200)]
Include ping test of ipv4 and ipv6 into ipv64 test
This make changing ip addresses easier.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 18:40:31 +0000 (20:40 +0200)]
Makefile: Install dhclient-helper as an executable script
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sat, 15 Sep 2018 15:59:49 +0000 (17:59 +0200)]
Change ipv6 addresses from global to "private" addresses in nitsi
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Jonatan Schlag [Sat, 15 Sep 2018 15:55:01 +0000 (17:55 +0200)]
Make setting of traffic selectors in nitsi test easier
We now include the file for ipv4 and for ipv6 into the file for ipv64
which makes maintenance easier.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Jonatan Schlag [Sat, 15 Sep 2018 15:49:26 +0000 (17:49 +0200)]
Include ping test of ipv4 and ipv6 into ipv64 test
This make changing ip addresses easier.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 15:06:05 +0000 (16:06 +0100)]
vpn: Poly1305 is AEAD
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 14:58:16 +0000 (15:58 +0100)]
nitsi: Rename make-install include file to setup
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 14:53:25 +0000 (15:53 +0100)]
nitsi: Include some inital commands in make-install template
This allows us to have a couple fewer includes
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 13:33:55 +0000 (14:33 +0100)]
nitsi: Install configuration files into the right place
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 13:32:22 +0000 (14:32 +0100)]
nitsi: Remove lines that are already in the default settings file
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 15 Sep 2018 13:29:48 +0000 (14:29 +0100)]
nitsi: Remove reference to non-existant strongswan.conf file
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sat, 15 Sep 2018 13:25:08 +0000 (15:25 +0200)]
Merge branch 'nitsi-zone-commands'
Michael Tremer [Sat, 15 Sep 2018 12:49:59 +0000 (13:49 +0100)]
IPsec: Add support for ChaCha20-Poly1305
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>