Search
Use Results
Edit Query
Hide Query

	Include stories about projects I am a member of.

Aug 18 2022

Viacheslav added a comment to T4610: Firewall with 20K entries cannot load after reboot.

I did my internal tests and can't reproduce it
20K entries applied in 0.20 sec

root@r14:/home/vyos# cat tmp.nft | wc -l
20029
root@r14:/home/vyos# 
root@r14:/home/vyos# sudo time nft -f tmp.nft
real	0m 0.20s
user	0m 0.13s
sys	0m 0.06s
root@r14:/home/vyos#

200K entries in 2 sec

root@r14:/home/vyos# cat tmp.nft | wc -l
200029
root@r14:/home/vyos# 
root@r14:/home/vyos# sudo nft flush ruleset
root@r14:/home/vyos# 
root@r14:/home/vyos# sudo time nft -f tmp.nft
real	0m 1.91s
user	0m 1.20s
sys	0m 0.70s
root@r14:/home/vyos#

Aug 18 2022, 1:49 PM · VyOS 1.4 Sagitta

Viacheslav added a subtask for T4564: Root task for rewriting [op-mode] to vyos.opmode format: T4623: Add show conntrack statistics.

Aug 18 2022, 10:09 AM · VyOS Rolling

Viacheslav added a parent task for T4623: Add show conntrack statistics: T4564: Root task for rewriting [op-mode] to vyos.opmode format.

Aug 18 2022, 10:09 AM · VyOS 1.4 Sagitta

Viacheslav created T4623: Add show conntrack statistics.

Aug 18 2022, 10:02 AM · VyOS 1.4 Sagitta

Aug 17 2022

Viacheslav updated the task description for T4622: Firewall allow drop packets by TCP MSS size.

Aug 17 2022, 4:12 PM · VyOS 1.4 Sagitta

Viacheslav renamed T4622: Firewall allow drop packets by TCP MSS size from Firewall allow drop packets by TCP MSS to Firewall allow drop packets by TCP MSS size.

Aug 17 2022, 4:11 PM · VyOS 1.4 Sagitta

Viacheslav created T4622: Firewall allow drop packets by TCP MSS size.

Aug 17 2022, 3:37 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4619: Static arp is not set if another entry is present from Open to Needs testing.

Aug 17 2022, 3:22 PM · VyOS 1.4 Sagitta

Viacheslav moved T4480: add an ability to configure squid acl safe ports and acl ssl safe ports from Open to Finished on the VyOS 1.4 Sagitta board.

Aug 17 2022, 3:20 PM · VyOS 1.4 Sagitta

Viacheslav moved T4598: nat66 - Add exclude options from Open to Finished on the VyOS 1.4 Sagitta board.

Aug 17 2022, 3:19 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4601: dhcp : relay agent IP address issue..

@m.korobeinikov Could you check it in 1.3

Aug 17 2022, 11:31 AM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta

Viacheslav moved T4618: Traffic policy not set on virtual interfaces from Open to Finished on the VyOS 1.4 Sagitta board.

Aug 17 2022, 9:49 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

Viacheslav added a comment to T4618: Traffic policy not set on virtual interfaces.

PR for 1.3.2 https://github.com/vyos/vyatta-cfg-qos/pull/16

Aug 17 2022, 9:49 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

Viacheslav added a comment to T4621: OpenConnect group selection.

The similar request T3896

Aug 17 2022, 1:49 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Aug 16 2022

Viacheslav committed rVYOSONEXd69b7989620d: upnp: T4613: Verify listen key in dictionary.

Aug 16 2022, 5:24 PM

Viacheslav added a comment to T4620: UPnP does not work due to incorrect template.

PR https://github.com/vyos/vyos-1x/pull/1476

Aug 16 2022, 4:30 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4611: UPnP rule IP should be a prefix instead of an address.

PR https://github.com/vyos/vyos-1x/pull/1476

Aug 16 2022, 4:30 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4611: UPnP rule IP should be a prefix instead of an address from Open to In progress.

Aug 16 2022, 4:11 PM · VyOS 1.4 Sagitta

Viacheslav updated the task description for T4620: UPnP does not work due to incorrect template.

Aug 16 2022, 3:54 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4620: UPnP does not work due to incorrect template from Open to In progress.

Aug 16 2022, 3:52 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4611: UPnP rule IP should be a prefix instead of an address.

It seems UPnP rules doesn't work at all task T4620

Aug 16 2022, 3:52 PM · VyOS 1.4 Sagitta

Viacheslav created T4620: UPnP does not work due to incorrect template.

Aug 16 2022, 3:51 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4611: UPnP rule IP should be a prefix instead of an address.

@patrickli Could you send a real example? In your example, port ranges are incorrect also it is not all required UPnP configuration
If you sent all UPnP configuration, it already has been done :)
I'm not a UPnP person, so I ask for some examples.

Aug 16 2022, 3:23 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4613: UPnP configuration without listen option fail.

PR https://github.com/vyos/vyos-1x/pull/1475

Aug 16 2022, 3:04 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4613: UPnP configuration without listen option fail from Open to In progress.

Aug 16 2022, 2:29 PM · VyOS 1.4 Sagitta

Viacheslav updated the task description for T4613: UPnP configuration without listen option fail.

Aug 16 2022, 2:28 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4617: VRF specification is needed for telegraf prometheus-client listen-address <address> .

I tried to add vrf, but it requires some permissions, service is not starting

diff --git a/data/templates/monitoring/override.conf.j2 b/data/templates/monitoring/override.conf.j2
index 9f1b4ebe..63e479af 100644
--- a/data/templates/monitoring/override.conf.j2
+++ b/data/templates/monitoring/override.conf.j2
@@ -1,7 +1,10 @@
+{% set vrf_command = 'ip vrf exec ' ~ vrf ~ ' ' if vrf is vyos_defined else '' %}
 [Unit]
 After=vyos-router.service
 ConditionPathExists=/run/telegraf/vyos-telegraf.conf
 [Service]
+ExecStart=
+ExecStart={{ vrf_command }}/usr/bin/telegraf -config /run/telegraf/vyos-telegraf.conf -config-directory /etc/telegraf/telegraf.d $TELEGRAF_OPTS
 Environment=INFLUX_TOKEN={{ influxdb.authentication.token }}
 CapabilityBoundingSet=CAP_NET_RAW CAP_NET_ADMIN CAP_SYS_ADMIN
 AmbientCapabilities=CAP_NET_RAW CAP_NET_ADMIN
diff --git a/interface-definitions/service-monitoring-telegraf.xml.in b/interface-definitions/service-monitoring-telegraf.xml.in
index 36f40a53..dc014ee1 100644
--- a/interface-definitions/service-monitoring-telegraf.xml.in
+++ b/interface-definitions/service-monitoring-telegraf.xml.in
@@ -306,6 +306,7 @@
                   </leafNode>
                 </children>
               </node>
+              #include <include/interface/vrf.xml.i>
             </children>
           </node>
         </children>

Aug 16 2022, 1:40 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4617: VRF specification is needed for telegraf prometheus-client listen-address <address> .

As we have one config file for all plugins, as we start only one telegraf process, I guess it should be global telegraf option set service monitoring telegraf vrf <vrf-name>

Aug 16 2022, 12:32 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4596: "show openconnect-server sessions" command does not work in the openconnect module, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, from In progress to Needs testing.

Aug 16 2022, 11:58 AM · VyOS Rolling

Viacheslav changed the status of T4596: "show openconnect-server sessions" command does not work in the openconnect module from In progress to Needs testing.

Aug 16 2022, 11:58 AM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4618: Traffic policy not set on virtual interfaces.

PR https://github.com/vyos/vyatta-cfg-qos/pull/14

Aug 16 2022, 11:48 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

Viacheslav changed the status of T4618: Traffic policy not set on virtual interfaces from Open to In progress.

Aug 16 2022, 11:31 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

Viacheslav assigned T4601: dhcp : relay agent IP address issue. to Unknown Object (User).

Aug 16 2022, 9:58 AM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta

Viacheslav changed the status of T4601: dhcp : relay agent IP address issue. from Confirmed to Needs testing.

Aug 16 2022, 9:58 AM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta

Viacheslav committed rVYOSONEX1bd3a9635a5f: ocserv: T4596: Rewrite show openconnect sessions op-mode.

Aug 16 2022, 6:27 AM

Aug 15 2022

Viacheslav edited projects for T4082: Add op mode command to restart ldpd, added: VyOS 1.3 Equuleus; removed VyOS 1.3 Equuleus (1.3.2).

Aug 15 2022, 11:38 AM · VyOS 1.3 Equuleus (1.3.0)

Viacheslav closed T3988: Feature Request: IPsec Multiple local/remote prefix for the tunnel as Resolved.

Aug 15 2022, 11:33 AM · VyOS 1.4 Sagitta

Viacheslav created T4613: UPnP configuration without listen option fail.

Aug 15 2022, 11:21 AM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4612: Support arbitrary netmasks in firewall rules.

It is possible but with specific syntax
I found some examples:

nft insert rule ip filter VYOS_FW_FORWARD ip 'saddr & 0.255.0.255 != 0.11.0.13' counter

Aug 15 2022, 11:15 AM · VyOS 1.4 Sagitta

Viacheslav closed T4609: Unable to Restart Container VyOS 1.4 as Resolved.

Aug 15 2022, 11:05 AM · VyOS 1.4 Sagitta

Viacheslav committed rVYOSONEX03e69f280725: container: T4609: Fix restart container.

Aug 15 2022, 11:04 AM

Viacheslav added a comment to T4612: Support arbitrary netmasks in firewall rules.

@patrickli nftables is not engine for iptables. It is programs to work with netfilter
That's why I ask for the real example

root@r1:/home/vyos# nft insert rule ip6 filter INPUT ip6 saddr ::dead:beef/::ffff:ffff counter
Error: syntax error, unexpected string, expecting number
insert rule ip6 filter INPUT ip6 saddr ::dead:beef/::ffff:ffff counter
                                                   ^^^^^^^^^^^
root@r1:/home/vyos#

Aug 15 2022, 10:15 AM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4612: Support arbitrary netmasks in firewall rules.

@patrickli In 1.4 we don't use iptables, we use nftables
LInk to nftables example will be helpful.

Aug 15 2022, 10:03 AM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4611: UPnP rule IP should be a prefix instead of an address.

@patrickli Could you attach an example of VyOS configuration with set service upnp xxx
If you manually change upnpd.conf does it work correctly?

Aug 15 2022, 10:01 AM · VyOS 1.4 Sagitta

Viacheslav closed T2763: New SNMP resource request - SNMP over TCP as Resolved.

Aug 15 2022, 9:54 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

Viacheslav created T4610: Firewall with 20K entries cannot load after reboot.

Aug 15 2022, 9:50 AM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4609: Unable to Restart Container VyOS 1.4.

PR https://github.com/vyos/vyos-1x/pull/1468

Aug 15 2022, 9:36 AM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4609: Unable to Restart Container VyOS 1.4 from Open to In progress.

Aug 15 2022, 9:24 AM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4595: DPD interval and timeout do not work in DMVPN from Open to Needs testing.

Aug 15 2022, 9:05 AM · VyOS 1.4 Sagitta

Viacheslav committed rVYOSONEXfed4cbf9b2f0: dmvpn: T4595: Fix dpd profile options.

Aug 15 2022, 8:49 AM

Aug 14 2022

Viacheslav added a comment to T4609: Unable to Restart Container VyOS 1.4.

It seems after this commit https://github.com/vyos/vyos-1x/commit/08cb762347208b21a8cbf81f7b35707d7e6dd4ac
I’ll take a look later

Aug 14 2022, 2:40 PM · VyOS 1.4 Sagitta

Aug 13 2022

Viacheslav created T4608: IPSec shows only one IKE for the same peer.

Aug 13 2022, 1:03 PM · Bugs, VyOS Rolling

Viacheslav added a comment to T538: Support for network mapping in NAT.

PR https://github.com/vyos/vyos-1x/pull/1466
Let me know if there is what you are expecting,
requires more tests

set nat static rule 10 destination address '10.0.1.1'
set nat static rule 10 inbound-interface 'eth0'
set nat static rule 10 translation address '192.168.1.1'

Aug 13 2022, 12:21 AM · VyOS 1.4 Sagitta

Aug 12 2022

Viacheslav added a comment to T3670: Option to disable HTTP port 80 redirect.

@artooro Did you try listen-port option for this case?

set service https api gql
set service https api keys id KID key 'foo'
set service https api socket
set service https virtual-host foo listen-port '2580'

Check:

vyos@r14# sudo netstat -tulpn | grep nginx
tcp        0      0 0.0.0.0:2580            0.0.0.0:*               LISTEN      3570/nginx: master  
tcp6       0      0 :::2580                 :::*                    LISTEN      3570/nginx: master  
[edit]
vyos@r14#

Aug 12 2022, 7:37 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4122: interface ip address config missing after upgrade from 1.2.8 to 1.3.0 (when redirect is configured?).

@n.fort Create please PR for 1.3

Aug 12 2022, 7:18 PM · VyOS 1.3 Equuleus (1.3.3)

Viacheslav closed T4603: Need a config option to specify NAS-IP-Address for vpn l2tp as Resolved.

Aug 12 2022, 7:13 PM · VyOS 1.4 Sagitta

Viacheslav added a project to T4607: Configuration commit fails on kernel 5.15 (and likely others) in libboost's filesystem::copy_file from EXEDEV on the FUSE UnionFS mounts: VyOS 1.4 Sagitta.

Aug 12 2022, 2:59 PM · VyOS 1.4 Sagitta

Aug 11 2022

Viacheslav changed the status of T4603: Need a config option to specify NAS-IP-Address for vpn l2tp from In progress to Needs testing.

@aserkin Will be present in the next rolling release.

Aug 11 2022, 11:28 AM · VyOS 1.4 Sagitta

Viacheslav updated subscribers of T4605: Firewall change default table names.

Aug 11 2022, 10:06 AM · VyOS 1.4 Sagitta

Viacheslav updated the task description for T4605: Firewall change default table names.

Aug 11 2022, 9:48 AM · VyOS 1.4 Sagitta

Viacheslav created T4605: Firewall change default table names.

Aug 11 2022, 9:46 AM · VyOS 1.4 Sagitta

Viacheslav added a subtask for T4470: Rewrite load-balancing wan to XML/Python: T114: Allow wan load-balancing rules to match against groups.

Aug 11 2022, 8:37 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling

Viacheslav added a parent task for T114: Allow wan load-balancing rules to match against groups: T4470: Rewrite load-balancing wan to XML/Python.

Aug 11 2022, 8:36 AM · VyOS 1.5 Circinus (2025.11)

Viacheslav added a comment to T4374: ipv6 address drops from interface, but network still active.

@ajgnet Could you show routes after this bug?

sudo ip -6 route show
sudo ip -6 route get 2607:f8b0:4006:80d::200e

Aug 11 2022, 7:37 AM · VyOS 1.4 Sagitta

Viacheslav committed rVYOSONEXfcb2253153be: l2tp: T4603: Add RADIUS nas-ip-address option.

Aug 11 2022, 5:35 AM

Aug 10 2022

Viacheslav closed T4408: Add sshguard to protect against brut-forces as Resolved.

Aug 10 2022, 10:24 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4485: OpenVPN: Allow multiple CAs certificates from In progress to Needs testing.

Aug 10 2022, 10:21 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4595: DPD interval and timeout do not work in DMVPN.

PR https://github.com/vyos/vyos-1x/pull/1465

Aug 10 2022, 10:01 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4603: Need a config option to specify NAS-IP-Address for vpn l2tp.

PR https://github.com/vyos/vyos-1x/pull/1464

Aug 10 2022, 9:07 PM · VyOS 1.4 Sagitta

hard awarded T4502: Consider implementing (NAT/other) flow table offload a Like token.

Aug 10 2022, 8:33 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4603: Need a config option to specify NAS-IP-Address for vpn l2tp from Open to In progress.

Aug 10 2022, 8:23 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4118: IPsec syntax overhaul.

PR https://github.com/vyos/vyos-1x/pull/1463
PR https://github.com/vyos/vyatta-cfg-system/pull/184

Aug 10 2022, 8:08 PM · VyOS 1.4 Sagitta

Viacheslav added a project to T4603: Need a config option to specify NAS-IP-Address for vpn l2tp: VyOS 1.4 Sagitta.

Aug 10 2022, 11:28 AM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4603: Need a config option to specify NAS-IP-Address for vpn l2tp.

@aserkin Could you send an example of the required accel-ppp section? And how do you see this command in VyOS CLI?

Aug 10 2022, 11:28 AM · VyOS 1.4 Sagitta

Aug 9 2022

Viacheslav added a comment to T4547: Show vpn ipsec sa show unexpected prefix 'B' in packets.

Will be fixed in https://github.com/vyos/vyos-1x/pull/1458

Aug 9 2022, 12:07 PM · VyOS 1.4 Sagitta

Aug 8 2022

Viacheslav added a comment to T4602: DHCP `ping-check` enabled by default.

ping-check shouldn't be allowed by default
To enable it you have to set set service dhcp-server shared-network-name Lan01 ping-check
There is no configuration in generated .conf:

vyos@r14# cat /run/dhcp-server/dhcpd.conf | grep ping
[edit]
vyos@r14#

Aug 8 2022, 8:28 PM · VyOS 1.4 Sagitta

Viacheslav closed T4586: Add to NAT66: SNAT destination address and DNAT source address. as Resolved.

Aug 8 2022, 7:31 AM · VyOS 1.4 Sagitta

Aug 6 2022

Viacheslav added a comment to T4596: "show openconnect-server sessions" command does not work in the openconnect module.

PR https://github.com/vyos/vyos-1x/pull/1462

Aug 6 2022, 10:18 AM · VyOS 1.4 Sagitta

Aug 6 2022, 9:48 AM · VyOS Rolling

Viacheslav changed the status of T4596: "show openconnect-server sessions" command does not work in the openconnect module from Open to In progress.

Aug 6 2022, 9:48 AM · VyOS 1.4 Sagitta

Aug 5 2022

Viacheslav committed rVYOSONEXe3209859935e: ocserv: T4597: Check bind port before openconnect commit.

Aug 5 2022, 6:30 PM

Viacheslav updated subscribers of T4597: Check bind port before assign service HTTPS API and openconnect.

Aug 5 2022, 3:48 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4597: Check bind port before assign service HTTPS API and openconnect.

PR checks if openconnect port is listened by another service https://github.com/vyos/vyos-1x/pull/1460

Aug 5 2022, 3:47 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4597: Check bind port before assign service HTTPS API and openconnect from Open to In progress.

Aug 5 2022, 2:26 PM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4589: BGP listen limit Increase via CLI command.

It is already present in 1.4

vyos@r14:~$ show conf com | match bgp
set protocols bgp listen limit '1000'
set protocols bgp listen range 192.0.2.0/24 peer-group 'FOO'
set protocols bgp local-as '65001'
set protocols bgp peer-group FOO remote-as '65001'

Aug 5 2022, 12:39 PM · VyOS 1.4 Sagitta (1.4.0-GA)

Viacheslav created T4597: Check bind port before assign service HTTPS API and openconnect.

Aug 5 2022, 11:40 AM · VyOS 1.4 Sagitta

Viacheslav added a subtask for T4564: Root task for rewriting [op-mode] to vyos.opmode format: T4596: "show openconnect-server sessions" command does not work in the openconnect module.

Aug 5 2022, 10:43 AM · VyOS Rolling

Viacheslav added a parent task for T4596: "show openconnect-server sessions" command does not work in the openconnect module: T4564: Root task for rewriting [op-mode] to vyos.opmode format.

Aug 5 2022, 10:43 AM · VyOS 1.4 Sagitta

Viacheslav added a comment to T4596: "show openconnect-server sessions" command does not work in the openconnect module.

It appeared after this commit
It doesn't like this check https://github.com/vyos/vyos-1x/blob/2a10ffa4b5074be27458159fa94d6227d0e5c7f7/src/op_mode/openconnect-control.py#L63-L65
Check root user https://github.com/vyos/vyos-1x/blob/2a10ffa4b5074be27458159fa94d6227d0e5c7f7/python/vyos/util.py#L625-L626

Aug 5 2022, 10:04 AM · VyOS 1.4 Sagitta

Aug 4 2022

Viacheslav changed the status of T4572: Add an option to force interface MTU to the value received from DHCP from Confirmed to Needs testing.

Aug 4 2022, 3:11 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

Viacheslav committed rVYOSONEX67583141f433: mtu: T4572: Add DHCP-option MTU to get values from DHCP-server.

Aug 4 2022, 2:41 PM

Viacheslav changed the status of T4547: Show vpn ipsec sa show unexpected prefix 'B' in packets, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, from Open to In progress.

Aug 4 2022, 1:54 PM · VyOS Rolling

Viacheslav changed the status of T4547: Show vpn ipsec sa show unexpected prefix 'B' in packets from Open to In progress.

Aug 4 2022, 1:54 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4594: Rewrite op-mode IPsec to vyos.opmode format, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, from Open to In progress.

Aug 4 2022, 1:54 PM · VyOS Rolling

Viacheslav changed the status of T4594: Rewrite op-mode IPsec to vyos.opmode format from Open to In progress.

Aug 4 2022, 1:54 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T4586: Add to NAT66: SNAT destination address and DNAT source address. from Open to Needs testing.

Aug 4 2022, 1:50 PM · VyOS 1.4 Sagitta

Viacheslav committed rVYOSONEX08699a10ccea: validators: T4586: Add IPv6 exclude validators for address/prefix.

Aug 4 2022, 1:50 PM

Viacheslav committed rVYOSONEXecc03bd6e499: nat66: T4586: Add SNAT destination prefix and DNAT address.

Aug 4 2022, 1:50 PM

Viacheslav added a comment to T4594: Rewrite op-mode IPsec to vyos.opmode format.

PR https://github.com/vyos/vyos-1x/pull/1458
Formatted output

vyos@r14:~$ show vpn ipsec sa
Connection                 State    Uptime    Bytes In/Out    Packets In/Out    Remote address    Remote ID    Proposal
-------------------------  -------  --------  --------------  ----------------  ----------------  -----------  ---------------------------------------
peer_2001-db8--2_tunnel_0  up       9m15s     0B/0B           0/0               2001:db8::2       2001:db8::2  AES_CBC_256/HMAC_SHA2_256_128/MODP_2048
peer_2001-db8--2_tunnel_0  up       24m9s     0B/0B           0/0               2001:db8::2       2001:db8::2  AES_CBC_256/HMAC_SHA2_256_128/MODP_2048
vyos@r14:~$

Aug 4 2022, 1:18 PM · VyOS 1.4 Sagitta

Viacheslav created T4594: Rewrite op-mode IPsec to vyos.opmode format.

Aug 4 2022, 10:11 AM · VyOS 1.4 Sagitta

SearchUse ResultsEdit QueryHide Query

Aug 18 2022

Aug 17 2022

Aug 16 2022

Aug 15 2022

Aug 14 2022

Aug 13 2022

Aug 12 2022

Aug 11 2022

Aug 10 2022

Aug 9 2022

Aug 8 2022

Aug 6 2022

Aug 5 2022

Aug 4 2022

Search
Use Results
Edit Query
Hide Query