Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Sep 25 2022

Viacheslav changed the status of T4680: Telegraf prometheus-client listen-address invalid format from In progress to Needs testing.
Sep 25 2022, 6:31 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
ajgnet updated the task description for T4710: show openvpn server occasionally returns IndexError: list index out of range.
Sep 25 2022, 6:30 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4708: 'show nat destination rules' throwing an error.

Send steps to reproduce it or “show conf com | match nat”

Sep 25 2022, 6:29 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4710: show openvpn server occasionally returns IndexError: list index out of range.

Send steps to reproduce it or “show conf com | match openvpn ”

Sep 25 2022, 6:27 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX8f2f63032298: wireguard: ifconfig: T2653: move Config() import to be local to consumer.
Sep 25 2022, 7:19 AM
c-po committed rVYOSONEX01fcfb82122f: wireguard: ifconfig: T2653: use NamedTemporaryFile() when dealing with private….
Sep 25 2022, 7:19 AM

Sep 24 2022

ajgnet created T4710: show openvpn server occasionally returns IndexError: list index out of range.
Sep 24 2022, 9:53 PM · VyOS 1.4 Sagitta
initramfs added a comment to T4709: TCP MSS clamping broken in equuleus.

See https://unix.stackexchange.com/questions/672742/why-mss-clamping-in-iptables-nft-seems-to-take-no-effect-in-nftables for additional explanation why the iptables version do not work under iptables-nft.

Sep 24 2022, 8:28 PM · VyOS 1.3 Equuleus (1.3.3)
initramfs added a comment to T4709: TCP MSS clamping broken in equuleus.

Relevant PRs:

Sep 24 2022, 8:15 PM · VyOS 1.3 Equuleus (1.3.3)
initramfs committed rVYOSONEXcc01700d2a2b: interfaces: T4709: raise minimum TCP MSS clamping value.
Sep 24 2022, 8:10 PM
GitHub <noreply@github.com> committed rVYOSONEXadc59ad72d91: Merge pull request #1558 from initramfs/current-fix-tcp-mss (authored by c-po).
Sep 24 2022, 8:10 PM
initramfs created T4709: TCP MSS clamping broken in equuleus.
Sep 24 2022, 7:43 PM · VyOS 1.3 Equuleus (1.3.3)
c-po committed rVYOSONEX13645bc2cfd3: ethernet: T3171: enable RPS (Receive Packet Steering) for all RX queues.
Sep 24 2022, 5:30 PM

Sep 22 2022

c-po committed rVYOSONEX35d8141575c3: ipoe: T4703: fix migration of vlan node for loca authenticated users.
Sep 22 2022, 6:03 PM
c-po committed rVYOSONEX8ee9bc18f137: ipoe: T4703: fix migration of vlan node for loca authenticated users.
Sep 22 2022, 6:02 PM
c-po committed rVYOSONEXe1d3fd0b29a1: xml: T4698: validating a range must be explicitly enabled in the validator.
Sep 22 2022, 6:02 PM
n.fort added a comment to T4699: Firewall - Add jump action - Add return action.

PR for Jump: https://github.com/vyos/vyos-1x/pull/1553

Sep 22 2022, 4:20 PM · VyOS 1.4 Sagitta
goodNETnick <pknet@ya.ru> committed rVYOSONEX19500ad11f95: system login: T874: add libpam-google-authenticator package to provide 2FA….
Sep 22 2022, 2:22 PM
GitHub <noreply@github.com> committed rVYOSONEX4115503de153: Merge pull request #1541 from goodNETnick/ggl_auth (authored by c-po).
Sep 22 2022, 2:22 PM
sarthurdev committed rVYOSONEXc72d6bc68c71: nat: T4605: Fix op-mode NAT table name.
Sep 22 2022, 2:03 PM
GitHub <noreply@github.com> committed rVYOSONEXb19a70c1cc38: Merge pull request #1554 from sarthurdev/nat_refactor (authored by c-po).
Sep 22 2022, 2:03 PM
Unknown Object (User) added a comment to T874: Support for Two Factor Authentication for CLI access via Google Authenticator/OTP.

PR with feature request:
https://github.com/vyos/vyos-1x/pull/1555

Sep 22 2022, 12:26 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
dmbaturin published a new version of 1.3.1.
Sep 22 2022, 12:13 PM
dmbaturin deleted 1.3.3.
Sep 22 2022, 11:55 AM
dmbaturin renamed 1.3.3 from 1.3.1 to 1.3.3.
Sep 22 2022, 10:59 AM
dmbaturin edited the content of 1.3.1.
Sep 22 2022, 10:58 AM
dmbaturin renamed 1.3.3 from 1.3.3 to 1.3.1.
Sep 22 2022, 10:56 AM
v.huti added a comment to T4180: Support for QoS Policy Propagation via BGP (QPPB).

DEMO
===============================================

To demonstrate the feature let's look at the following topology

topo.png (447×900 px, 87 KB)

qppb_artifacts.tar.gz34 MBDownload


qppb_demo_m2.gns3project1 GBDownload

Sep 22 2022, 10:54 AM · VyOS Rolling
jack9603301 added a comment to T4706: NAT and NAT66 issues.

@sdev @Netboy3 I'll test if the new implementation is done and if the bug is fixed I'll close this PR, thanks

Sep 22 2022, 10:47 AM · VyOS 1.4 Sagitta
dmbaturin edited the content of 1.3.3.
Sep 22 2022, 10:19 AM
dmbaturin edited the content of 1.3.3.
Sep 22 2022, 10:19 AM
dmbaturin created 1.3.3.
Sep 22 2022, 10:12 AM
Viacheslav committed rVYOSONEXa8e73794ec42: update-check: T3476: Allow update-check for VyOS images.
Sep 22 2022, 6:00 AM
GitHub <noreply@github.com> committed rVYOSONEXcd1875cb1521: Merge pull request #1521 from sever-sever/T3476 (authored by c-po).
Sep 22 2022, 6:00 AM
sarthurdev committed rVYOSONEX448d4f6db9cf: nat: T4605: Refactor NAT to use python module for parsing rules.
Sep 22 2022, 5:58 AM
sarthurdev committed rVYOSONEXe6ba98a85ca7: nat66: T4605: Refactor NAT66 to use python module for parsing rules.
Sep 22 2022, 5:58 AM
sarthurdev committed rVYOSONEXc6bbe051574a: nat: T4605: Refactor static NAT to use python module for parsing rules.
Sep 22 2022, 5:58 AM
GitHub <noreply@github.com> committed rVYOSONEX7ba1f6444d1b: Merge pull request #1552 from sarthurdev/nat_refactor (authored by c-po).
Sep 22 2022, 5:58 AM
GitHub <noreply@github.com> committed rVYOSONEXf3e6fb5aab6f: telegraf: T4680: fix prometheus client listen-address invalid format (authored by ServerForge).
Sep 22 2022, 5:57 AM
Netboy3 added a comment to T4706: NAT and NAT66 issues.

@jack9603301 I've tested your updated PR and it seems to work well now. Thank you for the quick response.
@sdev I've tested your PR and it seems to also fix both issues. I did not test anything beyond DNAT port only in both ip and ip6 families.

Sep 22 2022, 2:51 AM · VyOS 1.4 Sagitta

Sep 21 2022

n.fort committed rVYOSONEX2a4f007bc3f3: T4699: Firewall: Add return action, since jump action was added recently.
Sep 21 2022, 6:24 PM
GitHub <noreply@github.com> committed rVYOSONEX2921b6fbcdde: Merge pull request #1553 from nicolas-fort/return-action (authored by c-po).
Sep 21 2022, 6:24 PM
n.fort renamed T4699: Firewall - Add jump action - Add return action from Firewall - Add jump action to Firewall - Add jump action - Add return action.
Sep 21 2022, 5:45 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEXb004cad76803: dhcpv6-pd: T2821: bugfix Jinja2 template - missing conditional if.
Sep 21 2022, 5:35 PM
c-po committed rVYOSONEX52ab8172f9cf: dhcpv6-pd: T2821: bugfix Jinja2 template - missing conditional if.
Sep 21 2022, 5:31 PM
c-po closed T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node, a subtask of T4678: Rewrite service ipoe-server to get_config_dict, as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po closed T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po updated the task description for T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po closed T4678: Rewrite service ipoe-server to get_config_dict as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX05df2a5f021f: ipoe: T4678: T4703: rewrite to get_config_dict().
Sep 21 2022, 4:47 PM
sarthurdev added a comment to T4706: NAT and NAT66 issues.

Included a fix for this in NAT refactor: https://github.com/vyos/vyos-1x/pull/1552

Sep 21 2022, 4:12 PM · VyOS 1.4 Sagitta
sarthurdev added a comment to T4605: Firewall change default table names.

PR for NAT included with refactor: https://github.com/vyos/vyos-1x/pull/1552

Sep 21 2022, 4:12 PM · VyOS 1.4 Sagitta
c-po added a subtask for T4678: Rewrite service ipoe-server to get_config_dict: T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
c-po added a parent task for T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node: T4678: Rewrite service ipoe-server to get_config_dict.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
c-po changed the status of T4678: Rewrite service ipoe-server to get_config_dict from Open to In progress.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
Netboy3 added a comment to T4706: NAT and NAT66 issues.

@jack9603301, your PR solves the NAT66 issue - thank you. However, the change you made to nat.py to try to solve the NAT44 issue is not complete and seem to also require a template change. I'll post additional details in the PR.

Sep 21 2022, 2:33 PM · VyOS 1.4 Sagitta
c-po claimed T4678: Rewrite service ipoe-server to get_config_dict.
Sep 21 2022, 2:28 PM · VyOS 1.4 Sagitta
narey83 created T4708: 'show nat destination rules' throwing an error.
Sep 21 2022, 12:51 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4699: Firewall - Add jump action - Add return action.

Since jump action was added, It would be good to also add "return" action

Sep 21 2022, 12:39 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

PR: https://github.com/vyos/vyos-1x/pull/1550

Sep 21 2022, 12:39 PM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4707: Enable OSPF segment routing.

Initial PR here, https://github.com/vyos/vyos-1x/pull/1551.

Sep 21 2022, 12:33 AM · VyOS 1.4 Sagitta

Sep 20 2022

Cheeze_It changed the status of T4707: Enable OSPF segment routing from Open to In progress.
Sep 20 2022, 11:42 PM · VyOS 1.4 Sagitta
Cheeze_It created T4707: Enable OSPF segment routing.
Sep 20 2022, 11:42 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX87d54b805f6f: xml: firewall: T2199: improve interface help string.
Sep 20 2022, 8:52 PM
c-po committed rVYOSONEX9ad4cb12ebfc: xml: ipsec: T1210: add valueHelp and constraint for remote-access connection….
Sep 20 2022, 6:43 PM
c-po committed rVYOSONEXbd2fc1900bfc: xml: ipsec: T3093: add valueHelp and constraint for profile name.
Sep 20 2022, 6:43 PM
c-po committed rVYOSONEX2eb0ddc54ea8: ipsec: T4118: bugfix migration of IKEv2 road-warrior "id" CLI option.
Sep 20 2022, 6:43 PM
Cheeze_It closed T4693: ISIS segment routing was broken... as Resolved.
Sep 20 2022, 5:38 PM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

It seems we have working ISIS segment routing:

Sep 20 2022, 5:32 PM · VyOS 1.4 Sagitta
Cheeze_It triaged T4693: ISIS segment routing was broken... as Normal priority.
Sep 20 2022, 4:25 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

@Netboy3 Let me modify the template to support

Sep 20 2022, 7:26 AM · VyOS 1.4 Sagitta

Sep 19 2022

Viacheslav added a project to T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt: VyOS 1.4 Sagitta.
Sep 19 2022, 10:57 PM · VyOS 1.4 Sagitta
Netboy3 added a comment to T4706: NAT and NAT66 issues.

Why would you enforce an address? It is perfectly OK to have port-only DNAT66 without any destination address such as:
nft add rule ip6 nat PREROUTING iifname eth1 counter tcp dport 443 dnat to :3000
Problem is that the test logic breaks on this and spits out a wrong statement to NFT that barfs on it.

Sep 19 2022, 8:55 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

Maybe we should add check to NAT66 to enforce the given address

Sep 19 2022, 7:32 PM · VyOS 1.4 Sagitta
n.fort changed the status of T4706: NAT and NAT66 issues from Open to Confirmed.
Sep 19 2022, 6:34 PM · VyOS 1.4 Sagitta
n.fort claimed T4706: NAT and NAT66 issues.
Sep 19 2022, 6:34 PM · VyOS 1.4 Sagitta
n.fort created T4706: NAT and NAT66 issues.
Sep 19 2022, 6:33 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEXe9c233d65cff: ipsec: T4118: bugfix config migrator 9-to-10.
Sep 19 2022, 6:30 PM
n.fort changed the status of T4699: Firewall - Add jump action - Add return action from In progress to Needs testing.
Sep 19 2022, 11:02 AM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX842d79f986c2: smoketest: T4118: Fix smoketest for NHRP.
Sep 19 2022, 10:14 AM
GitHub <noreply@github.com> committed rVYOSONEXfdfe3dabcbff: Merge pull request #1549 from sever-sever/T4118-smoketest (authored by c-po).
Sep 19 2022, 10:14 AM
mike-pisman created T4705: Add Thunderbolt networking and interfaces supported in the config environment.
Sep 19 2022, 3:30 AM · VyOS Rolling

Sep 18 2022

jmarmorato added a comment to T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic.

@n.fort Maybe set firewall name <name> rule <rule> ipsec match-gre? This feels a bit hacky though... Almost like match should be its own block and contain ipsec, none, or gre

Sep 18 2022, 10:06 PM · VyOS 1.4 Sagitta (1.4.0-GA)
Cheeze_It committed rVYOSONEX6ce3b50be62a: Update protocols_isis.py.
Sep 18 2022, 7:35 PM
GitHub <noreply@github.com> committed rVYOSONEX877047b9d36f: Merge pull request #1543 from Cheeze-It/current (authored by c-po).
Sep 18 2022, 7:35 PM
roedie claimed T4639: Crowdsec in VyOS (Blocking only).
Sep 18 2022, 5:57 PM · VyOS Rolling
danhusan closed T3155: ospfv3 mtu-ignore not working on ethernet vifs as Resolved.
Sep 18 2022, 4:41 PM · VyOS 1.2 Crux

Sep 17 2022

roedie moved T4526: keepalived-fifo.py unable to load config from Open to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:34 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie moved T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 from Open to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:31 PM · VyOS 1.4 Sagitta
roedie closed T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 as Resolved.

It works for me (tm)

Sep 17 2022, 8:30 PM · VyOS 1.4 Sagitta
n.fort committed rVYOSONEX99155150df9c: T4699: Firewall: Add jump action in firewall rulest.
Sep 17 2022, 7:16 PM
GitHub <noreply@github.com> committed rVYOSONEXdcf755594d3c: Merge pull request #1546 from nicolas-fort/fwall-jump (authored by c-po).
Sep 17 2022, 7:16 PM
c-po closed T4666: EAP-TLS no longer allows TLSv1.0 after T4537, T4584 as Resolved.
Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta, wpa
c-po moved T4702: Wireguard peers configuration is not synchronized with CLI from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.
Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po added a comment to T4702: Wireguard peers configuration is not synchronized with CLI.

PR for VyOS 1.3.3 https://github.com/vyos/vyos-1x/pull/1548

Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po moved T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node from Open to In Progress on the VyOS 1.4 Sagitta board.
Sep 17 2022, 6:41 PM · VyOS 1.4 Sagitta
c-po moved T4702: Wireguard peers configuration is not synchronized with CLI from Open to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po edited a custom field on T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po changed the status of T4702: Wireguard peers configuration is not synchronized with CLI from Confirmed to Needs testing.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po committed rVYOSONEXa4feb96af9ac: wireguard: T4702: actively revoke peer if it gets disabled.
Sep 17 2022, 6:38 PM
First
Prev
Next