- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Mar 16 2023
Mar 16 2023
Viacheslav moved T3083: Add feature event-handler from Backlog to Finished on the VyOS 1.4 Sagitta board.
Viacheslav changed the status of T5091: IPoE server with RADIUS authentication does not verify radius configuration from Open to In progress.
Viacheslav renamed T5091: IPoE server with RADIUS authentication does not verify radius configuration from IPoE server with RARIUS authentication does not check radius configuration to IPoE server with RADIUS authentication does not check radius configuration.
[Service]
LimitNOFILE=4096
LimitNOFILESoft=4096
ExecStartPre=/bin/bash -c 'mkdir -p /run/frr/config; \
echo "log syslog" > /run/frr/config/frr.conf; \ echo "log facility local7" >> /run/frr/config/frr.conf; \ chown frr:frr /run/frr/config/frr.conf; \ chmod 664 /run/frr/config/frr.conf; \ mount --bind /run/frr/config/frr.conf /etc/frr/frr.conf'
[edit]
vyos@r14#
Viacheslav added a comment to T5092: IPoE-server named pool must not rely on the authentication type.
Viacheslav changed the status of T5092: IPoE-server named pool must not rely on the authentication type from Open to In progress.
Mar 15 2023
Mar 15 2023
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1892
@marc_s thanks, it makes sense.
Viacheslav moved T2516: vyos-container: cannot configure ethernet interface from Open to Finished on the VyOS 1.4 Sagitta board.
Mar 14 2023
Mar 14 2023
Viacheslav changed the status of T5086: Integrate hsflowd for sflow accounting from Open to In progress.
Viacheslav changed the status of T5085: ospfv3 route-map not applied in FRR configuration from In progress to Needs testing.
Will be fixed in the next rolling release
Jenkins job looks simple
git clone https://github.com/sflow/host-sflow make deb FEATURES="NFLOG PCAP TCP DBUS SYSTEMD"
PR https://github.com/vyos/vyos-1x/pull/1888
set policy route-map RMAP6 rule 10 action 'deny' set policy route-map RMAP6 rule 10 match ip address prefix-len '0' set protocols ospfv3 route-map 'RMAP6'
Viacheslav changed the status of T5085: ospfv3 route-map not applied in FRR configuration from Open to In progress.
Mar 13 2023
Mar 13 2023
PR for 1.4 https://github.com/vyos/vyos-1x/pull/1886
vyos@91800359325b# set interfaces ethernet eth0 address 192.0.2.5/24 [edit] vyos@91800359325b# commit [ interfaces ethernet eth0 ] sudo: unable to resolve host 91800359325b: System error
Viacheslav changed the status of T2516: vyos-container: cannot configure ethernet interface from Needs testing to In progress.
Viacheslav added a project to T2516: vyos-container: cannot configure ethernet interface: VyOS 1.4 Sagitta.
Viacheslav updated the task description for T5084: Interfrace negotiation may not work on some platforms.
Mar 10 2023
Mar 10 2023
PR https://github.com/vyos/vyos-1x/pull/1884
>>> range_to_regex(['10-20', '22-35', '50']) '(1\\d|20|2[2-9]|3[0-5]|50)' >>>
Viacheslav changed the status of T5070: show bgp nexthop unavailable in VRF from Open to Needs testing.
Viacheslav changed the status of T5074: Show IPSEC SA failed if remote access IKEv2 vpn is used. from In progress to Needs testing.
Viacheslav changed the status of T4973: show dhcp server leases error for lease time 4294967295 from In progress to Needs testing.
Will be fixed in the next rolling release
If we add vlan to range we get error
set service ipoe-server authentication mode 'noauth' set service ipoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1' set service ipoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24' set service ipoe-server interface eth1 vlan '2000-3000' commit set service ipoe-server interface eth1 vlan '50' commit
The second commit:
Viacheslav changed the status of T4973: show dhcp server leases error for lease time 4294967295 from Open to In progress.
Viacheslav renamed T4973: show dhcp server leases error for lease time 4294967295 from show dhcp server leases error for static entries to show dhcp server leases error for lease time 4294967295.
Mar 9 2023
Mar 9 2023
Viacheslav awarded T5046: CLI for password complexity enforcement PAM module a Like token.
Viacheslav changed the status of T5073: IPoE-server interface option failed to parse from In progress to Needs testing.
@Jimz could you share an example of configuration?
I can't reproduce it with
set service dhcp-server shared-network-name Lan01 authoritative set service dhcp-server shared-network-name Lan01 name-server '1.1.1.1' set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 default-router '192.0.2.1' set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 range R1 start '192.0.2.10' set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 range R1 stop '192.0.2.254' set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 static-mapping myhost ip-address '192.0.2.5' set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 static-mapping myhost mac-address '02:a6:0c:88:3e:a2'
Could you create a PR?
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1878
Viacheslav edited projects for T5066: Different GRE tunnel but same tunnel keys error, added: VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus (1.3.2).
Viacheslav moved T5066: Different GRE tunnel but same tunnel keys error from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav changed the status of T5073: IPoE-server interface option failed to parse from Open to In progress.
Mar 8 2023
Mar 8 2023
Viacheslav changed the status of T5066: Different GRE tunnel but same tunnel keys error from Open to In progress.
There is the regex
It seems don't validate correctly if only one letter before the hyphen, underscores
vyos@r14# set firewall group domain-group a_aa
For "SSH" we have dynamic-protection
vyos@r14# set service ssh dynamic-protection
Possible completions:
+ allow-from Always allow inbound connections from these systems
block-time Block source IP in seconds. Subsequent blocks increase by a
factor of 1.5 (default: 120)
detect-time Remember source IP in seconds before reset their score (default:
1800)
threshold Block source IP when their cumulative attack score exceeds
threshold (default: 30)Mar 7 2023
Mar 7 2023
Viacheslav changed the status of T5063: IPoE-server ethX vlan must not be used with client-subnet from Open to In progress.
Viacheslav renamed T5063: IPoE-server ethX vlan must not be used with client-subnet from IPoE-server network vlan must not be used with client-subnet to IPoE-server ethX vlan must not be used with client-subnet.
@dex Update please the documentation if you want to help project or we'll do it later.
Thanks
The same task T5047
We cannot disable keepalived as it is used not only for VRRP and also for virtual-server
set high-availability virtual-server xxxx
So it should be something like set high-availability disable
Or just clean the VRRP configuration with set high-availability vrrp disable
To make sure that a script is not accidentally called without the vyattacfg group, the script can be safeguarded like this:
if [ "$(id -g -n)" != 'vyattacfg' ] ; then
exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@"
fihttps://docs.vyos.io/en/latest/automation/command-scripting.html#executing-configuration-scripts
In T5045#144137, @aserkin wrote:
Viacheslav changed the status of T5057: IPoE server incorrect interface regex from In progress to Needs testing.
Viacheslav changed the status of T5058: Extend template filter range_to_regex from In progress to Needs testing.
Viacheslav closed T3443: Deleting VRRP-VIP and adding the same address to physical interface in one commit fails as Not Applicable.
Viacheslav changed the status of T5057: IPoE server incorrect interface regex from Open to In progress.
Mar 6 2023
Mar 6 2023
Viacheslav changed the status of T5055: Firewall - Add packet type matcher (pkttype) from Confirmed to In progress.
PR https://github.com/vyos/vyos-1x/pull/1870
>>> from vyos.template import range_to_regex >>> >>> range_to_regex(['11-12', '14-15']) '(1[1-2]|1[4-5])' >>> >>>
Viacheslav renamed T5058: Extend template filter range_to_regex from Extent template filter range_to_regex to Extend template filter range_to_regex.
Viacheslav changed the status of T5058: Extend template filter range_to_regex from Open to In progress.
Viacheslav changed the subtype of T5058: Extend template filter range_to_regex from "Bug" to "Feature Request".
I created a separate task for it T5057
Viacheslav changed the status of T5056: IPoE server vlan-mon is not working from In progress to Needs testing.
The second bug is interface Regex does not work
Get:
interface=re:eth1\.\d+
Expect:
interface=re:^eth1\.(200\d|20[1-9]\d|2[1-9]\d{2}|3000)$