- Error in show firewall group:
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Aug 31 2023
Aug 31 2023
Viacheslav added a project to T5533: Keepalived VRRP IPv6 group enters in FAULT state : VyOS 1.3 Equuleus (1.3.5).
Apachez changed the status of T5513: Anomalies in show firewall command after refactoring from Needs testing to Open.
Viacheslav updated the task description for T5532: After add system image the boot stuck and works again after the second reboot.
Apachez added a comment to T5532: After add system image the boot stuck and works again after the second reboot.
I can confirm that I experienced the same thing with update to VyOS 1.4-rolling-202308310021.
I assume backports will be used once VyOS 1.3.4 gets compiled?
Viacheslav renamed T5532: After add system image the boot stuck and works again after the second reboot from After add system image the boot stack and works again after the second reboot to After add system image the boot stuck and works again after the second reboot.
Viacheslav renamed T5532: After add system image the boot stuck and works again after the second reboot from Afterf add system image the boot stack to After add system image the boot stack and works again after the second reboot.
Viacheslav updated the task description for T5532: After add system image the boot stuck and works again after the second reboot.
sarthurdev changed the status of T4782: Allow multiple CA certificates (on e.g. EAPoL) from In progress to Needs testing.
Viacheslav moved T4874: Add Warning message to Equuleus from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
unity closed T5525: Change dev.packages.vyos.net repo to rolling-packages.vyos.net vyos-build:current uses as Resolved.
PR is merged
Viacheslav moved T5140: Firewall network-group problems from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
Fixed VyOS 1.3-stable-202308240442
vyos@r1# set firewall group network-group NG network 198.51.100.0/24 [edit] vyos@r1# commit [edit] vyos@r1# set firewall group network-group NG network 198.51.100.99/32 [edit] vyos@r1# commit [edit] vyos@r1#
Viacheslav edited projects for T5190: Cloud-Init cannot fetch Meta-data on machines where the main Ethernet interface is not eth0, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).
Viacheslav added a comment to T5526: Clarify the error message when trying to set an interface as a BGP peer group using the wrong syntax.
If you use interface as a peer, you have to use interface peer-group
in FRR
r1(config-router)# neighbor eth1 interface peer-group
VyOS
vyos@r1# set protocols bgp 65001 neighbor eth1 interface peer-group Possible completions: <text> peer group for this peer
Aug 30 2023
Aug 30 2023
sarthurdev changed the status of T4782: Allow multiple CA certificates (on e.g. EAPoL) from Confirmed to In progress.
I did some modification to fix this problem.
https://github.com/vyos/vyos-build/pull/386
Adding geo-ip and fqnd too:
https://github.com/vyos/vyos-1x/pull/2188
@csszep Yes it is expected, IPv6 has no sysctl and requires the nftables rule to function. The nftables execution is slightly slower, so there's no benefit to change it for IPv4.
jestabro moved T1764: Use lists instead of whitespace-separated strings in vyos.config from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.
jestabro closed T1764: Use lists instead of whitespace-separated strings in vyos.config as Resolved.
This was resolved, and present in 1.3.0.
jestabro added a comment to T4295: Use config_tree instead of legacy loadFile in vyos-load-config.py.
This is superseded by T5528.
Viacheslav edited projects for T4933: Malformed lines cause vyos.util.colon_separated_to_dict fail with a nondescript error, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).
jestabro closed T5520: Likely source of corruption on system update exposed by change in coreutils for Bookworm, a subtask of T5267: Another corruption on upgrade, as Resolved.
jestabro added a comment to T5520: Likely source of corruption on system update exposed by change in coreutils for Bookworm.
This possible corruption on system update is resolved in the commit; further investigation of the effect of coreutils behavior change will be in subtask T5527.
fernando changed the status of T5526: Clarify the error message when trying to set an interface as a BGP peer group using the wrong syntax from Open to Confirmed.
unity changed the status of T5525: Change dev.packages.vyos.net repo to rolling-packages.vyos.net vyos-build:current uses from Open to In progress.
PR is created https://github.com/vyos/vyos-build/pull/385
Viacheslav moved T4475: route-map does not support ipv6 peer from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
Viacheslav moved T5221: BGP as-override behavior differs from new FRR and other vendors from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
Viacheslav closed T5221: BGP as-override behavior differs from new FRR and other vendors as Resolved.
Viacheslav removed a project from T5378: Request for clearing single entry multicast route: VyOS 1.3 Equuleus (1.3.5).
Viacheslav added a comment to T4933: Malformed lines cause vyos.util.colon_separated_to_dict fail with a nondescript error.
Cherry-pick for 1.3.4 https://github.com/vyos/vyos-1x/pull/2187
Viacheslav removed a project from T4930: Allow WireGuard peers via DNS hostname: VyOS 1.3 Equuleus (1.3.5).
Viacheslav moved T4790: RADIUS login does not work if sum of timeouts more than 50s from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
It cannot reproduce in the current 1.3 VyOS 1.3-stable-202308240442
vyos@r1:~$ sudo sysctl -a | grep send_redire net.ipv4.conf.all.send_redirects = 1 net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.dum0.send_redirects = 0 net.ipv4.conf.eth0.send_redirects = 0 net.ipv4.conf.eth1.send_redirects = 0 net.ipv4.conf.eth2.send_redirects = 0 net.ipv4.conf.eth3.send_redirects = 0 net.ipv4.conf.eth4.send_redirects = 0 net.ipv4.conf.eth5.send_redirects = 0 net.ipv4.conf.eth6.send_redirects = 0 net.ipv4.conf.lo.send_redirects = 1 vyos@r1:~$ vyos@r1:~$ vyos@r1:~$ reboot now
It could be added the same way https://github.com/vyos/vyatta-cfg-quagga/commit/db2f0bbeb375e0d568ef4740bad2b50690cd8644 (if required)
If not, just close it. Already have in 1.4
This also affects latest rolling release as of 1.4-rolling-202308240020 which is available @vyos.io
Viacheslav changed the status of T4726: Add completion and validation for the accel-ppp RADIUS vendor option from Open to Needs testing.
Viacheslav closed T4688: Add support for customizing packet verdict actions in limiter traffic policy as Wontfix.
We won't extend the old Perl code anymore (for 1.3.x) https://github.com/vyos/vyatta-cfg-qos/pull/19
Implemented for 1.4
n.fort changed the status of T5513: Anomalies in show firewall command after refactoring from Open to Needs testing.
n.fort changed the status of T5250: Firewall - show firewall group from In progress to Needs testing.
Fixed on this op-mode commands were introduced on PR https://github.com/vyos/vyos-1x/pull/2186
Corrections and improvements were applied. Please check on next rolling release
Viacheslav edited projects for T4530: Need MTU warning when CCP is on, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
Provide some logs and examples of configuration.
Do you use SNMP?
PR for 1.3.4 https://github.com/vyos/vyatta-cfg-quagga/pull/101
Works fine VyOS 1.3-stable-202308240442
vyos@r1# run generate wireguard client-config c1 interface wg0 server 203.0.113.1 address 10.0.0.2/32
Viacheslav changed the status of T4520: Incorrect addresses returned with interaction of static /etc/hosts with DNS64 from Open to Needs testing.
Viacheslav added a comment to T4520: Incorrect addresses returned with interaction of static /etc/hosts with DNS64.
@dsummers Could you re-check? Should be fixed in https://github.com/PowerDNS/pdns/pull/12203
Viacheslav edited projects for T4519: DHCPv6: "set show dhcpv6 server leases" should show DUID instead of IAID_DUID, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
We didn't get the requested information.
Reopen it if it is required with steps to reproduce and some output.
Viacheslav changed the subtype of T4096: Add a flavor field to the image and check flavor compatibility on upgrade from "Task" to "Feature Request".
Viacheslav edited projects for T4091: Progress bar support for HTTP uploads, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
Viacheslav removed a project from T4125: Feature Request: bridge STP BPDU translation: VyOS 1.3 Equuleus (1.3.5).
Implemented, checked in VyOS 1.3-stable-202308240442
vyos@r1# set policy local-route Possible completions: > local-route IPv4 policy route of local traffic > local-route6 IPv6 policy route of local traffic
@Rhongomiant could you re-check it? Clear conntrack table between tests
Viacheslav closed T4271: bgp: show ipv6 bgp summary doesn't display neighbor information as Invalid.
Viacheslav closed T4306: Do not check for ditry repository when building release images as Resolved.
Not reproduced
Reopen it with instance details if required
Viacheslav changed the status of T4402: OpenVPN client-ip-pool option is broken from Open to Needs testing.
Should be fixed, needs testing.