Note that is is the "--debug" flag that one wants in order to see the full mksquashfs command that is executed.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Sep 25 2023
Sep 25 2023
dmbaturin renamed T3546: Add support for running scripts on PPPoE server session events from Add pppoe-server CLI custom script feature to Add support for running scripts on PPPoE server session events.
dmbaturin set Issue type to feature on T3546: Add support for running scripts on PPPoE server session events.
dmbaturin renamed T5526: Clarify the error message when trying to set an interface as a BGP peer group using the wrong syntax from BGP peer-group - don't support add interfaces over peer neigborhs to Clarify the error message when trying to set an interface as a BGP peer group using the wrong syntax.
Sep 24 2023
Sep 24 2023
@stingalleman As mentioned above (and confirmed in discussions earlier this week), we've had few if any reports of issues with the udev approach, so we would be very interested to hear details of your case.
Not sure what to do on this one. The firewall is depending on conntrack module, which updates the conntrack related sysctls. It'd be the same if someone defines custom sysctls used by other conf scripts.
When will this bug be fixed? I am having a lot of issues with this.
Apachez closed T5511: Cleanup of unused directories (and files) in order to shrink image-size as Resolved.
Verified to be working as expected.
@jestabro I havent verified it yet but then perhaps the buildscript for VyOS should be altered to include --verbose?
Verified through smoketests.
sarthurdev changed the status of T5614: Add conntrack helper matching on firewall from Open to In progress.
Apachez closed T5604: List of debian archives is out of date (non-free-firmware is missing) as Resolved.
Apachez added a comment to T5604: List of debian archives is out of date (non-free-firmware is missing).
Verified through smoketests.
sarthurdev changed the status of T5606: IPSec VPN: Allow multiple CAs certificates from In progress to Needs testing.
sarthurdev moved T5606: IPSec VPN: Allow multiple CAs certificates from Need Triage to In Progress on the VyOS 1.5 Circinus board.
sarthurdev changed the status of T5606: IPSec VPN: Allow multiple CAs certificates from Open to In progress.
PR removing zone-policy op-mode: https://github.com/vyos/vyos-1x/pull/2304
sarthurdev changed the status of T5376: Conntrack FTP helper does not work properly from Confirmed to Needs testing.
sarthurdev changed the status of T5598: unknown parameter 'nf_conntrack_helper' ignored from Confirmed to Needs testing.
indrajitr updated the task description for T5612: Miscellaneous improvements and fixes for dynamic DNS configuration.
Sep 23 2023
Sep 23 2023
Viacheslav added a parent task for T2115: VyOS Docker container not load config: T5613: VyOS in container bugs.
Viacheslav added a subtask for T5613: VyOS in container bugs: T2115: VyOS Docker container not load config.
Viacheslav changed the status of T5604: List of debian archives is out of date (non-free-firmware is missing) from Open to Needs testing.
Sep 22 2023
Sep 22 2023
indrajitr triaged T5612: Miscellaneous improvements and fixes for dynamic DNS configuration as Normal priority.
Op-mode command reduce
PR https://github.com/vyos/vyos-1x/pull/2302
vyos@r4:~$ show conf com | match firew set firewall ipv4 input filter default-action 'accept' set firewall ipv4 input filter rule 1 action 'accept' set firewall ipv4 input filter rule 1 description 'Allow loopback' set firewall ipv4 input filter rule 1 inbound-interface interface-name 'lo' set firewall ipv4 input filter rule 1 source address '127.0.0.0/8' set firewall ipv4 input filter rule 2 action 'accept' set firewall ipv4 input filter rule 2 description 'Allow established/related' set firewall ipv4 input filter rule 2 state established 'enable' set firewall ipv4 input filter rule 2 state related 'enable' set firewall ipv4 input filter rule 60 action 'accept' set firewall ipv4 input filter rule 60 description 'Allow SSH from trusted networks' set firewall ipv4 input filter rule 60 destination port '22' set firewall ipv4 input filter rule 60 protocol 'tcp' set firewall ipv4 input filter rule 10000 action 'drop' set firewall ipv4 input filter rule 10000 description 'Drop everything else' vyos@r4:~$ vyos@r4:~$ produce firewall rule-resequence start 10 step 10
jestabro moved T5607: Adjust RAID smoketest for non-deterministic SCSI device probing from Need Triage to Finished on the VyOS 1.4 Sagitta board.
jestabro moved T5608: Rewrite add/delete raid member to Python and remove from vyatta-op from Need Triage to Finished on the VyOS 1.4 Sagitta board.
jestabro closed T5608: Rewrite add/delete raid member to Python and remove from vyatta-op as Resolved.
jestabro closed T5608: Rewrite add/delete raid member to Python and remove from vyatta-op, a subtask of T5609: Add util to get drive device name from id, as Resolved.
jestabro moved T5609: Add util to get drive device name from id from Need Triage to Finished on the VyOS 1.4 Sagitta board.
jestabro closed T5609: Add util to get drive device name from id, a subtask of T5607: Adjust RAID smoketest for non-deterministic SCSI device probing, as Resolved.
Sep 21 2023
Sep 21 2023
indrajitr updated the task description for T5574: Support per-service cache management for dynamic dns providers.
The quickfix is to add a space for your paths so something that looks like /usr/local/bin if cloudflare blocks that you just add a space after the first / and the WAF is bypassed.
Viacheslav moved T5576: Add bgp remove-private-as all option from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T5576: Add bgp remove-private-as all option from Need Triage to Finished on the VyOS 1.5 Circinus board.
n.fort changed the status of T5594: VRRP - Error if using IPv6 Link Local as hello source address from In progress to Needs testing.
sarthurdev changed the status of T5376: Conntrack FTP helper does not work properly from Open to Confirmed.
sarthurdev changed the status of T5598: unknown parameter 'nf_conntrack_helper' ignored from Open to Confirmed.
This is likely also the issue causing T5376
Viacheslav moved T5590: Firewall "log enable" logs every packet from Need Triage to Finished on the VyOS 1.5 Circinus board.
Sep 20 2023
Sep 20 2023
Great, Thanks!
jestabro triaged T5608: Rewrite add/delete raid member to Python and remove from vyatta-op as Normal priority.
jestabro triaged T5607: Adjust RAID smoketest for non-deterministic SCSI device probing as Normal priority.
Oops, sorry about that!
@Apachez It is not FQDN based
Should I ask this to you.
In T5601#160566, @vvinci00 wrote:Hello,
I need to reverse proxy TCP traffic.
the traffic is not HTTP/HTTPS
Apachez added a comment to T5604: List of debian archives is out of date (non-free-firmware is missing).
PR created: https://github.com/vyos/vyos-build/pull/418
Contact our sales or ask forum
It's possible to use VyOS as reverse proxy on TCP traffic (not HTTP)?
if yes, what configuration it's necessary?
if not, do you know any solutions that can help me?
In T5601#160566, @vvinci00 wrote:Hello,
I need to reverse proxy TCP traffic.
the traffic is not HTTP/HTTPS
I need to reverse proxy TCP traffic.
the traffic is not HTTP/HTTPS
dmbaturin closed T5271: Add support for peer-fingerprint to OpenVPN, a subtask of T5269: OpenVPN non-TLS site-to-site mode deprecation, as Resolved.
Viacheslav moved T5241: Support veth interfaces to working with netns from Need Triage to Finished on the VyOS 1.5 Circinus board.
Viacheslav moved T5241: Support veth interfaces to working with netns from Finished to Backlog on the VyOS 1.4 Sagitta board.
Viacheslav closed T5238: interface virtual-etherne - error when it doesn't use a peer , a subtask of T3829: Support separated TCP/IP stack via "ip netns", as Resolved.
set netns name mgmt
set interfaces virtual-ethernet veth1 address '10.0.0.0/31'
set interfaces virtual-ethernet veth1 peer-name 'veth10'
set interfaces virtual-ethernet veth10 address '10.0.0.1/31'
set interfaces virtual-ethernet veth10 netns 'mgmt'
set interfaces virtual-ethernet veth10 peer-name 'veth1'
Viacheslav closed T5241: Support veth interfaces to working with netns, a subtask of T3829: Support separated TCP/IP stack via "ip netns", as Resolved.
PR https://github.com/vyos/vyos-1x/pull/2295
set system sysctl parameter net.ipv4.tcp_syncookies value '1' set system sysctl parameter net.ipv4.tcp_timestamps value '1'
dmbaturin updated the task description for T5605: Do not generate keysize option in OpenVPN configs.
Viacheslav changed the status of T5602: For reverse-proxy type of load-balancing feature, support "backup" option in backends configuration from Open to In progress.
Viacheslav renamed T5599: Firewall unexpectedly changes some sysctl options from Firwall unexpectedly changes some sysctl options to Firewall unexpectedly changes some sysctl options.