@Apachez I would need this feature in another feature (https://vyos.dev/T6040) to avoid a double implementation.
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Feb 13 2024
Feb 13 2024
adestis added a comment to T5493: Add capability to use local and external dynamic-lists for firewall rules but also for various policies such as access-list, route-maps etc..
Viacheslav changed the status of T5064: Value validation for domain-groups seems to be broken from Open to In progress.
Viacheslav changed the status of T5359: VyOS user/pass remains in config, a subtask of T5907: cloud-init root task for 1.5 and 1.4 , from Open to Needs reporter action.
Viacheslav changed the status of T5359: VyOS user/pass remains in config from Open to Needs reporter action.
@greywolfe Any update?
Viacheslav changed the status of T5376: Conntrack FTP helper does not work properly from Needs testing to Needs reporter action.
@svd135 Can you recheck?
@twan Could you try with the 1.4-rc3 image?
Viacheslav changed the subtype of T6040: Implement a firewall blacklisting solution from "Task" to "Feature Request".
Viacheslav changed the status of T5482: Chrony NTP Server Fails To Sync Time from Open to Needs reporter action.
@dcplaya provide the whole configuration to reproduce or close the task if the reason is firewall incorrect configuration.
Viacheslav changed the status of T5930: vrf - route-leak not work using route-target both command. from In progress to Needs testing.
sarthurdev changed the status of T5992: DHCP: show dhcp server leases not showing all leases from In progress to Needs testing.
sarthurdev removed a project from T2737: DHCP Lease not displayed with a static map: VyOS 1.5 Circinus.
Not an issue on 1.5 with Kea.
GitHub <noreply@github.com> committed rVYOSONEX0732e89d561f: Merge pull request #2988 from c-po/pki-rpki-t6034 (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX87ddb8c5e89a: Merge pull request #2997 from sarthurdev/T5993 (authored by c-po).
Feb 12 2024
Feb 12 2024
sarthurdev changed the status of T5992: DHCP: show dhcp server leases not showing all leases from Confirmed to In progress.
sarthurdev moved T5952: DHCP allow same MAC Address on same subnet from Open to Finished on the VyOS 1.4 Sagitta board.
sarthurdev moved T5993: DHCP6: no leases are created unless specifying a "interface" on the zone from Open to In Progress on the VyOS 1.5 Circinus board.
sarthurdev edited projects for T5993: DHCP6: no leases are created unless specifying a "interface" on the zone, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
sarthurdev changed the status of T5993: DHCP6: no leases are created unless specifying a "interface" on the zone from In progress to Needs testing.
sarthurdev changed the status of T5993: DHCP6: no leases are created unless specifying a "interface" on the zone from Confirmed to In progress.
jestabro edited a custom field on T5996: Incorrect behavior for backslash escapes in config save and compare commands.
jestabro added a comment to T5996: Incorrect behavior for backslash escapes in config save and compare commands.
This turns out to be non-trivial, due to the interaction between legacy and modern behavior; nonetheless, a simple preliminary fix is in testing, and the task will be updated with the details when the PR is complete.
GitHub <noreply@github.com> committed rVYOSONEX6f64847213a0: Merge pull request #2996 from vyos/mergify/bp/sagitta/pr-2993 (authored by c-po).
c-po closed T5849: Add SRv6 route commands, a subtask of T5788: frr: update to 9.1 release, as Resolved.
c-po moved T6010: Support setting multiple values in BGP path-attribute from In Progress to Finished on the VyOS 1.4 Sagitta board.
c-po closed T6004: Missing RPKI boot priority prevents it from loading, a subtask of T5938: Migration fail root task for 1.4-rc, as Resolved.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX61c7202b11d0: ipsec: T5981: Strip '@' from migrated peer name (authored by sarthurdev).
GitHub <noreply@github.com> committed rVYOSONEXfe9147623c9f: Merge pull request #2993 from sarthurdev/T5981 (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX939e06bcab7d: Merge pull request #2995 from vyos/mergify/bp/sagitta/pr-2994 (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXe021dee485fb: init: T2044: fix "binary operator expected" when two or more RPKI caches are… (authored by c-po).
c-po moved T6032: bgp: add EVPN MAC-VRF Site-of-Origin support from Open to In Progress on the VyOS 1.4 Sagitta board.
c-po moved T6032: bgp: add EVPN MAC-VRF Site-of-Origin support from Open to Finished on the VyOS 1.5 Circinus board.
GitHub <noreply@github.com> committed rVYOSONEX69a0fa708654: Merge pull request #2994 from c-po/init-T2044 (authored by c-po).
sarthurdev added a comment to T5993: DHCP6: no leases are created unless specifying a "interface" on the zone.
This does seem to be new behaviour introduced with Kea. ISC dhcpd did previously assume local distribution of a subnet based on the interface having an address within the subnet, Kea has changed to require this being explicitly defined.
sarthurdev moved T5981: IPsec site-to-site migrated PKI ca certificates are created with an '@' from Open to In Progress on the VyOS 1.5 Circinus board.
sarthurdev changed the status of T5981: IPsec site-to-site migrated PKI ca certificates are created with an '@' from Open to Needs testing.
sarthurdev changed the status of T3771: DHCPv6 server prefix delegation - dynamically add route to delegated prefix via requesting router from In progress to Needs testing.
I'm thinking end of the day an integrated learn address script that can update vyos's forwarder or any of the upstream DNS its using, and then calling learn-address on each client learned in the openvpn is the ideal way to do it since learn-address is built into openvpn
Here is a redacted version
Viacheslav triaged T6037: QoS policy limiter without specified class selector error as Normal priority.
Viacheslav updated the task description for T6037: QoS policy limiter without specified class selector error.
@evilmog Can you provide the OpenVPN/other configuration to achieve what you want?
n.fort changed the status of T6019: Bump nftables and libnftnl version from In progress to Needs testing.
n.fort changed the status of T6009: Firewall - Time not working properly when not using UTC from In progress to Needs testing.
Viacheslav changed the status of T1317: OpenVPN configuration fails if it depends on another interface. from In progress to Needs reporter action.
Wait two weeks before closing.
@mb300sd Let us know if it is fixed.
GitHub <noreply@github.com> committed rVYOSONEX2291f78ed31a: Merge pull request #2992 from vyos/mergify/bp/sagitta/pr-2991 (authored by dmbaturin).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXcc0f08c94b9e: T6019: fix smoketest after upgrading nftables and libnftnl packages. (authored by n.fort).
GitHub <noreply@github.com> committed rVYOSONEX19df28989d72: Merge pull request #2991 from nicolas-fort/T6019 (authored by c-po).
Viacheslav triaged T6035: random-detect QoS policies cause commit failures due to a missing tc parameter (avpkt) as Normal priority.
Viacheslav moved T3843: l2tp configuration not cleared after delete from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T3843: l2tp configuration not cleared after delete from Open to Finished on the VyOS 1.5 Circinus board.
It cannot be backported to 1.3 as there are no config-mode-dependencies
Viacheslav added a comment to T2505: XCP-ng packet drops for small packets (e.g. icmp) under Xen and AWS.
There have been no reports since 2021
PR for fix in vyos-build: https://github.com/vyos/vyos-build/pull/501
PR for smoketest (modified because of change in build): https://github.com/vyos/vyos-1x/pull/2991
PR for fix in vyos-build: https://github.com/vyos/vyos-build/pull/501
PR for smoketest (modified because of change in build): https://github.com/vyos/vyos-1x/pull/2991
Sonicbx added a comment to T2505: XCP-ng packet drops for small packets (e.g. icmp) under Xen and AWS.
What is the resolution? How was it resolved? @Viacheslav
HollyGurza changed the status of T6020: VRRP health-check script is not applied correctly in keepalived.conf from Open to In progress.
dmbaturin changed the edit policy for T6020: VRRP health-check script is not applied correctly in keepalived.conf.
Viacheslav moved T5926: IPSEC does not apply after l2tp configuration was changed from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T5926: IPSEC does not apply after l2tp configuration was changed from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav edited projects for T4393: sstp: add support for configuring host-name (SNI), added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
@TheSin- we also need this feature because our old blacklisting implementation is no longer working since the new nft implementation replaces sets after changes in the config.
So we have to go the official way and I just stumbled over your feature request when I started to make my own implementation.
Even when I have not implemented any core parts for VyOS yet, I offer my help with the implementation of this feature.
Viacheslav reopened T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled as "Open".
Feb 12 2024, 9:45 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Viacheslav closed T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled as Resolved.
Feb 12 2024, 9:44 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Viacheslav closed T1941: Config mismatch with FRR on misconfiguration of V6 peer, a subtask of T2174: Rewrite protocol BGP to new XML/Python style, as Wontfix.