In T6344#188757, @n.fort wrote:Maybe we should create another xml file identical to listen-address.xml.i but without multi option define in line 16.
Feed All Stories
May 17 2024
May 17 2024
Viacheslav added a comment to T6344: multiple ntp listen-address commands not working.
n.fort added a comment to T6344: multiple ntp listen-address commands not working.
Maybe we should create another xml file identical to listen-address.xml.i but without multi option define in line 16.
natali-rs1985 changed the status of T5487: OPENVPN -DEPRECATED OPTION: --cipher from Confirmed to In progress.
n.fort added a comment to T6362: Create a conntrack/translations logger daemon.
Related to https://vyos.dev/T5471 ?
Viacheslav triaged T6360: CGNAT add the ability to exclude (bypass) the translations for specific destinations as Wishlist priority.
HollyGurza added a comment to T6354: Get rid of the custom boot type check in version.py.
natali-rs1985 changed Is it a breaking change? from compatible to syntax on T5487: OPENVPN -DEPRECATED OPTION: --cipher.
Viacheslav closed T6347: CGNAT external pools containing dashes cause Traceback error, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav closed T6351: CGNAT add check if external and internal pools exists, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav closed T6350: CGNAT add op-mode to get current port allocation mapping, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav triaged T6343: Firewall source validation loose end up in complete traffic block on VRF interface as Normal priority.
a.apostoliuk changed the status of T6359: Multicast does not forward after reboot from Open to In progress.
a.apostoliuk changed the status of T6157: Can not create two GRE tunnels to the same DST but from different SRC addresses from In progress to Open.
Viacheslav added a comment to T5835: UPnP port mapping / rule installation fails.
I'd prefer to integrate the Port Control Protocol (PCP) instead.
a.apostoliuk placed T5710: PPPoE-server add option permit any-login up for grabs.
Viacheslav added a comment to T5835: UPnP port mapping / rule installation fails.
You can still have it in a container easily; as I mentioned, it has never worked since 2021
You do not lose anything.
Viacheslav changed the status of T6350: CGNAT add op-mode to get current port allocation mapping, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6350: CGNAT add op-mode to get current port allocation mapping from Open to In progress.
Res added a comment to T5835: UPnP port mapping / rule installation fails.
dylanneild added a comment.Tue, May 14, 8:59 AM
If someone wants, I can probably unearth my patches to 1.4 and miniupnpd to make it all work. It was technically functional and worked as expected. I just don't have the time or patience to deal with getting it merged/integrated back into the project.The only thing I didn't add was a status script to get lease data, but that would be easy enough to create.
I'm AFK for a few days and would have to spin up some cold VMware instances so it'd take me a bit to grab / package up the relevant components.
May 16 2024
May 16 2024
aga added a comment to T6355: Make the strip-private filter obfuscate only passwords and private keys.
I also agree that the "default" stripping-behaviour should definitely be rethought for certain parts of the config. For example: the full public-key gets shown of the wireguard-peers on interfaces.
alainlamar updated the task description for T6320: WiFi: Enable support for 6GHz AccesPoints.
alainlamar updated the task description for T6320: WiFi: Enable support for 6GHz AccesPoints.
Vijayakumar changed the status of T6349: keep all workflows as reusable workflows in global .github and make vyox-1x to use from there, a subtask of T6309: Check code quality with CodeQL, from Open to In progress.
Vijayakumar changed the status of T6349: keep all workflows as reusable workflows in global .github and make vyox-1x to use from there from Open to In progress.
jestabro removed a project from T6149: Update node_data when merging nodes in reference tree generation: VyOS 1.5 Circinus.
jestabro closed T6149: Update node_data when merging nodes in reference tree generation as Resolved.
Viacheslav added a comment to T6350: CGNAT add op-mode to get current port allocation mapping.
PR https://github.com/vyos/vyos-1x/pull/3466
vyos@r4:~$ show nat cgnat allocation Internal IP External IP Port range ------------- --------------- ------------ 100.64.0.0 192.168.122.222 1024-3023 100.64.0.1 192.168.122.222 3024-5023 100.64.0.2 192.168.122.222 5024-7023 100.64.0.3 192.168.122.222 7024-9023 100.64.0.4 192.168.122.222 9024-11023 100.64.0.5 192.168.122.222 11024-13023 100.64.0.6 192.168.122.222 13024-15023 100.64.0.7 192.168.122.222 15024-17023 100.64.0.8 192.168.122.222 17024-19023 100.64.0.9 192.168.122.222 19024-21023 100.64.0.10 192.168.122.222 21024-23023 100.64.0.11 192.168.122.222 23024-25023 100.64.0.12 192.168.122.222 25024-27023 100.64.0.13 192.168.122.222 27024-29023 100.64.0.14 192.168.122.222 29024-31023 100.64.0.15 192.168.122.222 31024-33023 vyos@r4:~$
Viacheslav changed the status of T6351: CGNAT add check if external and internal pools exists, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6351: CGNAT add check if external and internal pools exists from Open to In progress.
PR https://github.com/vyos/vyos-1x/pull/3464
set nat cgnat pool external ext1 external-port-range '1024-65535' set nat cgnat pool external ext1 per-user-limit port '2000' set nat cgnat pool external ext1 range 192.168.122.222/32 set nat cgnat pool internal int1 range '100.64.0.0/28' set nat cgnat rule 10 source pool 'fake-pool' set nat cgnat rule 10 translation pool 'ext1'
Viacheslav updated the task description for T6351: CGNAT add check if external and internal pools exists.
Apachez added a comment to T6353: Disallow setting user password to "vyos" (the default).
I think a warning is better than to block it from being set, specially since the workaround to load it through already existing config still remains.
Viacheslav added a comment to T6347: CGNAT external pools containing dashes cause Traceback error.
Viacheslav changed the status of T6347: CGNAT external pools containing dashes cause Traceback error, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6347: CGNAT external pools containing dashes cause Traceback error from Open to In progress.
natali-rs1985 changed Is it a breaking change? from none to compatible on T6348: SNAT op-mode fails with flowtable offload entries.
natali-rs1985 changed the status of T6348: SNAT op-mode fails with flowtable offload entries from Open to In progress.
Viacheslav triaged T6350: CGNAT add op-mode to get current port allocation mapping as Wishlist priority.
Viacheslav triaged T6349: keep all workflows as reusable workflows in global .github and make vyox-1x to use from there as Normal priority.
Viacheslav updated the task description for T6348: SNAT op-mode fails with flowtable offload entries.
Viacheslav updated the task description for T6348: SNAT op-mode fails with flowtable offload entries.
Viacheslav triaged T6347: CGNAT external pools containing dashes cause Traceback error as Normal priority.
Viacheslav changed the status of T6058: Commit-Archive Save doesn't use https_proxy from Needs reporter action to Open.
modzilla99 added a comment to T6058: Commit-Archive Save doesn't use https_proxy.
sorry for the late reply.You don't need any special commands. The only thing you have to set is the proxy and the commit archive.
Viacheslav added a comment to T6344: multiple ntp listen-address commands not working.
@molocho see the tasks T5301 T5154 and https://chrony-project.org/doc/4.3/chrony.conf.html#bindaddress
Viacheslav triaged T6345: Source NAT Port Mapping setting of Fully-Random is superfluous in Kernels 5.0 onwards as Normal priority.
nvollmar added a comment to T4519: DHCPv6: "set show dhcpv6 server leases" should show DUID instead of IAID_DUID.
IMO it would make sense to show the DUID since that has to be passed for static mappings and is also configured on the client side
c-po moved T6333: non-free-firmware to trixie from Need Triage to Finished on the VyOS 1.5 Circinus board.
c-po moved T6333: non-free-firmware to trixie from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0) board.
c-po added a comment to T6346: Boot to multi-user.target instead of graphical.target.
c-po updated the task description for T6346: Boot to multi-user.target instead of graphical.target.