Resolved, merged PR: https://github.com/vyos/vyos-1x/pull/3508
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
May 23 2024
Difficulty changed to normal to consider one subtlety of xml cache, and add POC for use in (a later version of) the strip-private filter. POC below; some subset of commits may be added to 1.5:
https://github.com/vyos/vyos-1x/compare/current...jestabro:example-property-secret
The idea is feasible for parameters with constraints (like number ranges) defined in the XML, but there are many other cases where human input is necessary. We could give the tool a set of parameters to randomly generate, or a half-complete config with slots to fill in with random values. Worst case, we'd discover new constraints for more rigid templates; best case, we'd have a proper tool for generating corner cases for smoke tests and fuzzing.
Please mark this as resolved
Follow up, I was able to make nat.py throw the error below.
@Viacheslav, same behaviour exists for epa3, I numbered mine 999 so as not to interfere with existing rules.
May 22 2024
@Viacheslav
Happy to dig into this if can assign it to me.
Same issue applies to NAT66, too
In T3493#189273, @Viacheslav wrote:Does 1.5 has the same bug?
Does 1.5 has the same bug?
PR merged: https://github.com/vyos/vyos-1x/pull/3499/
In T5835#188611, @Viacheslav wrote:
In T5835#188605, @Viacheslav wrote:You can still have it in a container easily; as I mentioned, it has never worked since 2021
You do not lose anything.
May 21 2024
PR merged into vyos-utils:
https://github.com/vyos/vyos-utils/pull/20
and backported. The fix has been tested with migration from 1.3.x with settings as suggested by @trae32566
Yes, @c-po that would be a reasonable explanation; the timeout was added for Equuleus by 1.3.4. Without a reporting user to ask; other reports on later version; or further information, I would vote to close ...
The argument would be to relax the url validator regex for compatibility with 1.3: since the plan is to replace this mechanism in 1.5 with something similar to @trae32566 suggestion above (brought up for discussion by @Viacheslav recently), and since it is deprecated/not advised anyway (RFC 3986). The simple change will be made to the validator.