- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Aug 21 2024
Aug 21 2024
Viacheslav triaged T6671: Confid dependency works incorrectly for conntrack and conntrack-sync as High priority.
Aug 20 2024
Aug 20 2024
Viacheslav triaged T6667: Problems with simultaneous usage of multiple `vtysh` processes as High priority.
Viacheslav changed the status of T5743: HTTPS API ability to import PKI certificates from In progress to Needs testing.
Aug 19 2024
Aug 19 2024
Viacheslav removed a project from T6651: Add a top level op mode word "execute": VyOS 1.4 Sagitta (1.4.1).
Aug 16 2024
Aug 16 2024
Viacheslav changed the status of T6655: udp-broadcast-relay has incorrect tag from Open to In progress.
Viacheslav moved T4871: show pki output indentation issues from Backlog to Finished on the VyOS 1.4 Sagitta (1.4.1) board.
@natali-rs1985 thanks for testing!
Aug 15 2024
Aug 15 2024
Viacheslav triaged T6657: TACACS+ enhancements by adding Authorization and Accounting functionalities as Normal priority.
Viacheslav added a project to T6651: Add a top level op mode word "execute": VyOS 1.4 Sagitta (1.4.1).
Viacheslav changed the status of T6646: 1.3.8 to 1.4.0 config migration fails due to conntrack ignore rule from In progress to Needs testing.
Viacheslav changed the status of T6646: 1.3.8 to 1.4.0 config migration fails due to conntrack ignore rule, a subtask of T5938: Migration fail root task for 1.4-rc, from In progress to Needs testing.
Viacheslav moved T6335: Add/update EVPN op commands from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-GA) board.
Aug 14 2024
Aug 14 2024
Aug 13 2024
Aug 13 2024
Viacheslav added a project to T6177: Intel QAT causes CPU runaway/stall with ipsec VPN: VyOS 1.4 Sagitta (1.4.1).
Viacheslav added a comment to T6526: hardware flowtables not working on supposedly supported hardware.
Needs to add a bug report to netfilter https://bugzilla.netfilter.org/
Aug 12 2024
Aug 12 2024
Viacheslav moved T6643: IP Address range in firewall rules throws error from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav edited projects for T6643: IP Address range in firewall rules throws error, added: VyOS Rolling, VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.1); removed vyatta-cfg-firewall.
Viacheslav moved T6555: Add server-bridge options to OpenVPN server from Open to Finished on the VyOS 1.5 Circinus board.
Aug 9 2024
Aug 9 2024
Viacheslav changed the status of T6555: Add server-bridge options to OpenVPN server from In progress to Needs testing.
Viacheslav changed the status of T6643: IP Address range in firewall rules throws error from Open to Confirmed.
table ip vyos_filter {Aug 8 2024
Aug 8 2024
Viacheslav moved T6623: Command `protocols static multicast` does not have any effect from In Progress to Finished on the VyOS 1.5 Circinus board.
Aug 7 2024
Aug 7 2024
Viacheslav lowered the priority of T6641: Show command for interface messages from Normal to Wishlist.
Aug 6 2024
Aug 6 2024
Viacheslav triaged T6636: Show log firewall not printing logs for default-actions for custom ruleset as Normal priority.
1.4 is not affected
vyos@r15:~$ show version all | match podman
ii podman 4.9.5 amd64 Engine to run OCI-based containers in Pods
vyos@r15:~$
vyos@r15:~$
vyos@r15:~$ show container image
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/vyos-flowspec-netfilter 1.0 2b8b95eddb07 2 weeks ago 91.5 MB
docker.io/adguard/adguardhome v0.107.52 6543abecfa41 4 weeks ago 71.4 MB
vyos@r15:~$
vyos@r15:~$
vyos@r15:~$ cat /etc/containers/policy.json
{
"default": [
{
"type": "insecureAcceptAnything"
}
]
}
vyos@r15:~$
vyos@r15:~$
vyos@r15:~$ show version
Version: VyOS 1.4-rolling-202408051021
Release train: sagitta
Release flavor: isoViacheslav triaged T6638: QoS CAKE config with PPPoE interface does not load after reboot as Normal priority.
Aug 5 2024
Aug 5 2024
Viacheslav added a comment to T4600: Closing IPV6CP by client closes PPPoE link completely, even if IPv6 is optional.
@marekm Create please the PR to the correct repo https://github.com/accel-ppp/accel-ppp
It looks good.
Aug 2 2024
Aug 2 2024
Viacheslav moved T6486: Generate openvpn client-config ignores configured protocol type from Backlog to Finished on the VyOS 1.4 Sagitta (1.4.1) board.
Viacheslav moved T6486: Generate openvpn client-config ignores configured protocol type from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav closed T6486: Generate openvpn client-config ignores configured protocol type as Resolved.
Viacheslav changed the status of T6618: ipsec: remote access VPN: "generate ipsec profile windows-remote-access" broken from In progress to Needs testing.
Viacheslav changed the status of T6617: ipsec: remote access VPN: "generate ipsec profile ios-remote-access" wrong profile for x509 auth from In progress to Needs testing.
Viacheslav changed the status of T5487: OPENVPN -DEPRECATED OPTION: --cipher from Unknown Status to Resolved.
With these changes https://github.com/vyos/vyos-1x/commit/253bf34371173e3cdd4871c18148ed75c3fa0832
vyos@server:~$ show dhcpv6 server leases
Traceback (most recent call last):
File "/usr/libexec/vyos/op_mode/dhcp.py", line 438, in <module>
res = vyos.opmode.run(sys.modules[__name__])
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/opmode.py", line 263, in run
res = func(**args)
^^^^^^^^^^^^
File "/usr/libexec/vyos/op_mode/dhcp.py", line 265, in _wrapper
return func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/libexec/vyos/op_mode/dhcp.py", line 322, in show_server_leases
return _get_formatted_server_leases(lease_data, family=family)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/libexec/vyos/op_mode/dhcp.py", line 175, in _get_formatted_server_leases
end = _utc_to_local(end).strftime('%Y/%m/%d %H:%M:%S')
^^^^^^^^^^^^^^^^^^
File "/usr/libexec/vyos/op_mode/dhcp.py", line 47, in _utc_to_local
return datetime.fromtimestamp((datetime.fromtimestamp(utc_dt) - datetime(1970, 1, 1)).total_seconds())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: 'NoneType' object cannot be interpreted as an integer
vyos@server:~$Viacheslav renamed T6625: Firewall group size limit API from Firewall group size limit to Firewall group size limit API.
Aug 1 2024
Aug 1 2024
Viacheslav changed the status of T6611: Request Shoretel Server Option in DHCP from Open to In progress.
Viacheslav changed the status of T3334: Changing serial settings from a serial console ends session abruptly from Open to Needs testing.
How much RAM does this server have?
Do you have an example of the log when it fails? Which exact messages do you see?
Request to drop privileges https://support.zabbix.com/browse/ZBXNEXT-9380
Jul 31 2024
Jul 31 2024
There are issues with cgroups when enabling VRF
$ git diff diff --git a/data/templates/zabbix-agent/10-override.conf.j2 b/data/templates/zabbix-agent/10-override.conf.j2 index 7c296e8fd..0acf775be 100644 --- a/data/templates/zabbix-agent/10-override.conf.j2 +++ b/data/templates/zabbix-agent/10-override.conf.j2 @@ -1,3 +1,4 @@ +{% set zabbix_command = 'ip vrf exec ' ~ vrf ~ ' ' if vrf is vyos_defined else '' %} [Unit] After= After=vyos-router.service @@ -7,7 +8,9 @@ ConditionPathExists=/run/zabbix/zabbix-agent2.conf [Service] EnvironmentFile= ExecStart= -ExecStart=/usr/sbin/zabbix_agent2 --config /run/zabbix/zabbix-agent2.conf --foreground +ExecStart={{ zabbix_command }}/usr/sbin/zabbix_agent2 --config /run/zabbix/zabbix-agent2.conf --foreground +CapabilityBoundingSet=CAP_NET_ADMIN CAP_SYS_ADMIN CAP_SYS_RESOURCE CAP_BPF CAP_DAC_OVERRIDE CAP_FOWNER +AmbientCapabilities=CAP_NET_ADMIN CAP_SYS_ADMIN CAP_SYS_RESOURCE CAP_BPF CAP_DAC_OVERRIDE CAP_FOWNER WorkingDirectory= WorkingDirectory=/run/zabbix Restart=always diff --git a/interface-definitions/service_monitoring_zabbix-agent.xml.in b/interface-definitions/service_monitoring_zabbix-agent.xml.in index 3754e9145..e44b31312 100644 --- a/interface-definitions/service_monitoring_zabbix-agent.xml.in +++ b/interface-definitions/service_monitoring_zabbix-agent.xml.in @@ -185,6 +185,7 @@ </properties> <defaultValue>3</defaultValue> </leafNode> + #include <include/interface/vrf.xml.i> </children> </node> </children>
Viacheslav triaged T6624: service suricata address-groups cannot be used in each other as Low priority.
Jul 30 2024
Jul 30 2024
Viacheslav edited projects for T5153: OpenConnect route restriction via iptables is ignored, added: VyOS Rolling; removed VyOS 1.3 Equuleus (1.3.8).
Viacheslav changed the status of T6231: Vendor Drivers for NVidia (Mellanox) Adapters from Open to Needs testing.
Can someone test/check if it works as expected?
Viacheslav moved T6313: Add "NAT" to "generate" command for rule resequence from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav added a project to T6313: Add "NAT" to "generate" command for rule resequence: VyOS 1.4 Sagitta (1.4.1).
Viacheslav changed the status of T6313: Add "NAT" to "generate" command for rule resequence from Open to Needs testing.
Jul 28 2024
Jul 28 2024
Viacheslav changed the status of T6148: Reset vpn ipsec command breaks tunnel and does not reset SAs that are down from In progress to Needs testing.
Viacheslav changed the status of T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic from In progress to Needs testing.
Viacheslav triaged T6613: VyOS local system users TACACS+ authorization requests do not work correctly as Normal priority.
Viacheslav closed T6615: Update build documentation to include infomation & reference to the closer of LTS package repos. as Invalid.
Tasks are not required for the documentation changes.
Jul 28 2024, 10:48 AM · Restricted Project
Jul 26 2024
Jul 26 2024
Viacheslav added a project to T6505: Support VXLAN VLAN-VNI range mapping in CLI: VyOS 1.4 Sagitta (1.4.1).
Could you close the task?
Thanks
Viacheslav moved T6594: IPoE-server extended-scripts do not work from Backlog to Finished on the VyOS 1.4 Sagitta (1.4.1) board.
Viacheslav added a project to T6594: IPoE-server extended-scripts do not work: VyOS 1.4 Sagitta (1.4.1).
Jul 25 2024
Jul 25 2024
Can you close the task if it is finished?