Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Oct 31 2021

c-po renamed T3943: "netflow source-ip" prevents image upgrades if IP address does not exist locally from VyOS 1.2.7 upgrade to 1.3.0-epa2 config error if flow-accounting is set to "netflow source-ip" prevents image upgrades if IP address does not exist locally.
Oct 31 2021, 1:44 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3)
c-po moved T3943: "netflow source-ip" prevents image upgrades if IP address does not exist locally from Open to Finished on the VyOS 1.4 Sagitta board.
Oct 31 2021, 1:43 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3)
c-po moved T3943: "netflow source-ip" prevents image upgrades if IP address does not exist locally from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa3) board.
Oct 31 2021, 1:43 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3)
c-po committed rVYOSONEX893dd69d975c: netflow: T3953: use warning if "netflow source-ip" does not exist instead of….
Oct 31 2021, 1:43 PM
c-po committed rVYOSONEX17215846b512: netflow: T3953: use warning if "netflow source-ip" does not exist instead of….
Oct 31 2021, 1:43 PM
c-po closed T3954: FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error as Resolved.
Oct 31 2021, 1:37 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
Viacheslav moved T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.9) board.
Oct 31 2021, 1:22 PM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus (1.3.0-epa3)
Viacheslav closed T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command as Resolved.
Oct 31 2021, 1:22 PM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus (1.3.0-epa3)
Viacheslav added a comment to T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command.

PR for crux https://github.com/vyos/vyatta-op-vpn/pull/29

Oct 31 2021, 1:10 PM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus (1.3.0-epa3)
Kim Hagen <kim@sentrium.io> committed rVYOSONEX02b6370c3cd1: more 2fa changes.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX6748dbe0100c: add part 2fa.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX415e572dfba7: openvpn: T3736: openvpn-option keeps and adds double dashes (--).
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX04e87d5a5974: update 2fa qr generation and user creation procedure.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEXfa101ed0e160: remove default values from xml.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX87ee779a977e: add 2fa op files and update template.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX65b55f35f836: fix file location and use correct variable.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEXe3c71af1466d: remove secrets file if the tunnel is deleted and fix opmode commands.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEXcfebb0b01c37: fix configure error if 2fa is defined but no option is defined.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX2a27f35ea595: change secret file location in template.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX024839cb1588: update the location of the openvpn-otp.so plugin.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX5366f9c9ce98: do not use capitals in opmode.
Oct 31 2021, 1:05 PM
Restricted Repository Identity added a reverting change for rVYOSONEX415e572dfba7: openvpn: T3736: openvpn-option keeps and adds double dashes (--): rVYOSONEXeb7f8904076e: Revert "openvpn: T3736: openvpn-option keeps and adds double dashes (--)".
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEXeb7f8904076e: Revert "openvpn: T3736: openvpn-option keeps and adds double dashes (--)".
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEXba8630da9639: pull request fixes.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX2349f2d91213: openvpn: T3805: use vyos.util.makedir() to create system directories (authored by c-po).
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX9cd3c3bfe04b: openvpn: T3805: use vyos.util.write_file() to store certificates (authored by c-po).
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEXc567b43807fa: openvpn: T3805: fix bool logic in verify_pki() for client mode (authored by c-po).
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX699d4533c543: openvpn: T3805: drop privileges using systemd - required for rtnetlink (authored by c-po).
Oct 31 2021, 1:05 PM
GitHub <noreply@github.com> committed rVYOSONEX2274dbf90474: Merge branch 'current' into 2fa (authored by UnicronNL).
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX2acfffab8b98: openvpn: T3642: Fix password_protected check (authored by nagua).
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX0a4ba4cb7017: add openvpn-otp dependency.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEXf8dca381b482: update writer to nicer read write.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEX28db7b15426f: use vyos read_file and write_file functions.
Oct 31 2021, 1:05 PM
Kim Hagen <kim@sentrium.io> committed rVYOSONEXd2c17f9864d2: do not use Path.
Oct 31 2021, 1:05 PM
GitHub <noreply@github.com> committed rVYOSONEX629c169a43ff: openvpn: T3834: Support for Two Factor Authentication totp (authored by UnicronNL).
Oct 31 2021, 1:05 PM
c-po committed rVYOSONEXf128d54665ed: smoketest: config: add DMVPN hub and spoke examples.
Oct 31 2021, 1:02 PM
c-po committed rVYOSONEX062422db04f5: smoketest: config: add DMVPN hub and spoke examples.
Oct 31 2021, 1:01 PM
c-po moved T3954: FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa3) board.
Oct 31 2021, 12:55 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
c-po moved T3954: FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error from Open to Finished on the VyOS 1.4 Sagitta board.
Oct 31 2021, 12:55 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
c-po added a project to T3954: FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error: VyOS 1.3 Equuleus (1.3.0-epa3).
Oct 31 2021, 12:55 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
UnicronNL claimed T1869: Install and Boot from RAID Doesn't Work.
Oct 31 2021, 12:53 PM
c-po committed rVYOSONEX60775392123a: console: udev: T3954: adjust rule script to new systemd-udev version.
Oct 31 2021, 12:51 PM
c-po committed rVYOSONEX0c30c4736581: console: T3954: bugfix RuntimeError: dictionary keys changed during iteration.
Oct 31 2021, 12:51 PM
c-po committed rVYOSONEX513e951f3e13: console: udev: T3954: adjust rule script to new systemd-udev version.
Oct 31 2021, 12:49 PM
c-po committed rVYOSONEXf227987ccf41: console: T3954: bugfix RuntimeError: dictionary keys changed during iteration.
Oct 31 2021, 12:49 PM
Viacheslav changed the subtype of T3955: Allow commit-confirm through http API from "Task" to "Feature Request".
Oct 31 2021, 12:17 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling
n.fort added a comment to T2251: VRF communication breaks when utilizing zone-based firewalling.

Bug still present in 1.3.0-epa2 version.

Oct 31 2021, 11:40 AM · VyOS Rolling, Bugs
c-po moved T3761: Bump salt-minion to 3000 from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.9) board.
Oct 31 2021, 7:08 AM · VyOS 1.2 Crux (VyOS 1.2.9)
c-po closed T3761: Bump salt-minion to 3000 as Resolved.
Oct 31 2021, 7:08 AM · VyOS 1.2 Crux (VyOS 1.2.9)

Oct 30 2021

c-po added a comment to T3954: FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error.

Awesome report, thanks

Oct 30 2021, 7:09 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
c-po changed the status of T3954: FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error from Open to In progress.
Oct 30 2021, 7:09 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
klipz added a comment to T3654: 1.2.7 - OpenVPN tunnel interface disappears on virtualized VyOS router/ESXi host.

@Viacheslav Yes, I have updated the system to 1.2.8-LTS. I will let you know if the disappearing openvpn tun interface reoccurs.

Oct 30 2021, 4:20 PM · VyOS 1.2 Crux (VyOS 1.2.9)
marc_s renamed T3954: FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error from [Includes proposed fix] FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error to FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error.
Oct 30 2021, 2:37 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
c-po created T3956: GRE tunnel - unable to move from source-interface to source-address, commit error.
Oct 30 2021, 10:18 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3)
penetal created T3955: Allow commit-confirm through http API.
Oct 30 2021, 10:13 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS Rolling
Viacheslav added a comment to T3467: cannot set vrrp virtual-address with /31 mask when router uses networkaddress..

PR for crux https://github.com/vyos/vyos-1x/pull/1057

vyos@r12-lts:~$ show conf com | match vrrp
set high-availability vrrp group GRP02 hello-source-address '203.0.113.1'
set high-availability vrrp group GRP02 interface 'eth1.50'
set high-availability vrrp group GRP02 no-preempt
set high-availability vrrp group GRP02 priority '150'
set high-availability vrrp group GRP02 rfc3768-compatibility
set high-availability vrrp group GRP02 virtual-address '192.168.99.2/31'
set high-availability vrrp group GRP02 vrid '10'
vyos@r12-lts:~$ show interfaces vrrp 
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth1.50v10       192.168.99.2/31                   u/u  
vyos@r12-lts:~$
Oct 30 2021, 10:05 AM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav changed the status of T3467: cannot set vrrp virtual-address with /31 mask when router uses networkaddress. from Confirmed to In progress.
Oct 30 2021, 9:51 AM · VyOS 1.2 Crux (VyOS 1.2.9)
Unknown Object (User) changed the status of T3952: Add sh bgp ipv4/ipv6 vpn command from In progress to Needs testing.
Oct 30 2021, 9:34 AM · VyOS 1.4 Sagitta
marc_s created T3954: FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error.
Oct 30 2021, 9:33 AM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
Viacheslav added a comment to T3626: Configuring and disabling DHCP Server.

PR for crux https://github.com/vyos/vyos-1x/pull/1056

Oct 30 2021, 7:38 AM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav added a comment to T3654: 1.2.7 - OpenVPN tunnel interface disappears on virtualized VyOS router/ESXi host.

@klipz Could you re-check it with 1.2.8?

Oct 30 2021, 6:36 AM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav closed T1293: Zone-policy implementation does not allow secondary IP on an interface to communicate as Not Applicable.
Oct 30 2021, 6:27 AM · VyOS 1.3 Equuleus (1.3.0)

Oct 29 2021

ahovda added a comment to T3435: NAT rules show corruption.

To fix some of this issue I modified line 102-103 in show_nat_rules.py:

Oct 29 2021, 11:58 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX0852c588d555: https: pki: T3642: embed CA certificate into chain if specified.
Oct 29 2021, 8:15 PM
n.fort added a comment to T1293: Zone-policy implementation does not allow secondary IP on an interface to communicate.

I have done a lab using 1.3.0-epa2 version, and got no troubles.
Have configured 2 IP addresses on interface, and configured zone based firewall. I'm able to ping everywhere, using both IP addresses of that interface.
Also I checked that counters on firewall rules got increased while pinging from any of both IP addresses.

Oct 29 2021, 7:14 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav changed the status of T3394: Error on removing dhcpv6 address from interface from Open to In progress.
Oct 29 2021, 6:02 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav changed the status of T3761: Bump salt-minion to 3000 from Open to In progress.
Oct 29 2021, 6:00 PM · VyOS 1.2 Crux (VyOS 1.2.9)
c-po changed the status of T3943: "netflow source-ip" prevents image upgrades if IP address does not exist locally from Open to In progress.
Oct 29 2021, 5:43 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3)
c-po added a comment to T3943: "netflow source-ip" prevents image upgrades if IP address does not exist locally.
cpo@LR2.wue3# commit
[ system flow-accounting ]
Your "netflow source-ip" does not exist in the system
Oct 29 2021, 5:43 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3)
Viacheslav renamed T3796: Wireguard interfaces are not shown in op-mode from Crux Wireguard Documentation Seems Incorrect to Wireguard interfaces are not shown in op-mode.
Oct 29 2021, 5:30 PM · VyOS 1.2 Crux (VyOS 1.2.9)
c-po claimed T3943: "netflow source-ip" prevents image upgrades if IP address does not exist locally.
Oct 29 2021, 5:29 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3)
Viacheslav moved T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command from Need Triage to Backport Candidates on the VyOS 1.3 Equuleus (1.3.0-epa3) board.
Oct 29 2021, 5:11 PM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus (1.3.0-epa3)
Viacheslav closed T3942: Generate IPSec debug archive from op-mode as Resolved.
Oct 29 2021, 5:10 PM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
c-po committed rVYOSONEXbe6319479055: L3VPN: T3952: add sh bgp ipv4/ipv6 vpn command (authored by goodNETnick <pknet@ya.ru>).
Oct 29 2021, 5:10 PM
Viacheslav committed rVYOSONEX6650524e3989: op-mode: T3942: Add generate IPSec debug-archive.
Oct 29 2021, 5:09 PM
GitHub <noreply@github.com> committed rVYOSONEX25fea6d05b37: Merge pull request #1053 from sever-sever/T3942-crux (authored by c-po).
Oct 29 2021, 5:09 PM
Viacheslav closed T3862: "reboot at" command together with date does not work / weird error message on wrong input as Resolved.
Oct 29 2021, 5:02 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav committed rVYOSONEX69655d3073f4: powerctl: T3862: Fix for reboot at 00:00.
Oct 29 2021, 4:57 PM
GitHub <noreply@github.com> committed rVYOSONEX9d0d4b9d6dd2: Merge pull request #1055 from sever-sever/T3862 (authored by dmbaturin).
Oct 29 2021, 4:57 PM
Viacheslav changed the status of T3862: "reboot at" command together with date does not work / weird error message on wrong input from Open to In progress.
Oct 29 2021, 4:55 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T3862: "reboot at" command together with date does not work / weird error message on wrong input.

PR https://github.com/vyos/vyos-1x/pull/1055

Oct 29 2021, 4:51 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T3953: IPSec with vti interfaces by default add default route to table 220.

Require migration scripts to check option set vpn ipsec options disable-route-autoinstall in the configuration

Oct 29 2021, 3:52 PM · VyOS 1.3 Equuleus (1.3.9)
Viacheslav added a comment to T3953: IPSec with vti interfaces by default add default route to table 220.

https://github.com/vyos/vyos-1x/blob/fcff58dbe9d5a099eccbefb43c304801d434ac17/src/conf_mode/ipsec-settings.py#L61-L62

Oct 29 2021, 3:40 PM · VyOS 1.3 Equuleus (1.3.9)
Viacheslav changed the subtype of T3953: IPSec with vti interfaces by default add default route to table 220 from "Bug" to "Feature Request".
Oct 29 2021, 3:33 PM · VyOS 1.3 Equuleus (1.3.9)
Viacheslav created T3953: IPSec with vti interfaces by default add default route to table 220.
Oct 29 2021, 3:32 PM · VyOS 1.3 Equuleus (1.3.9)
Viacheslav added a comment to T3862: "reboot at" command together with date does not work / weird error message on wrong input.

The issue even with 00:00 format

Oct 29 2021, 1:43 PM · VyOS 1.2 Crux (VyOS 1.2.9)
zsdc changed the status of T3774: atop logs are not limited in size from Open to Confirmed.

After some investigation, we figured out several ways how to solve or at least mitigate the problem. From my point of view, the optimal for both developers and customers is the next one.

Oct 29 2021, 11:09 AM · VyOS 1.4 Sagitta (1.4.0-epa1)
Viacheslav moved T3745: op-mode IPSec show vpn ipse sa sorting from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.9) board.
Oct 29 2021, 9:18 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX558070cfde51: bgp: T3745: Sorting output show vpn ipsec sa.
Oct 29 2021, 9:17 AM
GitHub <noreply@github.com> committed rVYOSONEX4f4200f542c3: Merge pull request #1054 from sever-sever/T3745-crux (authored by dmbaturin).
Oct 29 2021, 9:16 AM
Viacheslav added a comment to T3745: op-mode IPSec show vpn ipse sa sorting.

PR for crux https://github.com/vyos/vyos-1x/pull/1054

Oct 29 2021, 9:09 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav moved T3745: op-mode IPSec show vpn ipse sa sorting from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Oct 29 2021, 8:58 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav added a project to T3745: op-mode IPSec show vpn ipse sa sorting: VyOS 1.2 Crux (VyOS 1.2.9).
Oct 29 2021, 8:58 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav moved T3942: Generate IPSec debug archive from op-mode from Backport Candidates to Finished on the VyOS 1.3 Equuleus (1.3.0-epa3) board.
Oct 29 2021, 8:43 AM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
Viacheslav added a comment to T3942: Generate IPSec debug archive from op-mode.

PR for crux https://github.com/vyos/vyos-1x/pull/1053

Oct 29 2021, 8:42 AM · VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.4 Sagitta
Viacheslav added a comment to T3643: show vpn ipsec sa doesn't show tunnels in "down" state.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1052

Oct 29 2021, 8:00 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3952: Add sh bgp ipv4/ipv6 vpn command from Open to In progress.
Oct 29 2021, 7:01 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T2748: "show vpn ike sa" shows state "down" when tunnel is up.

@ajgnet Can you re-test it?

Oct 29 2021, 6:58 AM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T1233: ipsec vpn sa showing down.

@liam can you re-test it?

Oct 29 2021, 6:57 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3774: atop logs are not limited in size.

@zsdc Provide please options to solve it.

Oct 29 2021, 6:54 AM · VyOS 1.4 Sagitta (1.4.0-epa1)
First
Prev
Next