- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Jan 15 2022
Jan 15 2022
Viacheslav renamed T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses from NTP allow-clients address doesn't work to NTP allow-clients address doesn't work it allows to use ntp server for all addresses.
Viacheslav changed the subtype of T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses from "Task" to "Bug".
Viacheslav changed the status of T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses from Open to In progress.
Viacheslav added a comment to T4110: [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1170
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1170
Viacheslav reopened T4110: [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0 as "In progress".
Jan 14 2022
Jan 14 2022
Viacheslav edited projects for T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Jan 12 2022
Jan 12 2022
c-po renamed T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Update Linux Kernel to v5.4.169 / 5.10.89 to Update Linux Kernel to v5.4.171 / 5.10.91.
Viacheslav moved T4152: NHRP shortcut-target holding-time does not work from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Viacheslav edited projects for T4168: IPsec VPN is impossible to restart when DMVPN is configured, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Unknown Object (User) added a comment to T4100: Firewall increase maximum number of rules.
Jan 11 2022
Jan 11 2022
Invalid - already available - I looked into an 1.2.8 image.
Jan 10 2022
Jan 10 2022
Unknown Object (User) added a comment to T4100: Firewall increase maximum number of rules.
In 1.3 (VyOS 1.3-rolling-202201030317) the rules are handled correctly (except for the numbers in description).
Viacheslav moved T3299: Allow the web proxy service to listen on all IP addresses from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Viacheslav changed the status of T3299: Allow the web proxy service to listen on all IP addresses from Unknown Status to Resolved.
Jan 9 2022
Jan 9 2022
c-po moved T3924: VRRP stops working with VRF from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po moved T4141: Set high-availability vrrp sync-group without members error from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po moved T4128: keepalived: Upgrade package to add VRF support from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po added a project to T4128: keepalived: Upgrade package to add VRF support: VyOS 1.3 Equuleus ( 1.3.1).
Package upgraded
c-po moved T3914: VRRP rfc3768-compatibility doesn't work with unicast peers from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po edited projects for T3914: VRRP rfc3768-compatibility doesn't work with unicast peers, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Viacheslav edited projects for T3299: Allow the web proxy service to listen on all IP addresses, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
It requires checking for 1.3 as it was changed and it uses the old backend on Perl (links above).
vyos@vyos# run show config comm | grep fire set firewall name FOO default-action 'accept' set firewall name FOO rule 10 action 'accept' set firewall name FOO rule 10 source address '198.51.100.0/24' set firewall name FOO rule 999997 action 'drop' set firewall name FOO rule 999997 source address '203.0.113.0/24' [edit]
Viacheslav moved T4142: Input ifbX interfaces not displayed in op-mode from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Check a real generated firewall iptables/nftables config
As 10000 it is the latest default rule, so your rules can be applied after default action with seq 10000
Unknown Object (User) added a comment to T4100: Firewall increase maximum number of rules.
Tested in VyOS 1.3-rolling-202201030317 & 1.4-rolling-202201070726
Jan 8 2022
Jan 8 2022
@NikolayP Could you test if all works fine?
Check the real generated firewal rules.
Viacheslav moved T4100: Firewall increase maximum number of rules from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Jan 6 2022
Jan 6 2022
c-po edited projects for T4141: Set high-availability vrrp sync-group without members error, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Jan 5 2022
Jan 5 2022
Viacheslav moved T4142: Input ifbX interfaces not displayed in op-mode from Open to Backport Candidates on the VyOS 1.4 Sagitta board.
PR https://github.com/vyos/vyos-1x/pull/1138
vyos@r11-roll:~$ show interfaces input Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- ifb0 - u/u FOO ifb1 - u/u FOO1 vyos@r11-roll:~$
Viacheslav added a project to T4142: Input ifbX interfaces not displayed in op-mode: VyOS 1.3 Equuleus ( 1.3.1).
Jan 3 2022
Jan 3 2022
Unknown Object (User) added a comment to T4081: VRRP health-check script stops working when setting up a sync group.
Checked in 1.3-rolling-202201030317, health-check works
Dec 31 2021
Dec 31 2021
I want to leave a comment , it's also common that customers don't know that PVST is enabled by default (and send bpdu peer VLANS), So it's possible to mitigate it also using nf rules , below leave a example:
Viacheslav changed the subtype of T4125: Feature Request: bridge STP BPDU translation from "Task" to "Feature Request".
Viacheslav edited projects for T4081: VRRP health-check script stops working when setting up a sync group, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Unknown Object (User) created T4125: Feature Request: bridge STP BPDU translation.
Dec 30 2021
Dec 30 2021
c-po moved T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po renamed T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Update Linux Kernel to v5.4.164 / 5.10.88 to Update Linux Kernel to v5.4.169 / 5.10.89.
Dec 29 2021
Dec 29 2021
Viacheslav moved T2400: OpenVPN: dont restart server if no need from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Fixed in eceaa3a7
Dec 28 2021
Dec 28 2021
Viacheslav edited projects for T2922: The `vpn ipsec logging log-modes` miss the IPSec daemons state check, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Viacheslav changed the status of T3380: "show vpn ike sa" does not display IPv6 peers from Open to In progress.
Viacheslav moved T3380: "show vpn ike sa" does not display IPv6 peers from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a project to T3380: "show vpn ike sa" does not display IPv6 peers: VyOS 1.3 Equuleus ( 1.3.1).
Dec 27 2021
Dec 27 2021
Issue was a missing verify() step which requires every SNMPv3 user to have a group assigned.
c-po moved T4093: SNMPv3 snmpd.conf generation bug from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.9) board.
c-po moved T4093: SNMPv3 snmpd.conf generation bug from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po moved T4093: SNMPv3 snmpd.conf generation bug from Open to Finished on the VyOS 1.4 Sagitta board.
c-po edited projects for T4093: SNMPv3 snmpd.conf generation bug, added: VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9); removed VyOS 1.3 Equuleus (1.3.0).
Dec 26 2021
Dec 26 2021
c-po moved T4104: RAID1: "add raid md0 member sda1" does not restore boot sector from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po moved T4101: commit-archive: Use of uninitialized value $source_address in concatenation from Open to Finished on the VyOS 1.4 Sagitta board.
Dec 25 2021
Dec 25 2021
c-po moved T4055: Add VRF support for HTTP(S) API service from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po edited projects for T4055: Add VRF support for HTTP(S) API service, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
c-po added a comment to T4098: flow-accounting: "disable-imt" and "show flow-accounting" gives PermissionError.
Runtime error on the development image
c-po moved T4098: flow-accounting: "disable-imt" and "show flow-accounting" gives PermissionError from Open to Finished on the VyOS 1.4 Sagitta board.
c-po moved T4104: RAID1: "add raid md0 member sda1" does not restore boot sector from Open to In Progress on the VyOS 1.4 Sagitta board.
c-po triaged T4104: RAID1: "add raid md0 member sda1" does not restore boot sector as Urgent! priority.
erkin changed the status of T4101: commit-archive: Use of uninitialized value $source_address in concatenation from Open to Confirmed.
c-po moved T2764: Increase maximum number of NAT rules from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
c-po edited projects for T2764: Increase maximum number of NAT rules, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0-epa1).
Dec 24 2021
Dec 24 2021
c-po moved T4098: flow-accounting: "disable-imt" and "show flow-accounting" gives PermissionError from Need Triage to 1.3.1 on the VyOS 1.3 Equuleus board.