Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Jan 3 2022

c-po committed rVYOSONEX5a73c9460009: keepalived: T4128: add missing keepalived.service file.
Jan 3 2022, 7:31 PM
c-po changed the status of T3924: VRRP stops working with VRF from Confirmed to Needs testing.
Jan 3 2022, 7:20 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav created T4134: Incorrect firewall protocol completion help uppercase and duplicates.
Jan 3 2022, 7:16 PM · VyOS 1.4 Sagitta
n.fort created T4133: Firewall network group error with zone-based firewall rules.
Jan 3 2022, 7:08 PM · VyOS 1.4 Sagitta, VyConf
c-po added a comment to T4130: Firewall state policy errors chain.

Comparing the old iptables firewall it will look like this:

Jan 3 2022, 7:00 PM · VyOS 1.4 Sagitta
n.fort added a comment to T3435: NAT rules show corruption.

Error still present on VyOS 1.4-rolling-202201020317

Jan 3 2022, 6:57 PM · VyOS 1.4 Sagitta
Viacheslav created T4132: Impossible to show a specific firewall group.
Jan 3 2022, 6:56 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4131: Show firewall group incorrect format members.
Jan 3 2022, 6:53 PM · VyOS 1.4 Sagitta
Viacheslav created T4131: Show firewall group incorrect format members.
Jan 3 2022, 6:45 PM · VyOS 1.4 Sagitta
c-po claimed T3924: VRRP stops working with VRF.
Jan 3 2022, 6:18 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
c-po added a comment to T3924: VRRP stops working with VRF.

keepalived was upgraded to include the above mentioned commits.

Jan 3 2022, 6:18 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
c-po assigned T4130: Firewall state policy errors chain to sarthurdev.
Jan 3 2022, 6:13 PM · VyOS 1.4 Sagitta
Viacheslav renamed T4130: Firewall state policy errors chain from Firewall state policy erros chain to Firewall state policy errors chain.
Jan 3 2022, 5:56 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX2a279f48e208: keepalived: T4128: add systemd option Type=simple.
Jan 3 2022, 5:44 PM
c-po committed rVYOSONEXb64dbabe1cca: test: vyos.validate: also test interface identifier in is_ipv6_link_local().
Jan 3 2022, 5:44 PM
Viacheslav created T4130: Firewall state policy errors chain.
Jan 3 2022, 5:41 PM · VyOS 1.4 Sagitta
dcplaya created T4129: Certstore only accepts `PKCS#8` cert types .
Jan 3 2022, 5:38 PM · Bugs, VyOS 1.4 Sagitta (1.4.0-GA)
dcplaya added a comment to T4127: Upgrading from pre-certstore image to certstore image does not handle CA files with multiple certs.

I was able to test and get a screenshot of the exact error eapol spits out when using certstore as well.

Jan 3 2022, 5:35 PM · Bugs, VyOS 1.4 Sagitta (1.4.0-GA)
c-po closed T4128: keepalived: Upgrade package to add VRF support, a subtask of T3924: VRRP stops working with VRF, as Resolved.
Jan 3 2022, 5:29 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
c-po closed T4128: keepalived: Upgrade package to add VRF support as Resolved.
Jan 3 2022, 5:28 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
c-po created T4128: keepalived: Upgrade package to add VRF support.
Jan 3 2022, 5:28 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4052: Validator return traceback on VRRP configuration with the script path not in config dir as Resolved.
Jan 3 2022, 5:17 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX67c25c6468b5: monitoring: T3872: Add templates for telegraf.
Jan 3 2022, 4:35 PM
Viacheslav committed rVYOSONEXc5a54d4c54d4: monitoring: T3872: Add python handler for service monitoring.
Jan 3 2022, 4:35 PM
Viacheslav committed rVYOSONEX605cac35526c: monitoring: T3872: Add a new feature service monitoring telegraf.
Jan 3 2022, 4:35 PM
GitHub <noreply@github.com> committed rVYOSONEXca3cd970f297: Merge pull request #1018 from sever-sever/T3872 (authored by c-po).
Jan 3 2022, 4:35 PM
Viacheslav changed the status of T4110: [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0 from In progress to Needs testing.
Jan 3 2022, 3:10 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
GitHub <noreply@github.com> committed rVYOSONEXfc2a99e024fc: vrf: xml: rename text -> txt format identifier in valueHelp (authored by c-po).
Jan 3 2022, 9:51 AM
Viacheslav closed T4126: Ability to set priority to site to site IPSec vpn tunnels as Resolved.
Jan 3 2022, 9:16 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4120: [VXLAN] add ability to set multiple unicast-remotes from Open to In progress.
Jan 3 2022, 9:14 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3976: Missing prefix-list and access-list option from ipv6 route-map.

@egoistdream Just check when this feature was merged. It was implemented in FRR 24th of November, but the latest FRR release was 9th of November
https://frrouting.org/release/8.1/

Jan 3 2022, 9:03 AM
Viacheslav committed rVYOSONEX1da1701ce75d: listen-address: T4110: Ability to set IPv6 link-local addresses.
Jan 3 2022, 8:53 AM
GitHub <noreply@github.com> committed rVYOSONEX4743b91f4eb9: Merge pull request #1124 from sever-sever/T4110 (authored by c-po).
Jan 3 2022, 8:53 AM
Unknown Object (User) added a comment to T4081: VRRP health-check script stops working when setting up a sync group.

Checked in 1.3-rolling-202201030317, health-check works

Jan 3 2022, 7:44 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Jan 2 2022

egoistdream added a comment to T3976: Missing prefix-list and access-list option from ipv6 route-map.

Still the same on vyos-1.4-rolling-202201020317-amd64.iso

Jan 2 2022, 9:53 PM
c-po added a reverting change for rVYOSONEX522c9d916e39: snmp: T4093: add missing verify() step for required group per snmp v3 user: rVYOSONEXd39187f4bde6: Revert "snmp: T4093: add missing verify() step for required group per snmp v3….
Jan 2 2022, 7:35 PM
c-po committed rVYOSONEXd39187f4bde6: Revert "snmp: T4093: add missing verify() step for required group per snmp v3….
Jan 2 2022, 7:35 PM

Jan 1 2022

dcplaya created T4127: Upgrading from pre-certstore image to certstore image does not handle CA files with multiple certs.
Jan 1 2022, 11:09 PM · Bugs, VyOS 1.4 Sagitta (1.4.0-GA)
c-po committed rVYOSONEX901e40dc3b52: nat: T2199: rename iptables -> nftables variable prefix.
Jan 1 2022, 9:54 AM

Dec 31 2021

sarthurdev committed rVYOSONEX85710cee8fe9: firewall: T2199: Migrate firewall op-mode to XML/Python.
Dec 31 2021, 6:35 PM
sarthurdev committed rVYOSONEXfdeba8da3e99: firewall: T2199: Migrate firewall to XML/Python.
Dec 31 2021, 6:35 PM
sarthurdev committed rVYOSONEX3ebb08893b4b: zone-policy: T2199: Migrate zone-policy op-mode to XML/Python.
Dec 31 2021, 6:35 PM
sarthurdev committed rVYOSONEXc7cf7b941445: zone-policy: T2199: Migrate zone-policy to XML/Python.
Dec 31 2021, 6:35 PM
sarthurdev committed rVYOSONEXdcd202aeeb89: policy: T2199: Migrate policy route op-mode to XML/Python.
Dec 31 2021, 6:35 PM
sarthurdev committed rVYOSONEXf86041de88c3: policy: T2199: Migrate policy route to XML/Python.
Dec 31 2021, 6:35 PM
sarthurdev committed rVYOSONEX28b285b4791a: zone_policy: T3873: Implement intra-zone-filtering.
Dec 31 2021, 6:35 PM
c-po committed rVYOSONEX0091f6080181: Merge branch 'firewall' of https://github.com/sarthurdev/vyos-1x into current.
Dec 31 2021, 6:35 PM
c-po changed the status of T4121: Nameservers from DHCP client cannot be used in specific cases from In progress to Needs testing.
Dec 31 2021, 5:37 PM · VyOS 1.3 Equuleus (1.3.4)
c-po committed rVYOSONEX42a43b1c572f: smoketest: ipsec: make use of setUpClass().
Dec 31 2021, 4:01 PM
c-po committed rVYOSONEXc5f118b3af48: smoketest: ipsec: T4126: verify configured priority.
Dec 31 2021, 4:01 PM
Viacheslav renamed T4126: Ability to set priority to site to site IPSec vpn tunnels from Ability to set priority to site to site IPSec tunnels to Ability to set priority to site to site IPSec vpn tunnels.
Dec 31 2021, 3:45 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4126: Ability to set priority to site to site IPSec vpn tunnels from Open to Needs testing.

It can't be implemented in 1.3, as it doesn't use swanctl.conf for peers configuration
I didn't find this option for ipsec.conf

Dec 31 2021, 3:45 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX78494fe6de53: ipsec: T4126: Ability to set priorities for installed policy.
Dec 31 2021, 3:29 PM
GitHub <noreply@github.com> committed rVYOSONEXdcf8baa5b304: Merge pull request #1129 from sever-sever/T4126 (authored by c-po).
Dec 31 2021, 3:29 PM
Viacheslav added a comment to T4126: Ability to set priority to site to site IPSec vpn tunnels.

PR https://github.com/vyos/vyos-1x/pull/1129

set vpn ipsec site-to-site peer 192.0.2.14 tunnel 0 local prefix '172.16.0.0/24'
set vpn ipsec site-to-site peer 192.0.2.14 tunnel 0 priority '100'
set vpn ipsec site-to-site peer 192.0.2.14 tunnel 0 remote prefix '10.0.0.0/24'
Dec 31 2021, 3:11 PM · VyOS 1.4 Sagitta
fernando added a comment to T4125: Feature Request: bridge STP BPDU translation.

I want to leave a comment , it's also common that customers don't know that PVST is enabled by default (and send bpdu peer VLANS), So it's possible to mitigate it also using nf rules , below leave a example:

Dec 31 2021, 2:59 PM
Viacheslav claimed T4126: Ability to set priority to site to site IPSec vpn tunnels.
Dec 31 2021, 1:52 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4126: Ability to set priority to site to site IPSec vpn tunnels.
Dec 31 2021, 1:32 PM · VyOS 1.4 Sagitta
Viacheslav created T4126: Ability to set priority to site to site IPSec vpn tunnels.
Dec 31 2021, 1:24 PM · VyOS 1.4 Sagitta
Viacheslav changed the subtype of T4125: Feature Request: bridge STP BPDU translation from "Task" to "Feature Request".
Dec 31 2021, 12:11 PM
Viacheslav added a comment to T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID.

How about starting with a simple interface and allowing to set interface for binding address?

set high-availability vrrp group foo address 203.0.113.1 interface ethX      
Possible completions:
 > ethN         Interfcae used to assign virtual address
 > eth0         
 > eth1         
 > eth2
Dec 31 2021, 12:09 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav moved T4081: VRRP health-check script stops working when setting up a sync group from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Dec 31 2021, 11:04 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav edited projects for T4081: VRRP health-check script stops working when setting up a sync group, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Dec 31 2021, 11:04 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4081: VRRP health-check script stops working when setting up a sync group as Resolved.
Dec 31 2021, 11:04 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXda7248337aa0: keepalived: T4081: Fix health-checking when syn-group is used.
Dec 31 2021, 9:36 AM
GitHub <noreply@github.com> committed rVYOSONEX02dfd272ad99: Merge pull request #1122 from sever-sever/T4081-equ (authored by dmbaturin).
Dec 31 2021, 9:36 AM
c-po committed rVYOSONEXb468930a61d4: firewall: xml: T4100: increase maximum number of rules to 999999.
Dec 31 2021, 8:11 AM
SrividyaA placed T4115: reboot in <x> not working as expected up for grabs.
Dec 31 2021, 8:00 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po triaged T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID as Low priority.
Dec 31 2021, 8:00 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
c-po added a comment to T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID.

This sounds like a "peer-link" or "heartbeat-link" between two VyOS boxes. I have yet no idea how the CLI could look like, maybe you have one?

Dec 31 2021, 7:59 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
c-po committed rVYOSONEXad9289163aff: snmp: T4124: remove snmp.py from vyos-configd.
Dec 31 2021, 7:55 AM
Unknown Object (User) created T4125: Feature Request: bridge STP BPDU translation.
Dec 31 2021, 3:56 AM

Dec 30 2021

c-po closed T4124: snmp: migrate to get_config_dict() as Resolved.
Dec 30 2021, 8:39 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEXc0d4a61047b7: smoketest: snmp: T4124: locally connect to SNMP service and retrieve data.
Dec 30 2021, 8:38 PM
c-po committed rVYOSONEX566f7f2401b7: snmp: T4124: migrate to get_config_dict().
Dec 30 2021, 8:38 PM
c-po updated the task description for T4124: snmp: migrate to get_config_dict().
Dec 30 2021, 8:32 PM · VyOS 1.4 Sagitta
c-po moved T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Dec 30 2021, 8:02 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
c-po renamed T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Update Linux Kernel to v5.4.164 / 5.10.88 to Update Linux Kernel to v5.4.169 / 5.10.89.
Dec 30 2021, 8:01 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
c-po claimed T4124: snmp: migrate to get_config_dict().
Dec 30 2021, 6:40 PM · VyOS 1.4 Sagitta
c-po created T4124: snmp: migrate to get_config_dict().
Dec 30 2021, 6:40 PM · VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T4117: Does not possible to configure PoD/CoA for L2TP vpn from In progress to Needs testing.
Dec 30 2021, 5:27 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.3)
zsdc changed the status of T4113: Incorrect GRUB configuration parsing from Open to In progress.

Suggested fix: https://github.com/vyos/vyatta-op/pull/52

Dec 30 2021, 5:21 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Kim Hagen <kim@sentrium.io> committed rVYOSONEX1a9c14790440: dhclient: T4121: Fixed resolv.conf generation at early boot stage (authored by zsdc).
Dec 30 2021, 4:02 PM
zsdc committed rVYOSONEXce77935eeeab: dhclient: T4121: Fixed resolv.conf generation at early boot stage.
Dec 30 2021, 4:00 PM
GitHub <noreply@github.com> committed rVYOSONEX8d99fe401731: Merge pull request #1128 from zdc/T4121-sagitta (authored by UnicronNL).
Dec 30 2021, 4:00 PM
Unknown Object (User) committed rVYOSONEX94ee47fdf975: l2tp-server: T4117: Add dae-server configuration to template.
Dec 30 2021, 2:13 PM
GitHub <noreply@github.com> committed rVYOSONEXb7b5eecd30c7: Merge pull request #1125 from DmitriyEshenko/eq-1x-29122021-01 (authored by dmbaturin).
Dec 30 2021, 2:13 PM
aha added a comment to T4120: [VXLAN] add ability to set multiple unicast-remotes.

Problem (2) with multiple IPv6 remotes fixed.

Dec 30 2021, 11:19 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
bbabich created T4123: checksum file fails to download from AWS S3 in rolling-release.
Dec 30 2021, 6:22 AM · VyOS 1.4 Sagitta
aha added a comment to T4120: [VXLAN] add ability to set multiple unicast-remotes.

During multiple tests on my testlab I found two (or three) possible bugs:
1.)
vyos-cli does not prevent to mix IPv4 and IPv6 remotes. Mixing them is not possible with vxlan.

Dec 30 2021, 12:13 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Dec 29 2021

zsdc added a comment to T4121: Nameservers from DHCP client cannot be used in specific cases.

PR to fix the problem: https://github.com/vyos/vyos-1x/pull/1128
It is compatible with both 1.3 and 1.4, so can be cherry-picked from sagitta to equuleus.

Dec 29 2021, 11:12 PM · VyOS 1.3 Equuleus (1.3.4)
Andreas <vyos-git@justsecure.de> committed rVYOSONEX76a917281ddb: webproxy: T4116: Ability to listen on IPv6 addresses.
Dec 29 2021, 8:15 PM
GitHub <noreply@github.com> committed rVYOSONEX78ad5ce69e6f: Merge pull request #1126 from justsecure/current (authored by c-po).
Dec 29 2021, 8:15 PM
jestabro closed T4086: system login banner is not removed on deletion. as Resolved.
Dec 29 2021, 8:13 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
olofl created T4122: interface ip address config missing after upgrade from 1.2.8 to 1.3.0 (when redirect is configured?).
Dec 29 2021, 8:13 PM · VyOS 1.3 Equuleus (1.3.3)
jestabro committed rVYOSONEX8341dbb811ab: configd: T4086: use 'copy' on mutable global var default_config_data.
Dec 29 2021, 8:12 PM
jestabro moved T4086: system login banner is not removed on deletion. from Open to Finished on the VyOS 1.4 Sagitta board.
Dec 29 2021, 8:08 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
jestabro committed rVYOSONEXd2ca2ac1cf9c: configd: T4086: use 'copy' on mutable global var default_config_data.
Dec 29 2021, 8:07 PM
jestabro added a comment to T4086: system login banner is not removed on deletion..

This is a mutability issue: since under vyos-configd the script is loaded as module, global variables persist, however:

Dec 29 2021, 7:37 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
SrividyaA added a comment to T4115: reboot in <x> not working as expected.

The error is received when the input for minutes is provided in three digits.

Dec 29 2021, 7:35 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
First
Prev
Next