Page MenuHomeVyOS Platform
Feed Search

Search
Use Results
Hide Query

Jan 25 2022

Viacheslav created T4209: Firewall incorrect handler for recent count and time.
Jan 25 2022, 11:47 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4208: Issues With More than Two Default Route Paths.

Try to dump traffic from the required interface

Jan 25 2022, 10:32 AM · VyOS 1.3 Equuleus (1.3.7)
Viacheslav updated the task description for T4208: Issues With More than Two Default Route Paths.
Jan 25 2022, 10:26 AM · VyOS 1.3 Equuleus (1.3.7)
Viacheslav added a comment to T4207: Policy Based Route Issue with Rules for Multiple Tables.

For first do these changes as in commit
Try policy local route, for example:

set policy local-route rule 10 set table 111
set policy local-route rule 10 source 192.0.2.0/24
Jan 25 2022, 10:25 AM · Bugs, VyOS 1.3 Equuleus (1.3.8)
Viacheslav added a comment to T4206: Policy Based Routing with DHCP Interface Issue.

The main reason:

Jan 25 2022, 10:05 AM · VyOS 1.3 Equuleus (1.3.2)
Viacheslav added a comment to T4206: Policy Based Routing with DHCP Interface Issue.

@Rhongomiant Am I understanding correctly that you don't see the default route in table 111?

Jan 25 2022, 9:50 AM · VyOS 1.3 Equuleus (1.3.2)
Viacheslav updated the task description for T4207: Policy Based Route Issue with Rules for Multiple Tables.
Jan 25 2022, 9:44 AM · Bugs, VyOS 1.3 Equuleus (1.3.8)
Viacheslav updated the task description for T4206: Policy Based Routing with DHCP Interface Issue.
Jan 25 2022, 9:38 AM · VyOS 1.3 Equuleus (1.3.2)
Viacheslav closed T4205: Disable Debian Version in SSH (DebianBanner->no) as Resolved.
Jan 25 2022, 9:14 AM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX10fb7f4c6d07: sshd: T4205: Hide extra version suffix "Debian".
Jan 25 2022, 8:55 AM
Viacheslav added a comment to T4205: Disable Debian Version in SSH (DebianBanner->no).

PR https://github.com/vyos/vyos-1x/pull/1188

Jan 25 2022, 8:53 AM · VyOS 1.4 Sagitta
Viacheslav closed T4131: Show firewall group incorrect format members as Resolved.

@sdev Thanks

Jan 25 2022, 8:19 AM · VyOS 1.4 Sagitta

Jan 21 2022

Viacheslav closed T4137: Firewall group configuration allows to set incorrect port range and invalid port as Resolved.
Jan 21 2022, 4:22 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4151: IPV6 local PBR Support.

@hensur Smoketest failed.

Jan 21 2022, 7:12 AM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta

Jan 20 2022

Viacheslav renamed T4197: Vyos arm64-latest build issue with telegraf pkg from Vyos arm64-latest build issue to Vyos arm64-latest build issue with telegraf pkg.
Jan 20 2022, 4:01 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4197: Vyos arm64-latest build issue with telegraf pkg.
Jan 20 2022, 4:01 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4198: Error shown on commit.

@adestis Could you share commands, on how to reproduce this bug? Thanks.

Jan 20 2022, 3:50 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav changed the status of T4151: IPV6 local PBR Support from Open to Needs testing.
Jan 20 2022, 2:24 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Viacheslav changed the subtype of T4196: DHCP server client-prefix-length parameter results in non-functional leases from "Task" to "Bug".
Jan 20 2022, 12:58 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T4196: DHCP server client-prefix-length parameter results in non-functional leases from Open to In progress.
Jan 20 2022, 12:58 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)

Jan 19 2022

Viacheslav added a comment to T4193: Add support for transparent firewall.

PR for required interface "nodes" https://github.com/vyos/vyatta-cfg-firewall/pull/30

Jan 19 2022, 12:31 PM · VyOS 1.4 Sagitta
Viacheslav changed the subtype of T4194: prefix-list no check for duplicate entries from "Task" to "Bug".

In fact you find a new bug in 1.4

Jan 19 2022, 10:29 AM · VyOS 1.4 Sagitta

Jan 18 2022

Viacheslav added a comment to T4072: Feature Request: Firewall on bridge interfaces.

Some details in T4193

Jan 18 2022, 8:51 PM · VyOS 1.4 Sagitta
Viacheslav added a project to T2762: VRF: when SSHd is VRF bound all commands are executed in VRF context: VyOS 1.4 Sagitta.
Jan 18 2022, 2:28 AM · VyOS Rolling

Jan 17 2022

Viacheslav added a comment to T2762: VRF: when SSHd is VRF bound all commands are executed in VRF context.

PR for ping https://github.com/vyos/vyos-1x/pull/1175

Jan 17 2022, 11:47 PM · VyOS Rolling
Viacheslav updated the task description for T4191: Lost access to host after VRF re-creating.
Jan 17 2022, 8:12 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav created T4191: Lost access to host after VRF re-creating.
Jan 17 2022, 8:09 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T891: Current multi-table usage with VRF-netns tables in FRR is partially broken for PBR. as Not Applicable.

Close the task
@Watcher7 Re-test it or describe steps hot to reproduce, as since 1.2-rc2 was implemented a lot of changes regarding vrf + frr.
You can set both vrf + next-hop address

Jan 17 2022, 6:05 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T4189: Ability to set dns forwarding in vrf.

There are some issues with powerdns in vrf context.

Jan 17 2022, 12:59 PM · VyOS 1.4 Sagitta
Viacheslav created T4189: Ability to set dns forwarding in vrf.
Jan 17 2022, 11:02 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4100: Firewall increase maximum number of rules.
It is a different task, it extends only the range which you can to use for rule numbers.

For example, if you want 3 rules

Rule 100, rule 1000, rule 10000 etc.

Accepting time it is another task. B.t.w firewall was rewritten in 1.4, I hope that commit time was decreased.
Jan 17 2022, 10:18 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Jan 16 2022
Viacheslav committed rVYOSONEX585042dba9d7: ntp: T4184: Fix allow-clients address.
Jan 16 2022, 11:16 AM
Jan 15 2022
Viacheslav moved T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses from Open to Finished on the VyOS 1.4 Sagitta board.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1172
Jan 15 2022, 4:14 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX40f0e78dd946: ntp: T4184: Fix allow-clients address.
Jan 15 2022, 3:57 PM
Viacheslav closed T4110: [IPV6-SSH/DNS}  enable IPv6 link local adresses as listen-address %eth0 as Resolved.
Jan 15 2022, 3:52 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4183: IPv6 link-local address not accepted as wireguard peer as Resolved.
Jan 15 2022, 3:52 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXcb69b6e875c9: wireguard: T4183: Allow setting ipv6 link local addres for peer.
Jan 15 2022, 3:50 PM
Viacheslav committed rVYOSONEXc39d6dd7f6a8: listen-address: T4110: Ability to set IPv6 link-local for services.
Jan 15 2022, 3:50 PM
Viacheslav added a comment to T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses.
PR https://github.com/vyos/vyos-1x/pull/1171
Jan 15 2022, 3:47 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav renamed T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses from NTP allow-clients address doesn't work to NTP allow-clients address doesn't work it allows to use ntp server for all addresses.
Jan 15 2022, 3:32 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the subtype of T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses from "Task" to "Bug".
Jan 15 2022, 3:14 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses from Open to In progress.
Jan 15 2022, 3:14 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4110: [IPV6-SSH/DNS}  enable IPv6 link local adresses as listen-address %eth0.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1170
Jan 15 2022, 3:13 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4183: IPv6 link-local address not accepted as wireguard peer.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1170
Jan 15 2022, 3:12 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav reopened T4110: [IPV6-SSH/DNS}  enable IPv6 link local adresses as listen-address %eth0 as "In progress".
Jan 15 2022, 3:01 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav reopened T4183: IPv6 link-local address not accepted as wireguard peer as "In progress".
Jan 15 2022, 1:30 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav moved T4150: VRRP with conntrack-sync does not work from Open to Finished on the VyOS 1.4 Sagitta board.
Jan 15 2022, 1:28 PM · VyOS 1.4 Sagitta
Viacheslav closed T4183: IPv6 link-local address not accepted as wireguard peer as Resolved.
Jan 15 2022, 11:49 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXdbdb736c8512: wireguard: T4183: Allow to set peer IPv6 link-local address.
Jan 15 2022, 7:09 AM
Jan 14 2022
Viacheslav changed the status of T4172: Patch ndppd to not read route table if there are no auto prefixes from Open to In progress.
Jan 14 2022, 9:14 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4183: IPv6 link-local address not accepted as wireguard peer from Open to In progress.
Jan 14 2022, 9:01 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4183: IPv6 link-local address not accepted as wireguard peer.
PR https://github.com/vyos/vyos-1x/pull/1169
Jan 14 2022, 9:01 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4182: Show vrrp if vrrp not configured bug as Resolved.
Jan 14 2022, 8:23 PM · VyOS 1.4 Sagitta
Viacheslav closed T4179: Add op-mode CLI for show high-availability virtual-server as Resolved.
Jan 14 2022, 8:22 PM · VyOS 1.4 Sagitta
Viacheslav closed T4177: Strip-private doesn't work for service monitoring as Resolved.
Jan 14 2022, 8:22 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav added a comment to T4150: VRRP with conntrack-sync does not work.
@NikolayP Could you re-test it?
Jan 14 2022, 8:19 PM · VyOS 1.4 Sagitta
Viacheslav added a subtask for T2199: Rewrite firewall in new XML/Python style: T3762: Support network and address groups for policy ipv6-route.
Jan 14 2022, 8:18 PM · VyOS 1.4 Sagitta (1.4.0-epa2)
Viacheslav added a parent task for T3762: Support network and address groups for policy ipv6-route: T2199: Rewrite firewall in new XML/Python style.
Jan 14 2022, 8:18 PM · VyOS 1.4 Sagitta
Viacheslav closed T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID as Resolved.
Jan 14 2022, 8:11 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav edited projects for T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).
Jan 14 2022, 8:09 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXd63cabb18649: op-mode: T4179: Add op-mode CLI show virtual-server.
Jan 14 2022, 7:31 PM
Viacheslav added a comment to T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses.
Some detail here T1280
Jan 14 2022, 2:25 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4183: IPv6 link-local address not accepted as wireguard peer.
@odhnera  Try to comment or delete the validation string and restart vyos-configd service
Jan 14 2022, 12:15 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Jan 13 2022
Viacheslav added a comment to T4183: IPv6 link-local address not accepted as wireguard peer.
Link-local addresses with %ethX are not accepted in any protocols/peers/etc.   A few services are allowed to set them as listen like ssh/dns at the moment.

Is there a real use case why you need it on wireguard interfaces?
Jan 13 2022, 11:23 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the subtype of T4183: IPv6 link-local address not accepted as wireguard peer from "Bug" to "Feature Request".
Jan 13 2022, 11:19 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4025: OpenVPN server with TAP interface, client didn’t see network.
It generates by openvpn, maybe something new in the new OpenVPN version

So I see only one option - add  mode server-bridge
Jan 13 2022, 11:02 PM · Bugs, VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.1), Restricted Project, openvpn
Viacheslav committed rVYOSONEX6cdeb472d924: vrrp: T4182: Check if VRRP configured in op mode.
Jan 13 2022, 9:17 PM
Viacheslav assigned T4181: Firewall ipv6-network-group - incorrect description on helper  to fernando.
Jan 13 2022, 8:34 PM · VyOS 1.4 Sagitta
Viacheslav closed T4109: Extend high-availability/keepalived for support virtual-server lb as Resolved.
Jan 13 2022, 8:28 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4182: Show vrrp if vrrp not configured bug.
PR https://github.com/vyos/vyos-1x/pull/1166
Jan 13 2022, 8:20 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4182: Show vrrp if vrrp not configured bug from Open to In progress.
Jan 13 2022, 7:51 PM · VyOS 1.4 Sagitta
Viacheslav created T4182: Show vrrp if vrrp not configured bug.
Jan 13 2022, 7:42 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXf12d8b5a575f: strip-private: T4177: Fix for hiding private data token/url/bucket.
Jan 13 2022, 7:41 PM
Viacheslav changed the status of T4179: Add op-mode CLI for show high-availability virtual-server from Open to In progress.
Jan 13 2022, 7:15 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4179: Add op-mode CLI for show high-availability virtual-server.
PR https://github.com/vyos/vyos-1x/pull/1164
Jan 13 2022, 7:15 PM · VyOS 1.4 Sagitta
Viacheslav created T4179: Add op-mode CLI for show high-availability virtual-server.
Jan 13 2022, 1:42 PM · VyOS 1.4 Sagitta
Viacheslav closed T4110: [IPV6-SSH/DNS}  enable IPv6 link local adresses as listen-address %eth0 as Resolved.
Jan 13 2022, 1:26 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4177: Strip-private doesn't work for service monitoring.
PR https://github.com/vyos/vyos-1x/pull/1163
Jan 13 2022, 9:53 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav changed the status of T4177: Strip-private doesn't work for service monitoring from Open to In progress.
Jan 13 2022, 9:38 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav closed T4175: BGP configuration failed as Resolved.
T3741
Jan 13 2022, 9:18 AM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXf57eef6751a3: monitoring: T3872: Rewrite input filter custom_script.
Jan 13 2022, 7:20 AM
Viacheslav committed rVYOSONEX140adbe83445: monitoring: T3872: Add just required interfaces for ethtool.
Jan 13 2022, 7:20 AM
Viacheslav updated subscribers of T4177: Strip-private doesn't work for service monitoring.
Jan 13 2022, 1:17 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav created T4177: Strip-private doesn't work for service monitoring.
Jan 13 2022, 1:16 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav added a comment to T3872: Add configurable telegraf monitoring service.
PR https://github.com/vyos/vyos-1x/pull/1162
Jan 13 2022, 1:12 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Jan 12 2022
Viacheslav added a comment to T4175: BGP configuration failed.
Add neighbors to their proper afi:
Jan 12 2022, 7:43 PM · VyOS 1.4 Sagitta
Viacheslav moved T4161: Policy route-map - Incorrect value help for local preference from Open to Finished on the VyOS 1.4 Sagitta board.
Jan 12 2022, 7:40 PM · VyOS 1.4 Sagitta
Viacheslav moved T4162: VPN ipsec ike-group - Incorrect value help for ikev2-reauth from Open to Finished on the VyOS 1.4 Sagitta board.
Jan 12 2022, 7:39 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3872: Add configurable telegraf monitoring service.
    

  •  Incorrect custom scripts data if used tunX interfaces
      

    •  Allow inputs.ethtool only on Ethernet interfaces, by default it tries to get statistics from each interface, template
      • 

    • 




Jan 12 19:37:30 r11-roll telegraf[7703]: 2022-01-12T17:37:30Z E! [inputs.ethtool] Error in plugin: dum0 stats: operation not supported
Jan 12 19:37:30 r11-roll telegraf[7703]: 2022-01-12T17:37:30Z E! [inputs.ethtool] Error in plugin: gretap0 driver: operation not supported
Jan 12 19:37:30 r11-roll telegraf[7703]: 2022-01-12T17:37:30Z E! [inputs.ethtool] Error in plugin: gre0 driver: operation not supported
Jan 12 19:37:30 r11-roll telegraf[7703]: 2022-01-12T17:37:30Z E! [inputs.ethtool] Error in plugin: erspan0 driver: operation not supported
Jan 12 2022, 5:49 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav placed T3872: Add configurable telegraf monitoring service up for grabs.
Jan 12 2022, 5:25 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3872: Add configurable telegraf monitoring service.
Incorrect custom scripts data if used 'tun' interface

https://github.com/vyos/vyos-1x/blob/current/src/etc/telegraf/custom_scripts/show_interfaces_input_filter.py
Jan 12 2022, 5:25 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav moved T4152: NHRP shortcut-target holding-time does not work from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Jan 12 2022, 5:20 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4152: NHRP shortcut-target holding-time does not work as Resolved.
Jan 12 2022, 5:20 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4168: IPsec VPN is impossible to restart when DMVPN is configured as Resolved.
Jan 12 2022, 4:48 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav edited projects for T4168: IPsec VPN is impossible to restart when DMVPN is configured, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Jan 12 2022, 4:48 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T3872: Add configurable telegraf monitoring service from Open to Needs testing.
Jan 12 2022, 4:38 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4173: Wan Load Balancing - Error on firewall NAT rules from In progress to Needs testing.
Jan 12 2022, 4:38 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4173: Wan Load Balancing - Error on firewall NAT rules from Open to In progress.
Jan 12 2022, 4:37 PM · VyOS 1.4 Sagitta
Viacheslav moved T4152: NHRP shortcut-target holding-time does not work from Open to Finished on the VyOS 1.4 Sagitta board.
Jan 12 2022, 4:30 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4168: IPsec VPN is impossible to restart when DMVPN is configured from Open to In progress.
Jan 12 2022, 4:04 PM · VyOS 1.3 Equuleus ( 1.3.1)
First
Prev
Next