Page MenuHomeVyOS Platform
Feed Search

Search
Use Results
Hide Query

Feb 11 2022

Viacheslav added a project to T4237: Conntrack-sync error - error adding listen-address command: VyOS 1.4 Sagitta.
Feb 11 2022, 1:25 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav edited projects for T4237: Conntrack-sync error - error adding listen-address command, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Feb 11 2022, 1:25 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4237: Conntrack-sync error - error adding listen-address command.

PR https://github.com/vyos/vyos-1x/pull/1218

Feb 11 2022, 1:24 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T4237: Conntrack-sync error - error adding listen-address command from Open to In progress.
Feb 11 2022, 1:12 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav committed rVYOSONEX230ac0a202ac: openvpn: T3686: Fix for check local-address in script and tmpl.
Feb 11 2022, 6:18 AM
Viacheslav committed rVYOSONEX7f7be911b749: openvpn: T4236: Add generator for ovpn configurations in op-mode.
Feb 11 2022, 6:16 AM
Viacheslav committed rVYOSONEX19f65290529a: smoketest: T3872: Fix token check for monitoring test.
Feb 11 2022, 6:15 AM

Feb 10 2022

Viacheslav added a comment to T4236: Generate ovpn openvpn client configuration files.

PR https://github.com/vyos/vyos-1x/pull/1217

Feb 10 2022, 10:15 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4236: Generate ovpn openvpn client configuration files.
Feb 10 2022, 5:01 PM · VyOS 1.4 Sagitta
Viacheslav closed T4165: Custom conntrack rules cannot be deleted as Resolved.
Feb 10 2022, 3:54 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T3591: OpenVPN with/without VRF not working (NordVPN).

There is an example of a working configuration:

set interfaces openvpn vtun10 authentication password xxxxxx
set interfaces openvpn vtun10 authentication username xxxxxx
set interfaces openvpn vtun10 device-type 'tun'
set interfaces openvpn vtun10 encryption cipher 'aes256'
set interfaces openvpn vtun10 hash 'sha512'
set interfaces openvpn vtun10 mode 'client'
set interfaces openvpn vtun10 openvpn-option '--config /config/auth/nord/included_config.conf'
set interfaces openvpn vtun10 persistent-tunnel
set interfaces openvpn vtun10 protocol 'udp'
set interfaces openvpn vtun10 remote-host 'xxx.xxx.218.155'
set interfaces openvpn vtun10 remote-port '1194'
set interfaces openvpn vtun10 tls ca-cert-file xxxxxx
Feb 10 2022, 3:20 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4234: Show firewall partly broken in 1.3.x from Confirmed to Needs testing.
Feb 10 2022, 3:19 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T1925: DMVPN is always listed as down in "show vpn ipsec sa".

PR https://github.com/vyos/vyos-1x/pull/1133

Feb 10 2022, 12:11 PM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav triaged T4234: Show firewall partly broken in 1.3.x as High priority.
Feb 10 2022, 7:37 AM · VyOS 1.3 Equuleus ( 1.3.1)

Feb 9 2022

Viacheslav updated subscribers of T4236: Generate ovpn openvpn client configuration files.
Feb 9 2022, 5:45 PM · VyOS 1.4 Sagitta
Viacheslav created T4236: Generate ovpn openvpn client configuration files.
Feb 9 2022, 5:45 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3686: Bridging OpenVPN tap with no local-address breaks.

PR https://github.com/vyos/vyos-1x/pull/1214

Feb 9 2022, 4:19 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3686: Bridging OpenVPN tap with no local-address breaks.

@Scoopta I can't get your configuration, how does should work without the declaration source or remote address?
There is a template that generates OpenVPN site-to-site configuration https://github.com/vyos/vyos-1x/blob/9910020ae6ef37964c97bb28b6b1d84f8227650b/data/templates/openvpn/server.conf.tmpl#L143-L147

Feb 9 2022, 2:57 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3686: Bridging OpenVPN tap with no local-address breaks.

To reproduce in 1.4

set interfaces bridge br3 member interface vtun2
set interfaces openvpn vtun2 device-type 'tap'
set interfaces openvpn vtun2 mode 'site-to-site'
set interfaces openvpn vtun2 persistent-tunnel
set interfaces openvpn vtun2 shared-secret-key 'foo'
set pki openvpn shared-secret foo key '190696ff2244ca9ce8d5bef8718c58881fe8df8e3519c8bf6ede49108c97a5d9456db648d8c5ca953bb19d21978527a742497426313e614640d037ffffa4980be315e193727ebfb28f3725b779e2d3309ad6f8c939363f7fc14a0080c81e3faf4b053661c81c3003ddabeb87ac8611b81718956b7325f03978c74f502b39965f0d788b21b4370f6a625e3098f8d71ff3e653f50c54b424c511cba78871b38337237830a34266aa9558cd69c68ded89f7f0a82f94b5b87200c7ea05edb14a806e9e4998b00dc2895d976c0e506a6a06056745bca6ce1d2a5c95a51a1460e3080c7743eecbcee9d2c4f89d9e1b59f44484e43591f43bf713255b5de13ae8500620'
set pki openvpn shared-secret foo version '1'

Commit:

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/interfaces-openvpn.py", line 663, in <module>
    verify(c)
  File "/usr/libexec/vyos/conf_mode/interfaces-openvpn.py", line 228, in verify
    if len([addr for addr in openvpn['local_address'] if is_ipv4(addr)]) > 1:
KeyError: 'local_address'
Feb 9 2022, 1:50 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a project to T3686: Bridging OpenVPN tap with no local-address breaks: VyOS 1.4 Sagitta.
Feb 9 2022, 1:39 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T3686: Bridging OpenVPN tap with no local-address breaks from Open to In progress.
Feb 9 2022, 1:39 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T1317: OpenVPN configuration fails if it depends on another interface..

It can be fixed in thoses PR's:
https://github.com/vyos/vyos-1x/pull/1210
https://github.com/vyos/vyos-1x/pull/1211
T4230

Feb 9 2022, 12:33 PM · VyOS 1.3 Equuleus (1.3.9), test
Viacheslav committed rVYOSONEXa9047dbddf9b: monitoring: T3872: Add required telegraf version >=1.20.
Feb 9 2022, 6:40 AM
Viacheslav committed rVYOSONEXc3ba275a16a8: monitoring: T3872: Add CLI XML for configuration telegraf.
Feb 9 2022, 6:40 AM
Viacheslav committed rVYOSONEXb941267395e7: monitoring: T3872: Add tamplates for monitoring.
Feb 9 2022, 6:40 AM
Viacheslav committed rVYOSONEX12de127056fb: smoketest: T3872: Add smoketest for monitoring telegraf.
Feb 9 2022, 6:40 AM
Viacheslav committed rVYOSONEX10d67313d320: monitoring: T3872: Add new feature service monitoring telegraf.
Feb 9 2022, 6:40 AM

Feb 8 2022

Viacheslav committed rVYOSONEX20090e7df2cc: dhcp: T3600: Fix DHCP static table dhcp-interface route.
Feb 8 2022, 9:44 PM
Viacheslav committed rVYOSONEX4ddfe9b7e72e: monitoring: T3872: Add input filter for firewall InfluxDB2.
Feb 8 2022, 9:43 PM
Viacheslav changed the status of T4115: reboot in <x> not working as expected from Open to Confirmed.
Feb 8 2022, 6:08 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav reopened T4115: reboot in <x> not working as expected as "Open".

Issue not resolved, re-open

Feb 8 2022, 6:07 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T4215: Change the description of the "reboot in" command..

For example, I have 300 routers in different timezones and I want to reboot 50% of routers via 1441min and the other 50% via 2881min

Feb 8 2022, 6:06 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav updated the task description for T4234: Show firewall partly broken in 1.3.x.
Feb 8 2022, 5:16 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav updated the task description for T4234: Show firewall partly broken in 1.3.x.
Feb 8 2022, 5:15 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav updated the task description for T4234: Show firewall partly broken in 1.3.x.
Feb 8 2022, 5:14 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav renamed T4234: Show firewall partly broken in 1.3.x from Show firewall partly broken to Show firewall partly broken in 1.3.x.
Feb 8 2022, 5:06 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T4234: Show firewall partly broken in 1.3.x from Open to Confirmed.
Feb 8 2022, 5:06 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav created T4234: Show firewall partly broken in 1.3.x.
Feb 8 2022, 5:01 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav updated the task description for T3872: Add configurable telegraf monitoring service.
Feb 8 2022, 12:59 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3872: Add configurable telegraf monitoring service.

PR's for 1.3
https://github.com/vyos/vyos-build/pull/216
https://github.com/vyos/vyos-1x/pull/1212

Feb 8 2022, 12:47 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav claimed T3872: Add configurable telegraf monitoring service.
Feb 8 2022, 12:16 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4219: support incoming-interface (iif) in local PBR from Open to Needs testing.
Feb 8 2022, 11:06 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav added a comment to T4230: OpenVPN server configuration deleted after reboot when using a VRRP virtual-address.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1210
PR for 1.4 https://github.com/vyos/vyos-1x/pull/1211

Feb 8 2022, 10:51 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
Viacheslav edited projects for T4230: OpenVPN server configuration deleted after reboot when using a VRRP virtual-address, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Feb 8 2022, 10:22 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
Viacheslav changed the status of T4230: OpenVPN server configuration deleted after reboot when using a VRRP virtual-address from Confirmed to In progress.
Feb 8 2022, 10:11 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
Viacheslav changed the status of T4230: OpenVPN server configuration deleted after reboot when using a VRRP virtual-address from Open to Confirmed.
Feb 8 2022, 10:02 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
Viacheslav changed the subtype of T4230: OpenVPN server configuration deleted after reboot when using a VRRP virtual-address from "Task" to "Bug".
Feb 8 2022, 10:01 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
Viacheslav added a comment to T4230: OpenVPN server configuration deleted after reboot when using a VRRP virtual-address.

Ip address for openvpn is not yet assigned as a priority for OpenVPN less than for HA

460 interfaces/openvpn
800 high-availability

Anf we have checks if address assigned:

set interfaces ethernet eth0 address '10.1.12.1/24'
set high-availability vrrp group FOO interface 'eth0'
set high-availability vrrp group FOO no-preempt
set high-availability vrrp group FOO priority '150'
set high-availability vrrp group FOO rfc3768-compatibility
set high-availability vrrp group FOO virtual-address '203.0.113.1/24'
set high-availability vrrp group FOO vrid '10'
Feb 8 2022, 10:00 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
Viacheslav added a comment to T3872: Add configurable telegraf monitoring service.

PR ability to get nftables counters, telegraf input plugin https://github.com/vyos/vyos-1x/pull/1209

Feb 8 2022, 9:16 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Feb 7 2022

Viacheslav updated subscribers of T4203: Reconfigure DHCP client interface causes brief outages.
Feb 7 2022, 10:08 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3600: DHCP Interface static route breaks PBR.

PR https://github.com/vyos/vyos-1x/pull/1208

Feb 7 2022, 11:49 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T3600: DHCP Interface static route breaks PBR, a subtask of T3505: Commits do not respect changes in FRR that are not stored in a config, from Open to In progress.
Feb 7 2022, 11:20 AM · VyOS 1.4 Sagitta (1.4.0-GA)
Viacheslav changed the status of T3600: DHCP Interface static route breaks PBR from Open to In progress.
Feb 7 2022, 11:20 AM · VyOS 1.4 Sagitta
Viacheslav closed T4087: IPsec IKE-group proposals limit of 10 pieces as Resolved.
Feb 7 2022, 10:28 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav moved T4087: IPsec IKE-group proposals limit of 10 pieces from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Feb 7 2022, 10:28 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav edited projects for T4087: IPsec IKE-group proposals limit of 10 pieces , added: VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.4 Sagitta, VyOS 1.3 Equuleus.
Feb 7 2022, 10:27 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav assigned T4231: Feature Request: ocserv: 2FA (password+OTP) support in Openconnect to Unknown Object (User).
Feb 7 2022, 10:11 AM · VyOS 1.4 Sagitta
Viacheslav assigned T4154: Error add second gre tunnel with the same source interface to c-po.
Feb 7 2022, 10:09 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the subtype of T4229: Add xdp-tools to build from "Task" to "Feature Request".
Feb 7 2022, 9:58 AM · VyOS 1.4 Sagitta

Feb 5 2022

Viacheslav committed rVYOSONEXd331da994906: monitoring: T3872: Fix template input plugin for running services.
Feb 5 2022, 6:58 PM
Viacheslav committed rVYOSONEX5444eeda0fab: policy: T4151: Delete unexpected print added in commit c501ae0f.
Feb 5 2022, 6:58 PM
Viacheslav committed rVYOSONEX6a487c62e107: firewall-bridge: T4193: Add op-mode for firewall policy.
Feb 5 2022, 6:58 PM

Feb 4 2022

Viacheslav assigned T4163: [BMP-BGP] Routing monitoring feature to fernando.
Feb 4 2022, 6:15 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav added a comment to T4214: [DHCP] static route dhcp-interface issues.

@aohanian I got it, thanks, so it doesn't delete the previous route in one commit
it can be archived with 2 commits

configure
delete protocols static route 1.1.1.1/32 dhcp-interface eth4
commit
set protocols static route 1.1.1.1/32 dhcp-interface eth5
commit
Feb 4 2022, 4:54 PM · VyOS 1.5 Circinus, VyOS Rolling
Viacheslav added a comment to T4214: [DHCP] static route dhcp-interface issues.

@fernando What do you want to see it that case?
In the our CLI DHCP-route can be as a single value now:

set protocols static route 192.0.2.192/32 dhcp-interface 'eth0'
set protocols static route 192.0.2.192/32 dhcp-interface 'eth2'

I.e. the first route will be replaced with the second route in CLI.
So if I understand correctly you expect that this route will be also replaced an in the FRR?

Feb 4 2022, 1:51 PM · VyOS 1.5 Circinus, VyOS Rolling
Viacheslav moved T4196: DHCP server client-prefix-length parameter results in non-functional leases from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Feb 4 2022, 1:38 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav closed T4196: DHCP server client-prefix-length parameter results in non-functional leases as Resolved.
Feb 4 2022, 1:38 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T2654: Multiple names unable to be assigned to the same static mapping.

For 1.4 this feature was added in T2683

Feb 4 2022, 1:18 PM · VyOS 1.3 Equuleus (1.3.2)
Viacheslav closed T2557: clear interfaces <type> <interface> counters has no effect as Not Applicable.

Fixed in 1.3

vyos@r4:~$ show interfaces counters 
Interface    Rx Packets   Rx Bytes     Tx Packets   Tx Bytes
dum0                  0          0              0          0
eth0                126       9952             76      10316
eth1                  4        280              5        523
eth2                 37       1924              0          0
lo                    6        300              6        300
vyos@r4:~$ 
vyos@r4:~$ clear interfaces ethernet eth1 counters 
Clearing eth1
vyos@r4:~$ show interfaces counters 
Interface    Rx Packets   Rx Bytes     Tx Packets   Tx Bytes
dum0                  0          0              0          0
eth0                182      14550            108      14340
eth1                  0          0              0          0
eth2                 42       2184              0          0
lo                    6        300              6        300
vyos@r4:~$
Feb 4 2022, 1:11 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a subtask for T4085: Rewrite L2TP/PPTP/SSTP/PPPoE services to get_config_dict: T2580: Support for ip pools for ippoe.
Feb 4 2022, 12:32 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav added a parent task for T2580: Support for ip pools for ippoe: T4085: Rewrite L2TP/PPTP/SSTP/PPPoE services to get_config_dict.
Feb 4 2022, 12:32 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav added a comment to T4165: Custom conntrack rules cannot be deleted.

PR https://github.com/vyos/vyatta-conntrack/pull/7

Feb 4 2022, 11:08 AM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav edited projects for T4165: Custom conntrack rules cannot be deleted, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Feb 4 2022, 10:46 AM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T4165: Custom conntrack rules cannot be deleted from Open to In progress.
Feb 4 2022, 10:43 AM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T3420: Support UPNP protocol from In progress to Needs testing.

@jack9603301 Could you test it, also create a pr for the documentation?

Feb 4 2022, 9:11 AM
Viacheslav added a comment to T4151: IPV6 local PBR Support.

PR https://github.com/vyos/vyos-1x/pull/1207

Feb 4 2022, 8:50 AM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta

Feb 3 2022

Viacheslav closed T3643: show vpn ipsec sa doesn't show tunnels in "down" state, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, as Resolved.
Feb 3 2022, 5:35 PM · VyOS 1.4 Sagitta
Viacheslav closed T3643: show vpn ipsec sa doesn't show tunnels in "down" state as Resolved.
Feb 3 2022, 5:35 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T4193: Add support for transparent firewall.

PR for op-mode https://github.com/vyos/vyos-1x/pull/1204

Feb 3 2022, 4:11 PM · VyOS 1.4 Sagitta

Feb 2 2022

Viacheslav added a comment to T3872: Add configurable telegraf monitoring service.

PR https://github.com/vyos/vyos-1x/pull/1200
Fix for telegraf template/scripts for services.

Feb 2 2022, 6:14 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4194: prefix-list no check for duplicate entries from Open to Needs testing.
Feb 2 2022, 4:59 PM · VyOS 1.4 Sagitta

Feb 1 2022

Viacheslav closed T4138: NAT configuration allows to set incorrect port range and invalid port as Resolved.
Feb 1 2022, 9:31 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4222: Support for TWAMP as round-trip metric.

Is there any Linux implementation?

Feb 1 2022, 9:04 AM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta

Jan 28 2022

Viacheslav closed T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses as Resolved.
Jan 28 2022, 5:31 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4198: Error shown on commit.

@adestis https://github.com/vyos/vyatta-config-mgmt/tree/equuleus

Jan 28 2022, 4:56 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T4215: Change the description of the "reboot in" command..

Why is it 1-99?
If I want to reboot the router in 1500 min?

Jan 28 2022, 10:25 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Jan 27 2022

Viacheslav committed rVYOSONEX4a2413fdfbaa: interfaces: T4193: Ability to use transparent firewall on br.
Jan 27 2022, 2:34 PM
Viacheslav committed rVYOSONEX5dafe255d6e9: policy: T4194: Add prefix-list duplication checks.
Jan 27 2022, 2:11 PM
Viacheslav changed the status of T4138: NAT configuration allows to set incorrect port range and invalid port from In progress to Needs testing.
Jan 27 2022, 2:00 PM · VyOS 1.4 Sagitta

Jan 26 2022

Viacheslav committed rVYOSONEX1d65ce9558b7: nat: T4138: Add port-range validation for NAT.
Jan 26 2022, 7:48 PM
Viacheslav added a comment to T4151: IPV6 local PBR Support.

Incorrect behavior with multiple commits
Configuration:

set policy local-route rule 10 set table '101'
set policy local-route rule 10 source '192.0.2.1'
set policy local-route rule 10 source '192.0.2.2'
commit
set policy local-route rule 10 destination '203.0.113.25'
commit

Expected rules:

10:	from 192.0.2.1 to 203.0.113.25 lookup 101
10:	from 192.0.2.2 to 203.0.113.25 lookup 101

Getting rules:

10:	from 192.0.2.2 lookup 101
10:	from 192.0.2.1 to 203.0.113.25 lookup 101
10:	from 192.0.2.2 to 203.0.113.25 lookup 101
Jan 26 2022, 5:41 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta

Jan 25 2022

Viacheslav added a comment to T4210: NAT source/destination negated ports throws an error.

Is it the same task T4138 ?

Jan 25 2022, 8:43 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4138: NAT configuration allows to set incorrect port range and invalid port.

PR https://github.com/vyos/vyos-1x/pull/1191

Jan 25 2022, 7:16 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4138: NAT configuration allows to set incorrect port range and invalid port from Open to In progress.
Jan 25 2022, 7:06 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXceb52d57e965: monitoring: T3872: Delete iptables input plugin as we use nft.
Jan 25 2022, 6:40 PM
Viacheslav changed the status of T4196: DHCP server client-prefix-length parameter results in non-functional leases from In progress to Needs testing.
Jan 25 2022, 4:31 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4194: prefix-list no check for duplicate entries.

PR https://github.com/vyos/vyos-1x/pull/1190

set policy prefix-list TST_PRF_LST rule 10 action 'permit'
set policy prefix-list TST_PRF_LST rule 10 prefix '10.5.5.0/24'
set policy prefix-list TST_PRF_LST rule 20 action 'permit'
set policy prefix-list TST_PRF_LST rule 20 prefix '10.6.6.0/24'
set policy prefix-list TST_PRF_LST rule 30 action 'permit'
set policy prefix-list TST_PRF_LST rule 30 prefix '10.6.6.0/24'
Jan 25 2022, 4:25 PM · VyOS 1.4 Sagitta
Viacheslav assigned T4209: Firewall incorrect handler for recent count and time to sarthurdev.
Jan 25 2022, 2:07 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4209: Firewall incorrect handler for recent count and time.
Jan 25 2022, 11:51 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4209: Firewall incorrect handler for recent count and time.
Jan 25 2022, 11:50 AM · VyOS 1.4 Sagitta
First
Prev
Next