- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Jun 15 2022
Jun 15 2022
Viacheslav closed T513: Docs for devs: How to use Python, XML et al instead of Bash and Perl for VyOS configuration as Not Applicable.
Viacheslav closed T515: Complete the documentation on the suggested Python / XML config framework as Not Applicable.
Viacheslav closed T514: Concentration and streamlining of Python / XML config framework documentation as Not Applicable.
Viacheslav closed T1890: Metatask: rewrite flow-accounting to XML and Python, a subtask of T3355: Remove all remaining legacy Vyatta code, as Resolved.
Jun 14 2022
Jun 14 2022
Viacheslav moved T4380: Feature Request: ocserv: 2FA OTP key generator in VyOS CLI from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T4420: Feature Request: ocserv: show configured 2FA OTP key from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a project to T4420: Feature Request: ocserv: show configured 2FA OTP key: VyOS 1.4 Sagitta.
Jun 13 2022
Jun 13 2022
PR https://github.com/vyos/vyos-1x/pull/1358
set protocols failover route 203.0.113.1/32 next-hop 192.168.100.1 check target '192.168.100.1' set protocols failover route 203.0.113.1/32 next-hop 192.168.100.1 check timeout '10' set protocols failover route 203.0.113.1/32 next-hop 192.168.100.1 check type 'icmp' set protocols failover route 203.0.113.1/32 next-hop 192.168.100.1 interface 'eth1' set protocols failover route 203.0.113.1/32 next-hop 192.168.100.1 metric '2'
Jun 10 2022
Jun 10 2022
Fix Regex for addresses and python ckecks https://github.com/vyos/vyos-1x/pull/1354
- Some domains can't be added, for example dns.google
vyos@r12# set firewall group domain-group DOMAINS address dns.google
Fix smoketest https://github.com/vyos/vyos-1x/pull/1352
Jun 9 2022
Jun 9 2022
Viacheslav closed T2580: Support for ip pools for ippoe, a subtask of T4085: Rewrite L2TP/PPTP/SSTP/PPPoE services to get_config_dict, as Resolved.
Viacheslav lowered the priority of T970: Support matching domain name in firewall rules from High to Normal.
Viacheslav changed the status of T970: Support matching domain name in firewall rules from In progress to Needs testing.
Viacheslav changed the status of T4028: FRR 8.1 routes not being applied to routing table after reboot if an interface has 2 ip addresses from Open to Needs testing.
From provided log syntax error in config string 6
‘holding-time 300’
Jun 8 2022
Jun 8 2022
Viacheslav committed rVYOSONEX06c0d2f2f9f4: event-handler: T3083: Extended event-handler features (authored by zsdc).
Jun 6 2022
Jun 6 2022
Viacheslav added a comment to T4457: L2TP/IPSec Remote Access VPN does not work as expected in 1.3.1-S1.
Don't have any issues with Ubuntu
set interfaces dummy dum0 address '192.0.2.1/32' set interfaces dummy dum4 address '203.0.113.1/24' set interfaces ethernet eth0 address '192.168.122.11/24' set interfaces ethernet eth0 description 'WAN' set vpn ipsec ipsec-interfaces interface 'eth0' set vpn l2tp remote-access authentication local-users username test password 'test' set vpn l2tp remote-access authentication mode 'local' set vpn l2tp remote-access client-ip-pool start '192.168.255.2' set vpn l2tp remote-access client-ip-pool stop '192.168.255.254' set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret' set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret 'secret' set vpn l2tp remote-access outside-address '192.0.2.1'
Jun 5 2022
Jun 5 2022
Viacheslav renamed T1237: Static Route Path Monitoring, failover from Static Route Path Monitoring to Static Route Path Monitoring, failover.
I once made XML, it might come in handy
Jun 3 2022
Jun 3 2022
Jun 2 2022
Jun 2 2022
PR https://github.com/vyos/vyos-build/pull/240
disable owamp|twamp.service by default
Viacheslav changed the status of T4222: Support for TWAMP as round-trip metric from Open to Needs testing.
@SrividyaA will be present in the next rolling release
Viacheslav added a comment to T4387: Create additional smoketests for multiwan PBR & load-balanced configurations .
PR for the current https://github.com/vyos/vyos-1x/pull/1346
In T973#124168, @superq wrote:I wouldn't call telegraf a very good option. It does a very bad job of producing Prometheus metrics.
For Debian11 requires pkg "libpam-tacplus" that is not available https://github.com/kravietz/pam_tacplus/issues/180
Prometheus-client already in 1.4
https://docs.vyos.io/en/latest/configuration/service/monitoring.html#prometheus-client
Jun 1 2022
Jun 1 2022
May 30 2022
May 30 2022
May 29 2022
May 29 2022
Reset added in T4442
Viacheslav moved T2580: Support for ip pools for ippoe from Backport Candidates to Finished on the VyOS 1.4 Sagitta board.
Viacheslav edited projects for T2580: Support for ip pools for ippoe, added: VyOS 1.3 Equuleus (1.3.2); removed VyOS 1.3 Equuleus (1.3.0).
May 28 2022
May 28 2022
@fernando Could you try to set sysctl mark?
sysctl -w net.ipv4.conf.eth0.src_valid_mark=1 sysctl -w net.ipv4.conf.eth1.src_valid_mark=1
PR https://github.com/vyos/vyos-1x/pull/1340
set service event-handler event first filter pattern '.*ssh2.*' set service event-handler event first script arguments '192.0.2.5' set service event-handler event first script environment interface value 'eth0' set service event-handler event first script path '/config/scripts/hello.sh'
Viacheslav added a comment to T2218: Add support for the peeringdb module in salt (upgrade salt-minion to 2019.2).
The current salt-minion version 3003.4+ds-1
@maznu Do we need anything else for it?
May 26 2022
May 26 2022
Viacheslav moved T4442: HTTP API add action "reset" from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.2) board.
Some debug info:
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1335
May 25 2022
May 25 2022
Viacheslav moved T2763: New SNMP resource request - SNMP over TCP from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav closed T2194: "show firewall" garbled output, a subtask of T2199: Rewrite firewall in new XML/Python style, as Resolved.
May 20 2022
May 20 2022
Viacheslav renamed T4435: Policy route and firewall - error when using undefined group from Policy route without definded port-group erros to Policy route without defined port-group error.
Viacheslav reopened T3522: policy based routing not working, a subtask of T3505: Commits do not respect changes in FRR that are not stored in a config, as Open.
Viacheslav closed T3522: policy based routing not working, a subtask of T3505: Commits do not respect changes in FRR that are not stored in a config, as Resolved.
Viacheslav added a comment to T4431: route-map with match ip + ipv6 in same rule results in no advertisement of either.
FRR match always mean logical AND
In T4350#123620, @c-po wrote:Is the fix for DMVPN hub or spoke?
May 19 2022
May 19 2022
Viacheslav added a comment to T3933: The firewall does not filter incoming traffic on the interface with vrf..
There is an issue with vrf device for LOCAL direction
Imagine if you have 50 interfaces in one VRF and you want to drop all traffic from one interface for example - eth2 and don't touch other interfaces
You set firewall on eth2 Local - drop all traffic for device vrf and it will be affected to another 49 interfaces as iifname VRF_DEVICE the same
May 19 2022, 9:49 PM · Bugs, VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-GA), Restricted Project
Viacheslav added a comment to T3933: The firewall does not filter incoming traffic on the interface with vrf..
PR https://github.com/vyos/vyos-1x/pull/1330
set firewall name FOO default-action 'accept' set firewall name FOO description 'desc' set firewall name FOO rule 10 action 'drop' set firewall name FOO rule 10 source address '8.8.8.8' set interfaces ethernet eth0 firewall local name 'FOO' set interfaces ethernet eth0 vrf 'ONE' set vrf name ONE table '150'
Check:
table ip filter {
chain VYOS_FW_LOCAL {
type filter hook input priority filter; policy accept;
iifname "ONE" counter packets 63 bytes 6024 jump NAME_FOO
jump VYOS_POST_FW
}
...
chain NAME_FOO {
ip saddr 8.8.8.8 counter packets 79 bytes 6636 drop comment "FOO-10"
counter packets 3 bytes 984 return comment "FOO default-action accept"
}
}May 19 2022, 6:33 PM · Bugs, VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-GA), Restricted Project
Viacheslav changed the status of T2194: "show firewall" garbled output, a subtask of T2199: Rewrite firewall in new XML/Python style, from Open to Needs testing.
@jjakob could you re-check it with new fix?
May 18 2022
May 18 2022
Viacheslav changed the status of T4430: Show firewall output with visual shift default rule from Open to In progress.
May 17 2022
May 17 2022
Viacheslav updated the task description for T4429: Ability to detect external IP address from op-mode.