- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Sep 6 2022
Changes for the inversion operator (--not-range instead of !) have been made. Generalizing exit codes, as suggested in PR comments will be handled in a separate task.
The PR:
The [email protected] seems to work well after the fix. We should backport this to the equuleus as well.
As we have threshold it seems require migration threshold => threshold general
vyos@r14# set service ids ddos-protection threshold Possible completions: fps Flows per second mbps Megabits per second pps Packets per second
Sep 5 2022
PR https://github.com/vyos/vyos-1x/pull/1521
set system update-check auto-check set system update-check url 'http://192.168.122.14:8080/download/image-version.json'
PR for VyOS 1.3
When the interface of the bridge registers VLANs, the bridge itself must register the same VLANs at the same time, otherwise the bridge will not forward VLANs
Resolved in T4664: merged in Sagitta; backport candidate for Equuleus 1.3.3.
vyos@vyos:~$ sudo bridge -c vlan show
port vlan-id
eth0 10
20
eth1 10
20
br0 1 PVID Egress UntaggedThe smoketest seems suspect, the error line has nothing to do with this issue and running the smoketest several times results in tests passing/failing arbitrarily on that line (across multiple tests).
It seems can't pass smoketest
05:47:04 DEBUG - ====================================================================== 05:47:04 DEBUG - FAIL: test_add_multiple_ip_addresses (__main__.BondingInterfaceTest) 05:47:04 DEBUG - ---------------------------------------------------------------------- 05:47:04 DEBUG - Traceback (most recent call last): 05:47:04 DEBUG - File "/usr/libexec/vyos/tests/smoke/cli/base_interfaces_test.py", line 109, in tearDown 05:47:04 DEBUG - self.assertFalse(process_named_running(daemon)) 05:47:04 DEBUG - AssertionError: 8769 is not false 05:47:04 DEBUG - 05:47:04 DEBUG - ------------------
Sep 4 2022
PR for VyOS 1.3 https://github.com/vyos/vyos-1x/pull/1519
Sep 3 2022
PR for 1.3 https://github.com/vyos/vyos-build/pull/260
Initial draft; suggested changes and testing to follow:
In T3900#133375, @Viacheslav wrote:Regarding interface groups it will be possible later, after firewall re-design
Sep 2 2022
In case anyone comes across this bug report, I submitted a couple PRs to fix this earlier this year: https://phabricator.vyos.net/T4245
I've submitted a PR to reintroduce the patch: https://github.com/vyos/vyos-build/pull/259
@daryll-swer For your use case, you can use your tables/chains (not standard names like RAW/MANGLE INPUT/OUTPUT etc.), that won't be cleared by the VyOS firewall CLI
nft add table MYRAW
nft -- add chain ip MYRAW my_chain '{ type filter hook prerouting priority raw; policy accept; }'
nft add rule ip MYRAW my_chain ip saddr 192.0.2.5 counter dropIn case of filtering on a VRF, would it be an idea to use the MAC address instead of the interface name in the rule?
Has there been any updates on this? @Viacheslav, it would be great to have this functionality on VyOS.
An example of dict that we can use
{
"images": {
"rolling": {
"latest": {
"arch": "amd64",
"flavors": ["azure"],
"image": "vyos-rolling-latest.iso",
"latest": True,
"lts": False,
"release_date": "2022-09-02",
"release_train": "sagitta",
"version": "1.4-rolling-202209020217"
},
"1.4-rolling-202209020217": {
"arch": "amd64",
"flavors": ["generic"],
"image": "vyos-1.4-rolling-202209020217-amd64.iso",
"latest": True,
"lts": False,
"release_date": "2022-09-02",
"release_train": "sagitta",
"version": "1.4-rolling-202209020217"
},
"1.4-rolling-202208291850": {
"arch": "amd64",
"flavors": ["openstack"],
"image": "vyos-1.4-rolling-202208291850-amd64.iso",
"latest": False,
"lts": False,
"release_date": "2022-08-29",
"release_train": "sagitta",
"version": "1.4-rolling-20220829850"
}
},
"lts": {
"latest": {
"arch": "amd64",
"flavors": ["generic"],
"image": "vyos-1.3-x.iso",
"latest": True,
"lts": True,
"release_date": "2022-xx-xx",
"release_train": "equuleus",
"version": "1.3-stable-202208230511"
}
}
}
}I will modify the docs.
Could be a part of T4118
Sep 1 2022
1.3 is not affected by this bug
This will be resolved by the PR in T4664.
I do see I need to update the docs. Will do if this change is going to be merged.
Need an advice guys, how we can reproduce the problem. I tried to peer with bird and announced 100k prefixes to the vyos box, but this simple config did not cause memory leak with bgpd. Still trying
I also notice looking at the backup after another reboot:
I hate to drag up an old ticket, but I've just encountered this issue.
A freshly built VyOS 1.3-rolling-202209010158
Aug 31 2022
A similar task T3541 I'll leave a link here
Maybe I'm wrong, I see it as some small API (on some hosts) without links to the images but with information about images (in JSON).
We compare our local VyOS version and the version that we get from API, if diff => true send a message to the "wall"
Smoketest can't pass policy route
Fix https://github.com/vyos/vyos-1x/pull/1512