Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Sep 21 2022

c-po committed rVYOSONEX52ab8172f9cf: dhcpv6-pd: T2821: bugfix Jinja2 template - missing conditional if.
Sep 21 2022, 5:31 PM
c-po closed T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node, a subtask of T4678: Rewrite service ipoe-server to get_config_dict, as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po closed T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po updated the task description for T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po closed T4678: Rewrite service ipoe-server to get_config_dict as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX05df2a5f021f: ipoe: T4678: T4703: rewrite to get_config_dict().
Sep 21 2022, 4:47 PM
sarthurdev added a comment to T4706: NAT and NAT66 issues.

Included a fix for this in NAT refactor: https://github.com/vyos/vyos-1x/pull/1552

Sep 21 2022, 4:12 PM · VyOS 1.4 Sagitta
sarthurdev added a comment to T4605: Firewall change default table names.

PR for NAT included with refactor: https://github.com/vyos/vyos-1x/pull/1552

Sep 21 2022, 4:12 PM · VyOS 1.4 Sagitta
c-po added a subtask for T4678: Rewrite service ipoe-server to get_config_dict: T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
c-po added a parent task for T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node: T4678: Rewrite service ipoe-server to get_config_dict.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
c-po changed the status of T4678: Rewrite service ipoe-server to get_config_dict from Open to In progress.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
Netboy3 added a comment to T4706: NAT and NAT66 issues.

@jack9603301, your PR solves the NAT66 issue - thank you. However, the change you made to nat.py to try to solve the NAT44 issue is not complete and seem to also require a template change. I'll post additional details in the PR.

Sep 21 2022, 2:33 PM · VyOS 1.4 Sagitta
c-po claimed T4678: Rewrite service ipoe-server to get_config_dict.
Sep 21 2022, 2:28 PM · VyOS 1.4 Sagitta
narey83 created T4708: 'show nat destination rules' throwing an error.
Sep 21 2022, 12:51 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4699: Firewall - Add jump action - Add return action.

Since jump action was added, It would be good to also add "return" action

Sep 21 2022, 12:39 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

PR: https://github.com/vyos/vyos-1x/pull/1550

Sep 21 2022, 12:39 PM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4707: Enable OSPF segment routing.

Initial PR here, https://github.com/vyos/vyos-1x/pull/1551.

Sep 21 2022, 12:33 AM · VyOS 1.4 Sagitta

Sep 20 2022

Cheeze_It changed the status of T4707: Enable OSPF segment routing from Open to In progress.
Sep 20 2022, 11:42 PM · VyOS 1.4 Sagitta
Cheeze_It created T4707: Enable OSPF segment routing.
Sep 20 2022, 11:42 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX87d54b805f6f: xml: firewall: T2199: improve interface help string.
Sep 20 2022, 8:52 PM
c-po committed rVYOSONEX9ad4cb12ebfc: xml: ipsec: T1210: add valueHelp and constraint for remote-access connection….
Sep 20 2022, 6:43 PM
c-po committed rVYOSONEXbd2fc1900bfc: xml: ipsec: T3093: add valueHelp and constraint for profile name.
Sep 20 2022, 6:43 PM
c-po committed rVYOSONEX2eb0ddc54ea8: ipsec: T4118: bugfix migration of IKEv2 road-warrior "id" CLI option.
Sep 20 2022, 6:43 PM
Cheeze_It closed T4693: ISIS segment routing was broken... as Resolved.
Sep 20 2022, 5:38 PM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

It seems we have working ISIS segment routing:

Sep 20 2022, 5:32 PM · VyOS 1.4 Sagitta
Cheeze_It triaged T4693: ISIS segment routing was broken... as Normal priority.
Sep 20 2022, 4:25 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

@Netboy3 Let me modify the template to support

Sep 20 2022, 7:26 AM · VyOS 1.4 Sagitta

Sep 19 2022

Viacheslav added a project to T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt: VyOS 1.4 Sagitta.
Sep 19 2022, 10:57 PM · VyOS 1.4 Sagitta
Netboy3 added a comment to T4706: NAT and NAT66 issues.

Why would you enforce an address? It is perfectly OK to have port-only DNAT66 without any destination address such as:
nft add rule ip6 nat PREROUTING iifname eth1 counter tcp dport 443 dnat to :3000
Problem is that the test logic breaks on this and spits out a wrong statement to NFT that barfs on it.

Sep 19 2022, 8:55 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

Maybe we should add check to NAT66 to enforce the given address

Sep 19 2022, 7:32 PM · VyOS 1.4 Sagitta
n.fort changed the status of T4706: NAT and NAT66 issues from Open to Confirmed.
Sep 19 2022, 6:34 PM · VyOS 1.4 Sagitta
n.fort claimed T4706: NAT and NAT66 issues.
Sep 19 2022, 6:34 PM · VyOS 1.4 Sagitta
n.fort created T4706: NAT and NAT66 issues.
Sep 19 2022, 6:33 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEXe9c233d65cff: ipsec: T4118: bugfix config migrator 9-to-10.
Sep 19 2022, 6:30 PM
n.fort changed the status of T4699: Firewall - Add jump action - Add return action from In progress to Needs testing.
Sep 19 2022, 11:02 AM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX842d79f986c2: smoketest: T4118: Fix smoketest for NHRP.
Sep 19 2022, 10:14 AM
GitHub <noreply@github.com> committed rVYOSONEXfdfe3dabcbff: Merge pull request #1549 from sever-sever/T4118-smoketest (authored by c-po).
Sep 19 2022, 10:14 AM
mike-pisman created T4705: Add Thunderbolt networking and interfaces supported in the config environment.
Sep 19 2022, 3:30 AM · VyOS Rolling

Sep 18 2022

jmarmorato added a comment to T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic.

@n.fort Maybe set firewall name <name> rule <rule> ipsec match-gre? This feels a bit hacky though... Almost like match should be its own block and contain ipsec, none, or gre

Sep 18 2022, 10:06 PM · VyOS 1.4 Sagitta (1.4.0-GA)
Cheeze_It committed rVYOSONEX6ce3b50be62a: Update protocols_isis.py.
Sep 18 2022, 7:35 PM
GitHub <noreply@github.com> committed rVYOSONEX877047b9d36f: Merge pull request #1543 from Cheeze-It/current (authored by c-po).
Sep 18 2022, 7:35 PM
roedie claimed T4639: Crowdsec in VyOS (Blocking only).
Sep 18 2022, 5:57 PM · VyOS Rolling
danhusan closed T3155: ospfv3 mtu-ignore not working on ethernet vifs as Resolved.
Sep 18 2022, 4:41 PM · VyOS 1.2 Crux

Sep 17 2022

roedie moved T4526: keepalived-fifo.py unable to load config from Open to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:34 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie moved T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 from Open to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:31 PM · VyOS 1.4 Sagitta
roedie closed T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 as Resolved.

It works for me (tm)

Sep 17 2022, 8:30 PM · VyOS 1.4 Sagitta
n.fort committed rVYOSONEX99155150df9c: T4699: Firewall: Add jump action in firewall rulest.
Sep 17 2022, 7:16 PM
GitHub <noreply@github.com> committed rVYOSONEXdcf755594d3c: Merge pull request #1546 from nicolas-fort/fwall-jump (authored by c-po).
Sep 17 2022, 7:16 PM
c-po closed T4666: EAP-TLS no longer allows TLSv1.0 after T4537, T4584 as Resolved.
Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta, wpa
c-po moved T4702: Wireguard peers configuration is not synchronized with CLI from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.
Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po added a comment to T4702: Wireguard peers configuration is not synchronized with CLI.

PR for VyOS 1.3.3 https://github.com/vyos/vyos-1x/pull/1548

Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po moved T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node from Open to In Progress on the VyOS 1.4 Sagitta board.
Sep 17 2022, 6:41 PM · VyOS 1.4 Sagitta
c-po moved T4702: Wireguard peers configuration is not synchronized with CLI from Open to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po edited a custom field on T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po changed the status of T4702: Wireguard peers configuration is not synchronized with CLI from Confirmed to Needs testing.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po committed rVYOSONEXa4feb96af9ac: wireguard: T4702: actively revoke peer if it gets disabled.
Sep 17 2022, 6:38 PM
c-po edited projects for T4702: Wireguard peers configuration is not synchronized with CLI, added: VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus.
Sep 17 2022, 5:53 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
jack9603301 added a comment to T4689: Support RFS(Receive Flow Steering).

PR: https://github.com/vyos/vyos-1x/pull/1542

Sep 17 2022, 12:27 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX1fe8d3b4b924: smoketest: accel-ppp: revise base class to reduce amout of redundant code.
Sep 17 2022, 8:16 AM
c-po claimed T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 17 2022, 7:41 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po committed rVYOSONEX1e4a249f0c56: pppoe-server: T4703: combine vlan-id and vlan-range into single CLI node.
Sep 17 2022, 6:20 AM

Sep 16 2022

aalmenar created T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt.
Sep 16 2022, 8:35 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEXbd81d5e8d0fc: firewall: T2199: enable "auto-merge" on sets.
Sep 16 2022, 7:55 PM
c-po changed the status of T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node from Open to In progress.
Sep 16 2022, 7:31 PM · VyOS 1.4 Sagitta
c-po created T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node.
Sep 16 2022, 7:31 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4118: IPsec syntax overhaul from In progress to Needs testing.
Sep 16 2022, 6:04 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXbd4588827b56: ipsec: T4118: Change vpn ipsec syntax for IKE ESP and peer.
Sep 16 2022, 5:16 PM
GitHub <noreply@github.com> committed rVYOSONEX748dab43b87c: Merge pull request #1463 from sever-sever/T4118 (authored by dmbaturin).
Sep 16 2022, 5:16 PM
n.fort added a comment to T4699: Firewall - Add jump action - Add return action.

PR https://github.com/vyos/vyos-1x/pull/1546

Sep 16 2022, 5:11 PM · VyOS 1.4 Sagitta
danhusan awarded T4702: Wireguard peers configuration is not synchronized with CLI a Love token.
Sep 16 2022, 5:05 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav added a comment to T4557: fastnetmon: allow configure limits per protocol (tcp, udp, icmp).

PR https://github.com/vyos/vyos-1x/pull/1545
PR https://github.com/vyos/vyatta-cfg-system/pull/185

set service ids ddos-protection direction 'in'
set service ids ddos-protection listen-interface 'eth1'
set service ids ddos-protection mode mirror
set service ids ddos-protection threshold general fps '1000'
set service ids ddos-protection threshold general mbps '200'
set service ids ddos-protection threshold general pps '150000'
set service ids ddos-protection threshold tcp fps '25'
set service ids ddos-protection threshold tcp mbps '55'
set service ids ddos-protection threshold tcp pps '155'
set service ids ddos-protection threshold udp fps '100'
set service ids ddos-protection threshold udp mbps '100'
set service ids ddos-protection threshold udp pps '100'
set service ids ddos-protection threshold icmp fps '200'
set service ids ddos-protection threshold icmp mbps '210'
set service ids ddos-protection threshold icmp pps '2040'

Expected fastnermon config entries:

# General threshold
ban_for_flows = on
threshold_flows = 1000
ban_for_bandwidth = on
threshold_mbps = 200
ban_for_pps = on
threshold_pps = 150000
Sep 16 2022, 4:31 PM · VyOS 1.4 Sagitta
zsdc raised the priority of T4702: Wireguard peers configuration is not synchronized with CLI from Normal to High.
Sep 16 2022, 3:19 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
zsdc renamed T4702: Wireguard peers configuration is not synchronized with CLI from A `disable` option does not work for Wireguard peers to Wireguard peers configuration is not synchronized with CLI.
Sep 16 2022, 1:01 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
zsdc created T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 16 2022, 12:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav changed the status of T4118: IPsec syntax overhaul from Open to In progress.
Sep 16 2022, 12:24 PM · VyOS 1.4 Sagitta
n.fort changed the status of T4701: Firewall - Implement global option to use one single general chian from Open to In progress.
Sep 16 2022, 10:51 AM · VyOS 1.4 Sagitta
n.fort created T4701: Firewall - Implement global option to use one single general chian.
Sep 16 2022, 10:50 AM · VyOS 1.4 Sagitta
n.fort changed the status of T4700: Firewall - Add interface match criteria from Open to In progress.
Sep 16 2022, 10:40 AM · VyOS 1.4 Sagitta
n.fort created T4700: Firewall - Add interface match criteria.
Sep 16 2022, 10:40 AM · VyOS 1.4 Sagitta
n.fort changed the status of T4699: Firewall - Add jump action - Add return action from Open to In progress.
Sep 16 2022, 10:36 AM · VyOS 1.4 Sagitta
n.fort created T4699: Firewall - Add jump action - Add return action.
Sep 16 2022, 10:35 AM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX1b3ded9fb284: policy-route: T4697: Add missing rule_id for verify_rule func.
Sep 16 2022, 9:36 AM
GitHub <noreply@github.com> committed rVYOSONEX79a96ee24176: Merge pull request #1544 from sever-sever/T4697 (authored by c-po).
Sep 16 2022, 9:36 AM
Viacheslav changed the status of T3896: Extend ocserv support to allow for per-group configs from Open to Needs testing.
Sep 16 2022, 8:06 AM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX734a779523b8: ocserv: T4656: use "0.0.0.0" defaultValue via XML definition".
Sep 16 2022, 7:51 AM
c-po changed the status of T4656: Support the listen-host config field of openconnect server from In progress to Needs testing.
Sep 16 2022, 7:33 AM · VyOS 1.4 Sagitta
GitHub <noreply@github.com> committed rVYOSONEXecb2a4077f90: ocserv: openconnect: T4656: add listen-address CLI option (authored by Demon_H).
Sep 16 2022, 7:24 AM
Viacheslav added a project to T4697: policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit: VyOS 1.4 Sagitta.

PR https://github.com/vyos/vyos-1x/pull/1544

Sep 16 2022, 7:22 AM · VyOS 1.4 Sagitta
c-po closed T4698: Drop validator name="range" and replace it with numeric, a subtask of T4669: Extend numeric.ml for inversion of values and range values, as Resolved.
Sep 16 2022, 7:16 AM · VyOS 1.4 Sagitta
c-po closed T4698: Drop validator name="range" and replace it with numeric as Resolved.
Sep 16 2022, 7:16 AM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX28573ffe4fd9: xml: T4698: drop validator name="range" and replace it with numeric.
Sep 16 2022, 7:16 AM
Viacheslav changed the status of T4697: policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit from Open to In progress.
Sep 16 2022, 7:03 AM · VyOS 1.4 Sagitta
Viacheslav closed T4695: Add 'es' and 'jp106' keymap option keyboard-layout as Resolved.
Sep 16 2022, 6:47 AM · VyOS 1.4 Sagitta
c-po edited a custom field on T4698: Drop validator name="range" and replace it with numeric.
Sep 16 2022, 6:37 AM · VyOS 1.4 Sagitta
c-po closed T4669: Extend numeric.ml for inversion of values and range values as Resolved.
Sep 16 2022, 6:37 AM · VyOS 1.4 Sagitta
c-po triaged T4698: Drop validator name="range" and replace it with numeric as Normal priority.
Sep 16 2022, 6:37 AM · VyOS 1.4 Sagitta
Viacheslav closed T4687: Canot change configuration after image update from 202207220217 to 202209090217 as Invalid.
Sep 16 2022, 6:18 AM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

Added a new pull request to make ISIS segment routing work again.

Sep 16 2022, 4:09 AM · VyOS 1.4 Sagitta

Sep 15 2022

vishvas added a comment to T1973: Allow route-map to match on BGP local preference value.

Dear Sir
Will it work with 1.4 ?
BR
Vishvas

Sep 15 2022, 9:49 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux (VyOS 1.2.6), vyatta-cfg-quagga
Sophie added a comment to T160: Support NAT64.

Jool is still being maintained for bugfixes etc. and it has all the features we're looking for, then it sounds fairly ideal. If no new features are being added to it, it's less likely to break in future releases too

Sep 15 2022, 9:15 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
First
Prev
Next