@twan Can we close it?
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Aug 2 2023
Aug 2 2023
Viacheslav changed the status of T5427: Change migration script len arguments checking from Open to In progress.
Viacheslav moved T5399: "show ntp" fails when vrf is being configured from Open to Finished on the VyOS 1.4 Sagitta board.
Aug 1 2023
Aug 1 2023
Viacheslav moved T5339: Geneve interface - option to use IPv4 as inner protocol from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav committed rVYOSONEX183c077eaf5d: vyos.util: extend process_named_running() signature with cmdline (authored by c-po).
Viacheslav moved T5329: Wireguard interface as GRE tunnel source causes configuration error on boot from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T5329: Wireguard interface as GRE tunnel source causes configuration error on boot.
Cherry-pick https://github.com/vyos/vyos-1x/pull/2125
Viacheslav committed rVYOSONEXdf982dabe3e4: T5329 : priority: tunnel config is committed before wireguard (authored by SrividyaA).
Viacheslav committed rVYOSONEX17fb1709aa1e: T5329 : priority: tunnel config is committed before wireguard (authored by SrividyaA).
@fernando Can we close it?
Viacheslav moved T5346: MPLS sysctl not persistent for L2TP interfaces from Open to Finished on the VyOS 1.4 Sagitta board.
We are against "raw" options. As it is a bad design.
Specify which exactly options you want to configure. It is better to implement them separately.
@troggie Could you confirm that you expect "0"
Regarding documentation, it should be "-1" https://github.com/accel-ppp/accel-ppp-docs/blob/master/configuration/pppoe.rst
Viacheslav renamed T5374: Ability to set 24-hour time format from Ability to set 24-hourtime format to Ability to set 24-hour time format.
Viacheslav changed the subtype of T5374: Ability to set 24-hour time format from "Bug" to "Feature Request".
Viacheslav renamed T5374: Ability to set 24-hour time format from Locales doesnt update correctly when setting time-zone to Ability to set 24-hourtime format.
Could you close the task if the issue is solved?
Viacheslav triaged T5417: nft -o (optimizing ruleset) fails with error: "internal:0:0-0: Error: Could not process rule: File exists" as Wishlist priority.
Viacheslav changed the status of T5416: Ignoring "ipsec match-none" for firewall from Confirmed to Needs testing.
Viacheslav changed the status of T5406: "update webproxy blacklists" fails when vrf is being configured from In progress to Needs testing.
Jul 31 2023
Jul 31 2023
Viacheslav changed the subtype of T5418: Allow arbitrary subnets in PPPoE client IP pools from "Task" to "Bug".
Viacheslav edited projects for T5418: Allow arbitrary subnets in PPPoE client IP pools, added: VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus.
The same bug was with ipoe-server https://vyos.dev/T5283
It is the actual address x.x.x.0 for UNIX devices and PPP interfaces, but it could be issue work Windows clients
There is a simple fix https://github.com/vyos/vyos-1x/commit/8a79769bf447cb18d456f061afd6a7997b8264f8
Which version?
Which tested config? Which generated config?
It would be more clear if you provided tangible examples.
Jul 30 2023
Jul 30 2023
Duplicate of the task https://vyos.dev/T4502
And there also a PR https://github.com/vyos/vyos-1x/pull/2062
It is waiting for merging firewall refactoring
Jul 28 2023
Jul 28 2023
You skip this warning and delte version number line
// Warning: Do not remove the following line // vyos-config-version: "bgp@4:broadcast-relay@1:cluster@1:config-management@1:conntrack@3:conntrack-sync@2:container@1:dhcp-relay@2:dhcp-server@6:dhcpv6-server@1:dns-dynamic@1:dns-forwarding@4:firewall@10:flow-accounting@1:https@4:ids@1:interfaces@29:ipoe-server@1:ipsec@12:isis@3:l2tp@4:lldp@1:mdns@1:monitoring@1:nat@5:nat66@1:ntp@2:openconnect@2:ospf@2:policy@5:pppoe-server@6:pptp@2:qos@2:quagga@11:rip@1:rpki@1:salt@1:snmp@3:ssh@2:sstp@4:system@26:vrf@3:vrrp@4:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2" // Release version: 1.4-rolling-202307090317
Jul 27 2023
Jul 27 2023
Viacheslav awarded T5403: Add support for extending xml cache a Like token.
Conntrack should be disabled by default https://vyos.dev/T5080
It is not a bug.
It is the implementation of TACACS authentication https://github.com/vyos/vyos-1x/pull/2038
https://github.com/vyos/vyos-1x/blob/fa07179ae7f1dc07e6ccc1b20d2b81384b6efe07/debian/vyos-1x.postinst#L47-L52
Jul 26 2023
Jul 26 2023
Viacheslav changed the status of T5399: "show ntp" fails when vrf is being configured from Open to Needs testing.
There is this line in the code https://github.com/vyos/vyos-1x/blob/688755a988e233e221bf920e391e35d5ddc9cb56/src/op_mode/show_ntp.sh#L21
Jul 25 2023
Jul 25 2023
Viacheslav changed the status of T5398: FRR mangles container network interface names from Open to Needs testing.
@jvoss Add the PR, please
Thanks.
Try to add no_tag_node_value_mangle there https://github.com/vyos/vyos-1x/blob/20b7155f4140f54cf7669256160b6fedd8c1ab7a/src/conf_mode/protocols_static.py#L50
@dongjunbo It requires more tests and reviews
Jul 24 2023
Jul 24 2023
Do you have any idea for the CLI?
Jul 22 2023
Jul 22 2023
Jul 21 2023
Jul 21 2023
Proposed syntax one of them
set system option time-format 12|24 set system option time-format 12-hour|24-hour set system option time-format us|gb
Actually, it should configure:
sudo localectl set-locale LC_TIME="en_GB.UTF-8" sudo localectl set-locale LC_TIME="en_US.UTF-8"
Viacheslav added a comment to T5386: Execute VRRP transition script when `set high-availability disable` is commited.
Maybe it is the wrong way. I think it shouldn't touch anything in the disable state.
PR https://github.com/vyos/vyos-1x/pull/2105
set system sflow interface 'eth0' set system sflow interface 'eth1' set system sflow server 127.0.0.1
Viacheslav changed the status of T5368: FastNetmon service ids ddos-protection add support sflow mode from Open to In progress.
Viacheslav closed T5373: LLDP seems to be running even if its disabled on all interfaces as Resolved.
Jul 20 2023
Jul 20 2023
Viacheslav changed the status of T5373: LLDP seems to be running even if its disabled on all interfaces from In progress to Needs testing.
Actualy is just exports TMOUT option per login
In T5364#153398, @troggie wrote:In T5364#153397, @Viacheslav wrote:I'm wondering about the syntax
Will it be enough?set service pppoe-server pado-delay 0I think we should include the sessions incase there multiple PPPOE services and people want to spread the load across multiple devices?
Or maybe an option to allow without sessions as well as allow with sessions - make the system versatile ?
I'm wondering about the syntax
Will it be enough?
set service pppoe-server pado-delay 0
Viacheslav added a comment to T5373: LLDP seems to be running even if its disabled on all interfaces.
Will be fixed in the next rolling release.
Viacheslav added a comment to T5373: LLDP seems to be running even if its disabled on all interfaces.
Viacheslav changed the status of T5373: LLDP seems to be running even if its disabled on all interfaces from Open to In progress.
Viacheslav added a comment to T5363: Bash history file does not exists after reboot and ony other file in home directory.
In T5363#153177, @Apachez wrote:I think this should be configured through a config option if bash-history should be retained or not (by default it shouldnt for regular users and equal to root).
It can for security reasons be argued that history should only exist in current session but when user logs out it should be removed.
This way in a multiuser environment one user cannot steal potential sensitive data from another user.
If security logging (what a particular user have done to the system when logged in) is needed this should be done remotely through syslog or similar.
Viacheslav added a comment to T5373: LLDP seems to be running even if its disabled on all interfaces.
Something wrong with this template https://github.com/vyos/vyos-1x/blob/d2540ac4c6fc05991b18cf0e2434fbb6d5f3c2cf/data/templates/lldp/vyos.conf.j2#L7
It should be configurable as an option but not by default.
It is not fully implemented.
You have to set the URL to a JSON file with System versions, which not exists for now (there is no permanent URL for it), so it will be in the future developments.
FRR does not support it
Allows only full multicast table
r11# clear ip ... mroute IP multicast routing table
Viacheslav edited projects for T5378: Request for clearing single entry multicast route, added: VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.3), VyOS 1.2 Crux.
Viacheslav added a comment to T5363: Bash history file does not exists after reboot and ony other file in home directory.
Jul 19 2023
Jul 19 2023
Viacheslav renamed T5363: Bash history file does not exists after reboot and ony other file in home directory from Bash history file does not exists after reboot to Bash history file does not exists after reboot and ony other file in home directory.
Viacheslav edited projects for T5367: Syslog doesn't send timezone information to the server, added: VyOS 1.4 Sagitta; removed VyConf.
Viacheslav changed the status of T5354: Add sshguard to protect against brut-forces for 1.3 from Open to In progress.
Jul 17 2023
Jul 17 2023
Fixed with enabling offloads https://vyos.dev/T3619
vyos@r14# set interfaces ethernet eth0 offload Possible completions: gro Enable Generic Receive Offload gso Enable Generic Segmentation Offload lro Enable Large Receive Offload rfs Enable Receive Flow Steering rps Enable Receive Packet Steering sg Enable Scatter-Gather tso Enable TCP Segmentation Offloading
Viacheslav closed T2051: Throughput anomalies, a subtask of T3619: Performance Degradation 1.2 --> 1.3 | High ksoftirqd CPU usage, as Resolved.
Jul 15 2023
Jul 15 2023
Jul 13 2023
Jul 13 2023
Viacheslav changed the status of T5355: IPSec: OP cmd : "show vpn ike sa" does not show output from Open to In progress.
Viacheslav changed the status of T3045: Changes to Conntrack-Sync don't apply correctly (Mutlicast->UDP), a subtask of T3076: Router reboot adds unwanted 'conntrack-sync mcast-group '225.0.0.50'' line to configuration, from Unknown Status to Resolved.
Viacheslav changed the status of T3045: Changes to Conntrack-Sync don't apply correctly (Mutlicast->UDP) from Unknown Status to Resolved.
Viacheslav edited projects for T5354: Add sshguard to protect against brut-forces for 1.3, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus.
Viacheslav closed T2315: Ability to have right address-family for BGP peers., a subtask of T2174: Rewrite protocol BGP to new XML/Python style, as Resolved.
It possible with
set protocols bgp 65001 parameters default no-ipv4-unicast
Viacheslav moved T2315: Ability to have right address-family for BGP peers. from Open to Finished on the VyOS 1.4 Sagitta board.
Jul 12 2023
Jul 12 2023
It seems to work fine (VyOS 1.4-rolling-202307120317).
vyos@r14# set interfaces ethernet eth1 description 123 [edit] vyos@r14# commit [edit] vyos@r14# compare 1 [interfaces ethernet eth1] + description "123"
Jul 11 2023
Jul 11 2023
Viacheslav changed the status of T5341: Improve CLI for high-availability virtual-server to work with multiple ports from In progress to Needs testing.
Viacheslav removed a project from T3976: Missing prefix-list and access-list option from ipv6 route-map: VyOS 1.3 Equuleus (1.3.4).
Viacheslav added a comment to T3976: Missing prefix-list and access-list option from ipv6 route-map.
We will not update FRR to 8.x for 1.3 LTS releases.
Viacheslav closed T4758: Rewrite show dhcp server to vyos.opmode format, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, as Resolved.