Page MenuHomeVyOS Platform
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Aug 16 2023

giga1699 edited a custom field on T5447: Allow static MACsec keys with peers.
Aug 16 2023, 12:46 AM · VyOS 1.4 Sagitta

Aug 15 2023

fernando added a comment to T5160: Firewall refactor.

yes, but it's in process to merge : https://github.com/vyos/vyos-documentation/pull/1035

Aug 15 2023, 11:31 PM · VyOS 1.4 Sagitta
Sophie added a comment to T5160: Firewall refactor.

Now we have this included in the nightly builds, is there any documentation on how these refactored rules should be modified? Just bumped my version and was completely lost

Aug 15 2023, 9:49 PM · VyOS 1.4 Sagitta
fernando added a comment to T5481: Upgrade bug.

Could you share the full configuration ? so we can analyze what is the source of this problem .

Aug 15 2023, 9:48 PM · VyOS 1.4 Sagitta
dcplaya created T5482: Chrony NTP Server Fails To Sync Time.
Aug 15 2023, 8:26 PM · VyOS 1.4 Sagitta
twan created T5481: Upgrade bug.
Aug 15 2023, 8:04 PM · VyOS 1.4 Sagitta
dmbaturin closed T5273: Add op mode commands for displaying certificate details and fingerprints, a subtask of T5269: OpenVPN non-TLS site-to-site mode deprecation, as Resolved.
Aug 15 2023, 6:22 PM · VyOS 1.4 Sagitta
dmbaturin closed T5273: Add op mode commands for displaying certificate details and fingerprints as Resolved.
Aug 15 2023, 6:22 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
dmbaturin closed T5270: Make OpenVPN `tls dh-params` optional, a subtask of T5269: OpenVPN non-TLS site-to-site mode deprecation, as Resolved.
Aug 15 2023, 6:22 PM · VyOS 1.4 Sagitta
dmbaturin closed T5270: Make OpenVPN `tls dh-params` optional as Resolved.
Aug 15 2023, 6:21 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
aga closed T5293: Support for Floating Rules (Global Firewall-Rules that are automatically applied before all other Zone Rules) as Resolved.
Aug 15 2023, 3:52 PM · VyOS 1.4 Sagitta
n.fort changed the status of T5478: Cannot configure resolver-cache options for firewall from Confirmed to In progress.

PR: https://github.com/vyos/vyos-1x/pull/2149

Aug 15 2023, 12:01 PM · VyOS 1.4 Sagitta
n.fort changed the status of T5478: Cannot configure resolver-cache options for firewall from Open to Confirmed.
Aug 15 2023, 10:18 AM · VyOS 1.4 Sagitta
n.fort added a comment to T5160: Firewall refactor.

2.1:
Suggestion that established/related merges to a single rule such as:

Aug 15 2023, 10:09 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T5448: Add service zabbix-agent.

Cannot pass the smoketest in CI

07:19:00  DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_service_monitoring_zabbix-agent.py
07:19:02  DEBUG - test_01_zabbix_agent (__main__.TestZabbixAgent.test_01_zabbix_agent) ... FAIL
07:19:04  DEBUG - 
07:19:04  DEBUG - ======================================================================
07:19:04  DEBUG - FAIL: test_01_zabbix_agent (__main__.TestZabbixAgent.test_01_zabbix_agent)
07:19:04  DEBUG - ----------------------------------------------------------------------
07:19:04  DEBUG - Traceback (most recent call last):
07:19:04  DEBUG -   File "/usr/libexec/vyos/tests/smoke/cli/test_service_monitoring_zabbix-agent.py", line 34, in tearDown
07:19:04  DEBUG -     self.assertTrue(process_named_running(PROCESS_NAME))
07:19:04  DEBUG - AssertionError: None is not true
07:19:04  DEBUG - 
07:19:04  DEBUG - ----------------------------------------------------------------------

Is not reproduced in the local VM test

vyos@r14:~$ /usr/libexec/vyos/tests/smoke/cli/test_service_monitoring_zabbix-agent.py
test_01_zabbix_agent (__main__.TestZabbixAgent.test_01_zabbix_agent) ... ok
Aug 15 2023, 8:31 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T5479: Helper leftovers found in nftables (firewall) even with all helpers disabled.

The original task https://vyos.dev/T5080

Aug 15 2023, 8:23 AM · VyOS 1.4 Sagitta
Viacheslav moved T5457: Add environmental variable pointing to current rootfs directory from Open to Finished on the VyOS 1.4 Sagitta board.
Aug 15 2023, 8:12 AM · VyOS 1.4 Sagitta
Viacheslav added a project to T5480: Ability to disable SNMP for VRRP keepalived service: VyOS 1.4 Sagitta.
Aug 15 2023, 8:10 AM · VyOS 1.4 Sagitta

Aug 14 2023

Apachez closed T5457: Add environmental variable pointing to current rootfs directory as Resolved.
Aug 14 2023, 9:58 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5457: Add environmental variable pointing to current rootfs directory.

Still works in VyOS 1.4-rolling-202308140557:

Aug 14 2023, 9:58 PM · VyOS 1.4 Sagitta
Apachez closed T5440: Restore pre/postconfig scripts if user deleted them as Resolved.
Aug 14 2023, 9:55 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5440: Restore pre/postconfig scripts if user deleted them.

Verified in VyOS 1.4-rolling-202308140557:

Aug 14 2023, 9:55 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5437: logrotate.service fails to start.

Seems to still be happy in VyOS 1.4-rolling-202308140557:

Aug 14 2023, 9:54 PM · VyOS 1.4 Sagitta
Apachez closed T5436: vyos-preconfig-bootup.script is missing as Resolved.
Aug 14 2023, 9:51 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5436: vyos-preconfig-bootup.script is missing.

Verified in VyOS 1.4-rolling-202308140557:

Aug 14 2023, 9:50 PM · VyOS 1.4 Sagitta
Apachez created T5479: Helper leftovers found in nftables (firewall) even with all helpers disabled.
Aug 14 2023, 9:41 PM · VyOS 1.4 Sagitta
Apachez created T5478: Cannot configure resolver-cache options for firewall.
Aug 14 2023, 9:16 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5160: Firewall refactor.

1:
Shouldnt set firewall global-options resolver-cache have "enable" and "disable" as options?

Aug 14 2023, 9:10 PM · VyOS 1.4 Sagitta
Apachez closed T5461: Improve rootfs directory variable as Resolved.
Aug 14 2023, 8:27 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5461: Improve rootfs directory variable.

Looks like its working as expected in VyOS 1.4-rolling-202308140557:

Aug 14 2023, 8:27 PM · VyOS 1.4 Sagitta
jestabro added a subtask for T5434: Replace remaining calls of vyos.xml library: T5477: op-mode pki.py should use Config for defaults.
Aug 14 2023, 4:18 PM · VyOS 1.4 Sagitta
jestabro added a parent task for T5477: op-mode pki.py should use Config for defaults: T5434: Replace remaining calls of vyos.xml library.
Aug 14 2023, 4:18 PM · VyOS 1.4 Sagitta
jestabro closed T5477: op-mode pki.py should use Config for defaults as Resolved.
Aug 14 2023, 4:02 PM · VyOS 1.4 Sagitta
jestabro created T5477: op-mode pki.py should use Config for defaults.
Aug 14 2023, 3:58 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T5461: Improve rootfs directory variable from Open to Needs testing.
Aug 14 2023, 11:24 AM · VyOS 1.4 Sagitta
n.fort changed the status of T5472: NAT redirect should not require port from Open to Confirmed.
Aug 14 2023, 10:09 AM · VyOS 1.4 Sagitta
c-po added a comment to T2044: RPKI doesn't boot properly.

interesting, as the above diff actually does the same but a bit earlier in the boot process

Aug 14 2023, 6:43 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po updated the task description for T5476: netplug: replace Perl helper scripts with a Python equivalent.
Aug 14 2023, 6:09 AM · VyOS 1.4 Sagitta
c-po claimed T5476: netplug: replace Perl helper scripts with a Python equivalent.
Aug 14 2023, 6:06 AM · VyOS 1.4 Sagitta
c-po created T5476: netplug: replace Perl helper scripts with a Python equivalent.
Aug 14 2023, 6:05 AM · VyOS 1.4 Sagitta
c-po changed Version from - to 1.4-rolling on T5474: Establish common file name pattern for XML conf mode commands.
Aug 14 2023, 6:00 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po triaged T5475: Analyse if forked live-boot package can be dropped as Low priority.
Aug 14 2023, 6:00 AM · VyOS Rolling
c-po claimed T5475: Analyse if forked live-boot package can be dropped.
Aug 14 2023, 5:59 AM · VyOS Rolling
c-po created T5475: Analyse if forked live-boot package can be dropped.
Aug 14 2023, 5:59 AM · VyOS Rolling
c-po changed the status of T5474: Establish common file name pattern for XML conf mode commands from Open to Confirmed.
Aug 14 2023, 5:55 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po created T5474: Establish common file name pattern for XML conf mode commands.
Aug 14 2023, 5:54 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Aug 12 2023

syncer triaged T4818: IPv6 NDP not working everytime as Normal priority.
Aug 12 2023, 10:17 PM · VyOS Rolling, Restricted Project
syncer assigned T5469: Incorrect dependency set in the openvpn-dco package when building VyOS for arm64 to c-po.
Aug 12 2023, 10:15 PM · VyOS 1.4 Sagitta
syncer triaged T5471: Conntrack logging doesnt seem to be working as Low priority.
Aug 12 2023, 10:10 PM · VyOS Rolling, Restricted Project
syncer triaged T2044: RPKI doesn't boot properly as Normal priority.
Aug 12 2023, 10:09 PM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Apachez created T5471: Conntrack logging doesnt seem to be working.
Aug 12 2023, 8:53 PM · VyOS Rolling, Restricted Project
egoistdream added a comment to T2044: RPKI doesn't boot properly.

I was able to fix by adding the following code in /config/scripts/vyos-postconfig-bootup.script you can edit and save by running:

Aug 12 2023, 7:13 PM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.5 Circinus, VyOS 1.4 Sagitta
egoistdream added a comment to T4818: IPv6 NDP not working everytime.

I can confirm that the issue is still here, something is wrong and usually when you assign ipv6 address to sub-interface like vlan or bridge etc.

Aug 12 2023, 7:09 PM · VyOS Rolling, Restricted Project
Apachez added a comment to T4818: IPv6 NDP not working everytime.

How is your IPv6 config from the VyOS config?

Aug 12 2023, 5:08 PM · VyOS Rolling, Restricted Project
c-po added a comment to T5325: Moschip MCS9900 fix driver.

Enabled inside VyOS kernel - please check with the next available rolling ISO

Aug 12 2023, 4:08 PM · VyOS 1.4 Sagitta
c-po changed the status of T5325: Moschip MCS9900 fix driver from Open to Needs testing.
Aug 12 2023, 4:07 PM · VyOS 1.4 Sagitta
c-po changed the status of T5470: wlan: can not disable interface if SSID is not configured from Open to In progress.
Aug 12 2023, 3:48 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
c-po created T5470: wlan: can not disable interface if SSID is not configured.
Aug 12 2023, 3:47 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
dsummers added a comment to T4818: IPv6 NDP not working everytime.
  1. Vyos Router <-> Switch <-> Multiple Computers
Aug 12 2023, 2:49 PM · VyOS Rolling, Restricted Project
tkmr_akhs created T5469: Incorrect dependency set in the openvpn-dco package when building VyOS for arm64.
Aug 12 2023, 8:53 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5090: Add support for disk encryption during installation.

A workaround in the meantime:

Aug 12 2023, 8:24 AM · VyOS 1.5 Circinus
c-po closed T5467: ospf(v3): removing an interface from the OSPF process does not clear FRR configuration as Resolved.
Aug 12 2023, 7:02 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5090: Add support for disk encryption during installation.

And in that case the attacker would just replace your router with their own since they already got physical access to the box.

Aug 12 2023, 6:40 AM · VyOS 1.5 Circinus
Apachez created T5468: Remove unused manpages to free up space.
Aug 12 2023, 6:32 AM · VyOS 1.4 Sagitta
giga1699 added a comment to T5090: Add support for disk encryption during installation.

There are use cases when it would be ideal to force a password at boot to protect the contents of the configuration. For example, a portable router with sensitive keys meant for temporary network connectivity.

Aug 12 2023, 6:22 AM · VyOS 1.5 Circinus
Apachez added a comment to T5090: Add support for disk encryption during installation.

The problem is how to make sure that the router can boot and reboot (for example "set system option reboot-on-panic" is handy) on itself without somebody having to connect to its console before it starts to function again. Really shitty situation for a remote site because then somebody needs to visit it aswell.

Aug 12 2023, 5:30 AM · VyOS 1.5 Circinus
Apachez added a comment to T4818: IPv6 NDP not working everytime.
  1. How is the physical topology (can you provide a drawing)?
Aug 12 2023, 5:17 AM · VyOS Rolling, Restricted Project
dsummers added a comment to T4818: IPv6 NDP not working everytime.

I am having this exact problem and it evidently has been a problem for quite a few years.

Aug 12 2023, 4:31 AM · VyOS Rolling, Restricted Project
giga1699 added a comment to T5090: Add support for disk encryption during installation.

Can this be accomplished with LUKS?

Aug 12 2023, 4:24 AM · VyOS 1.5 Circinus

Aug 11 2023

n.fort changed the status of T5460: Firewall - remove config-trap from Confirmed to Needs testing.
Aug 11 2023, 10:21 PM · VyOS 1.4 Sagitta
c-po closed T5464: ipv6: add support for per-interface dad (duplicate address detection) setting as Resolved.
Aug 11 2023, 9:01 PM · VyOS 1.4 Sagitta
c-po added a comment to T5463: Containers allow publish IPv6 address port.

That CLI node ipv6 only implements a minor subset of the entire featureset of port forwarding.

Aug 11 2023, 8:59 PM · VyOS 1.4 Sagitta
c-po changed the status of T5467: ospf(v3): removing an interface from the OSPF process does not clear FRR configuration from Open to In progress.
Aug 11 2023, 8:52 PM · VyOS 1.4 Sagitta
c-po created T5467: ospf(v3): removing an interface from the OSPF process does not clear FRR configuration.
Aug 11 2023, 8:52 PM · VyOS 1.4 Sagitta
fernando claimed T5466: L3VPN - label allocation mode .
Aug 11 2023, 8:00 PM · VyOS 1.4 Sagitta
fernando created T5466: L3VPN - label allocation mode .
Aug 11 2023, 7:59 PM · VyOS 1.4 Sagitta
fernando added a comment to T5456: Add alias for "show ipv6 bgp".

Adding comments : maybe discontinue show ip bgp gives some issues / problems with automation tools (ansible o some custom script)While thinking out loud, it can be useful for new users create to alias.

Aug 11 2023, 7:49 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5456: Add alias for "show ipv6 bgp".

Its not possible to "symlink" it?

Aug 11 2023, 7:26 PM · VyOS 1.4 Sagitta
c-po closed T5465: adjust-mss: config migration fails if applied to a VLAN or Q-in-Q interface, a subtask of T3090: Move 'adjust-mss' firewall options to the interface section., as Resolved.
Aug 11 2023, 7:24 PM · VyOS 1.4 Sagitta
c-po closed T5465: adjust-mss: config migration fails if applied to a VLAN or Q-in-Q interface as Resolved.
Aug 11 2023, 7:24 PM · VyOS 1.4 Sagitta
c-po changed the status of T5465: adjust-mss: config migration fails if applied to a VLAN or Q-in-Q interface, a subtask of T3090: Move 'adjust-mss' firewall options to the interface section., from Open to In progress.
Aug 11 2023, 7:21 PM · VyOS 1.4 Sagitta
c-po changed the status of T5465: adjust-mss: config migration fails if applied to a VLAN or Q-in-Q interface from Open to In progress.
Aug 11 2023, 7:21 PM · VyOS 1.4 Sagitta
c-po created T5465: adjust-mss: config migration fails if applied to a VLAN or Q-in-Q interface.
Aug 11 2023, 7:20 PM · VyOS 1.4 Sagitta
c-po added a comment to T5456: Add alias for "show ipv6 bgp".

Unfortunately this is "not that easy" as out CLI commands are passed down to FRR raw.

Aug 11 2023, 7:10 PM · VyOS 1.4 Sagitta
c-po moved T5459: ospfv3: add authentication support from Open to In Progress on the VyOS 1.4 Sagitta board.
Aug 11 2023, 7:09 PM · VyOS Rolling
c-po moved T5461: Improve rootfs directory variable from Open to Finished on the VyOS 1.4 Sagitta board.
Aug 11 2023, 7:09 PM · VyOS 1.4 Sagitta
c-po moved T5464: ipv6: add support for per-interface dad (duplicate address detection) setting from Open to In Progress on the VyOS 1.4 Sagitta board.
Aug 11 2023, 7:08 PM · VyOS 1.4 Sagitta
c-po claimed T5464: ipv6: add support for per-interface dad (duplicate address detection) setting.
Aug 11 2023, 6:18 PM · VyOS 1.4 Sagitta
c-po created T5464: ipv6: add support for per-interface dad (duplicate address detection) setting.
Aug 11 2023, 6:15 PM · VyOS 1.4 Sagitta
Apachez added a comment to T5456: Add alias for "show ipv6 bgp".

But at the same time it would help others who migrate to VyOS from Cisco, Arista etc.

Aug 11 2023, 3:17 PM · VyOS 1.4 Sagitta
jestabro closed T2665: vyos.xml.defaults for tag nodes as Resolved.
Aug 11 2023, 2:31 PM · VyOS 1.4 Sagitta
jestabro closed T5434: Replace remaining calls of vyos.xml library, a subtask of T5218: Revise vyos xml lib for bug fixes and extensions, as Resolved.
Aug 11 2023, 2:30 PM · VyOS 1.4 Sagitta
jestabro closed T5434: Replace remaining calls of vyos.xml library as Resolved.
Aug 11 2023, 2:30 PM · VyOS 1.4 Sagitta
jestabro closed T5319: Remove remaining workarounds for incorrect defaults, a subtask of T5308: Remove workarounds for incorrect defaults in get_interface_dict, as Resolved.
Aug 11 2023, 2:30 PM · VyOS 1.4 Sagitta
jestabro closed T5319: Remove remaining workarounds for incorrect defaults as Resolved.
Aug 11 2023, 2:30 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T5463: Containers allow publish IPv6 address port.
Aug 11 2023, 1:39 PM · VyOS 1.4 Sagitta
Viacheslav created T5463: Containers allow publish IPv6 address port.
Aug 11 2023, 1:37 PM · VyOS 1.4 Sagitta
fernando added a comment to T5456: Add alias for "show ipv6 bgp".

show ip bgp is an old command, it comes from quagga ...So in my point of view , adding more command to do the same , could generate more confusion . show bgp address-family should be used.

Aug 11 2023, 12:09 PM · VyOS 1.4 Sagitta
Viacheslav moved T5416: Ignoring "ipsec match-none" for firewall from Open to Finished on the VyOS 1.4 Sagitta board.
Aug 11 2023, 8:18 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5461: Improve rootfs directory variable.

PR created: https://github.com/vyos/vyatta-op/pull/66

Aug 11 2023, 7:25 AM · VyOS 1.4 Sagitta
First
Prev
Next