It is not a task for 1.3 LTS releases.
For 1.4, there a new feature that was implemented in https://vyos.dev/T5228
get_config_dict and add argument with_defaults
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Aug 28 2023
Aug 28 2023
Viacheslav closed T2274: Move the interface default values from the conf_mode file to the interface as Invalid.
Viacheslav closed T2258: VRF route leaking from BGP, a subtask of T2579: The root task for VRF features, as Wontfix.
Route leaking for dynamic protocols won't be implemented in VyOS 1.3 due to the old backend.
You can set a table in the route-map or use virtual-ethernet interfaces
Viacheslav removed a project from T2199: Rewrite firewall in new XML/Python style: VyOS 1.3 Equuleus (1.3.5).
Viacheslav closed T2123: Configure 3 NTP servers, a subtask of T2014: Use vendor specific NTP Pool hostname, as Resolved.
PR https://github.com/vyos/vyos-1x/pull/2182
vyos@r1:~$ show pppoe-server interfaces
interface: connections: state:
-----------------------------------
eth0 1 active
vyos@r1:~$Viacheslav updated the task description for T5521: Home owner directory changed to vyos for the user after reboot.
Viacheslav updated the task description for T5521: Home owner directory changed to vyos for the user after reboot.
Viacheslav edited projects for T2037: Make use of a systemd environment file, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
The cluster feature will be deprecated, as we use systemd we should avoid init.d scripts.
All logic should be rewritten to VRRP
Viacheslav updated subscribers of T1764: Use lists instead of whitespace-separated strings in vyos.config .
@dmaasland @jestabro Can we close it?
Viacheslav edited projects for T1674: Support [virtual] dvd device in add system image, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
Viacheslav edited projects for T1647: event-handler configurable syslog.pipe level , added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).
The event handler was rewritten to python3 and doesn't use pipes.
Viacheslav closed T1647: event-handler configurable syslog.pipe level , a subtask of T3083: Add feature event-handler, as Invalid.
Viacheslav edited projects for T1449: Add opportunity to include custom default configs (few) at building , added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
@runar Can we close it?
vyos@r1# set interfaces bridge br0 member interface eth1 Possible completions: + allowed-vlan Specify VLAN id which is allowed in this trunk interface cost Bridge port cost isolated Port is isolated (also known as Private-VLAN) native-vlan Specify VLAN id which should natively be present on the link priority Bridge port priority
Viacheslav moved T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled from Open to Finished on the VyOS 1.4 Sagitta board.
Aug 28 2023, 10:08 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
There are not such options in FRR
r14(config-route-map)# set ip next-hop A.B.C.D IP address of next hop peer-address Use peer address (for BGP only) unchanged Don't modify existing Next hop address r14(config-route-map)#
It must be next-hop
Viacheslav edited projects for T1002: install image - fast install, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.5).
Viacheslav closed T1012: vyos-build configure script should check /etc/issue to avoid confusion as Not Applicable.
The best option is to use containers https://docs.vyos.io/en/latest/contributing/build-vyos.html#build-container
Close it as out of date.
Viacheslav added a comment to T738: Add local-port and resolver port options for powerdns in CLI configuration tree.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/2181
Viacheslav edited projects for T469: Problem after commit with errors, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).
I don't see any errors in VyOS 1.3-stable-202308240442
vyos@r1# set firewall group network-group FW-OUT network '191.200.161.8/31' [edit] vyos@r1# set firewall group network-group FW-OUT network '191.200.161.8/32' [edit] vyos@r1# commit [edit] vyos@r1# delete firewall group [edit] vyos@r1# commit [edit] vyos@r1#
limitations of old backend
Viacheslav closed T4745: CLI TAB issue with values with '-' at the beginning in conf mode, a subtask of T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt, as Resolved.
Viacheslav closed T4745: CLI TAB issue with values with '-' at the beginning in conf mode as Resolved.
Viacheslav edited projects for T4745: CLI TAB issue with values with '-' at the beginning in conf mode, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).
Fixed
[edit] vyos@r1# set policy route-map TEST rule 10 set metric -10 [edit] vyos@r1# commit [edit] vyos@r1# sudo vtysh -c "show run" Building configuration...
This task for the ldpd
https://vyos.dev/T4020
The smoketest was in the same PR https://github.com/vyos/vyos-1x/pull/2162/files#diff-59a88cf4e56c56db9de173bbdeb31600f9733d8598570831364d2d368402af77
Aug 27 2023
Aug 27 2023
Aug 25 2023
Aug 25 2023
Viacheslav moved T4825: interfaces veth/veth-pairs -standalone used from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
Viacheslav added a project to T4825: interfaces veth/veth-pairs -standalone used: VyOS 1.3 Equuleus (1.3.4).
Viacheslav removed a project from T3459: Inform the user when unable to install outdated image: VyOS 1.3 Equuleus (1.3.4).
Viacheslav added a comment to T3546: Add support for running scripts on PPPoE server session events.
PR f or 1.3.4 https://github.com/vyos/vyos-1x/pull/2168
Viacheslav changed the status of T3702: Policy: Allow routing by fwmark from Unknown Status to Resolved.
@zsdc Can we backport it to 1.3?
Aug 24 2023
Aug 24 2023
Viacheslav changed the status of T5506: Container bridge interfaces do not have a link-local address from Open to In progress.
Will be fixed in https://vyos.dev/T5506
In my internal tests, it works even without listen-address
set container name c1 image 'docker.io/ealen/echo-server' set container name c1 network NET01 set container name c1 port web destination '80' set container name c1 port web source '8080' set container network NET01 prefix '10.0.0.0/24' set container network NET01 prefix '2001:db8:2222::/64' set interfaces dummy dum0 address '2001:db8:1111::1/64' set interfaces dummy dum0 address '203.0.113.1/32'
Viacheslav closed T5448: Add service zabbix-agent, a subtask of T118: Native Zabbix Support, as Resolved.
@Apachez, I got your point. The thing is, we don't have cisco-like CLI and can modify any seq rule.
It possibly could be from op-mode (not sure) because otherwise, you get resequence per each commit. That is definitely wrong.
If it is only per migration, you can change it in migration or rewrite the rules once.
The firewall will not be autoconfigured by bgpd or something else. We are not going to do it.
Aug 23 2023
Aug 23 2023
Viacheslav changed the status of T5463: Containers allow publish IPv6 address port from In progress to Needs testing.
Viacheslav closed T5503: Nightly-builds is missing a latest.iso to be used with add system image as Invalid.
It is not VyOS bug
I don't get this thing.
You can use any number that you want.
Could you explain what exactly Is wrong and why you can't use your own declared numbers?
Does it do what you want?
vyos@r14# set system frr snmp Possible completions: bgpd BGP isisd IS-IS ldpd LDP ospf6d OSPFv3 ospfd OSPFv2 ripd RIP zebra Zebra (IP routing manager)
For example
vyos@r14:~$ show conf com | match ldp set system frr snmp ldpd vyos@r14:~$ vyos@r14:~$ ps ax | grep ldp 1006 ? S<s 0:00 /usr/lib/frr/watchfrr -d -F traditional zebra mgmtd bgpd ripd ripngd ospfd ospf6d isisd babeld ldpd eigrpd staticd bfdd 1075 ? S< 0:00 /usr/lib/frr/ldpd -L -u frr -g frr 1076 ? S< 0:00 /usr/lib/frr/ldpd -E -u frr -g frr 1079 ? S<s 0:00 /usr/lib/frr/ldpd -d -F traditional --daemon -A 127.0.0.1 -M snmp 3124 pts/0
Viacheslav changed the status of T5499: initial arm64 support for RPI4 and QEMU VM from Open to In progress.
I don't get which exact issue with VRRP
but if you have an issue, please add a separate task.
Provide sudo nft list ruleset before and after the bug version. Bug with VRRP definitely not clear for now.
Viacheslav moved T5446: bgp: validity check for bestpath med option from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T5453: Fix nat66 - broken after load-balance was introduced in nat from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav changed the status of T5463: Containers allow publish IPv6 address port from Open to In progress.
It seems that only one address could be set
--publish, -p=[[ip:][hostPort]:]containerPort[/protocol]
https://docs.podman.io/en/latest/markdown/podman-create.1.html#publish-p-port
Viacheslav changed the status of T5447: Allow static MACsec keys with peers from In progress to Needs testing.
Aug 22 2023
Aug 22 2023
Viacheslav changed the status of T5466: L3VPN - label allocation mode from In progress to Needs testing.
Aug 18 2023
Aug 18 2023
Viacheslav added a comment to T5493: Add capability to use local and external dynamic-lists for firewall rules but also for various policies such as access-list, route-maps etc..
The similar task https://vyos.dev/T4797
Aug 17 2023
Aug 17 2023
Viacheslav changed the status of T5486: Service dns dynamic cannot pass the smoketest from Unknown Status to Resolved.
Viacheslav changed the status of T5488: System conntrack ignore does not take any effect from Open to In progress.
Priority must be less than -200 https://github.com/vyos/vyos-1x/blob/08cb4f350b335d5af401f30850d410b4be38530d/data/vyos-firewall-init.conf#L23-L32
https://wiki.nftables.org/wiki-nftables/index.php/Setting_packet_connection_tracking_metainformation#notrack_-_Bypass_connection_tracking
chain PREROUTING {
type filter hook prerouting priority -200; policy accept;
counter packets 6405 bytes 444828 jump VYOS_CT_IGNORE
counter packets 6405 bytes 444828 jump VYOS_CT_TIMEOUT
counter packets 6405 bytes 444828 jump VYOS_CT_PREROUTING_HOOK
counter packets 6405 bytes 444828 jump FW_CONNTRACK
notrack
}It could be incorrect process name name='ddclient - sleeping for 10 seconds' expectedd ddclient, possible bug after commit https://github.com/vyos/vyos-1x/commit/58a20e42087cbb7a1b3b4725fa40fd15a31bb4ed
psutil.Process(pid=2282, name='sshd', started='12:29:23') psutil.Process(pid=2283, name='vbash', started='12:29:23') psutil.Process(pid=2625, name='rsyslogd', started='12:30:31') psutil.Process(pid=9841, name='vbash', started='13:02:24') psutil.Process(pid=10249, name='kworker/u2:1-events_unbound', started='13:03:58') psutil.Process(pid=10735, name='kworker/0:1-mm_percpu_wq', started='13:10:42') psutil.Process(pid=10737, name='kworker/u2:2-events_unbound', started='13:10:42') psutil.Process(pid=10987, name='ddclient - sleeping for 10 seconds', started='13:12:47')
Viacheslav moved T5223: tunnel key doesn't clear from Open to Finished on the VyOS 1.4 Sagitta board.
PR for 1.3.4 https://github.com/vyos/vyos-1x/pull/2153
Viacheslav edited projects for T5484: set extcommunity - just allow one extend community, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus.
Aug 16 2023
Aug 16 2023
Thanks, @jestabro
Zabbix-agent really can include config directory, and if it is set and exists any *.conf file it thinks that those files related to zabbix-agent and expects specific config syntax/options.
I.e. it extends zabbix-agent with custom .confg files.
As it was a wrong format, most likely it can't start at all.
Aug 15 2023
Aug 15 2023
Cannot pass the smoketest in CI
07:19:00 DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_service_monitoring_zabbix-agent.py 07:19:02 DEBUG - test_01_zabbix_agent (__main__.TestZabbixAgent.test_01_zabbix_agent) ... FAIL 07:19:04 DEBUG - 07:19:04 DEBUG - ====================================================================== 07:19:04 DEBUG - FAIL: test_01_zabbix_agent (__main__.TestZabbixAgent.test_01_zabbix_agent) 07:19:04 DEBUG - ---------------------------------------------------------------------- 07:19:04 DEBUG - Traceback (most recent call last): 07:19:04 DEBUG - File "/usr/libexec/vyos/tests/smoke/cli/test_service_monitoring_zabbix-agent.py", line 34, in tearDown 07:19:04 DEBUG - self.assertTrue(process_named_running(PROCESS_NAME)) 07:19:04 DEBUG - AssertionError: None is not true 07:19:04 DEBUG - 07:19:04 DEBUG - ----------------------------------------------------------------------
Is not reproduced in the local VM test
vyos@r14:~$ /usr/libexec/vyos/tests/smoke/cli/test_service_monitoring_zabbix-agent.py test_01_zabbix_agent (__main__.TestZabbixAgent.test_01_zabbix_agent) ... ok
Viacheslav added a comment to T5479: Helper leftovers found in nftables (firewall) even with all helpers disabled.
The original task https://vyos.dev/T5080
Viacheslav moved T5457: Add environmental variable pointing to current rootfs directory from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a project to T5480: Ability to disable SNMP for VRRP keepalived service: VyOS 1.4 Sagitta.
Aug 14 2023
Aug 14 2023
Viacheslav changed the status of T5461: Improve rootfs directory variable from Open to Needs testing.
Viacheslav changed the subtype of T5473: Detect what conflicts with POSIX mode from "Task" to "Bug".