PR https://github.com/vyos/vyos-1x/pull/2159

I ran what you suggested, but it still shows wrong block/inode count right after boot.

Looks like you would need some more extensive checking of that partition.

As I understabd FreeIPA is an alternative to ActiveDirectory? And SSSD should support authentication via LDAP only if the backend is AD.

I managed to enter initramfs on the machine running in a VM by appending break to grub. From there I manually ran a fs check, which didn't show any issues.

I have created this task regarding the fsck issues (fsck does not run during boot): https://vyos.dev/T5498

PR for 1.3 https://github.com/vyos/vyos-1x/pull/2158

Both attached files seem to be downloadable (but now viewable in browser) from the download-link in the upper right corner after clicking a file.

Thank you for taking a look on the PR.

In PR 2152:

Adding Kerberos to a router is overkill in my opinion. I'd agree on adding LDAP(s) auth support via sssd of course, but Kerberos is simply a bit beyond the scope.

Works for me without errors but I currently only have an empty ruleset:

I couldn't open those files, but it can be related our firewall refactor :

I confirm this warning message , although, on Linux doesn't affect or at least with our server/client work as expected :

The similar task https://vyos.dev/T4797

Pull request #2156 opened
https://github.com/vyos/vyos-1x/pull/2156

This error not only occurs for new settings in global-options but also for older:

PR https://github.com/vyos/vyos-1x/pull/2130

PR https://github.com/vyos/vyos-1x/pull/2155

Priority must be less than -200 https://github.com/vyos/vyos-1x/blob/08cb4f350b335d5af401f30850d410b4be38530d/data/vyos-firewall-init.conf#L23-L32
https://wiki.nftables.org/wiki-nftables/index.php/Setting_packet_connection_tracking_metainformation#notrack_-_Bypass_connection_tracking

	chain PREROUTING {
		type filter hook prerouting priority -200; policy accept;
		counter packets 6405 bytes 444828 jump VYOS_CT_IGNORE
		counter packets 6405 bytes 444828 jump VYOS_CT_TIMEOUT
		counter packets 6405 bytes 444828 jump VYOS_CT_PREROUTING_HOOK
		counter packets 6405 bytes 444828 jump FW_CONNTRACK
		notrack
	}

PR https://github.com/vyos/vyos-1x/pull/2154

Tested after merging T5476 and now we see a proper DHCP release message

It could be incorrect process name name='ddclient - sleeping for 10 seconds' expectedd ddclient, possible bug after commit https://github.com/vyos/vyos-1x/commit/58a20e42087cbb7a1b3b4725fa40fd15a31bb4ed

psutil.Process(pid=2282, name='sshd', started='12:29:23')
psutil.Process(pid=2283, name='vbash', started='12:29:23')
psutil.Process(pid=2625, name='rsyslogd', started='12:30:31')
psutil.Process(pid=9841, name='vbash', started='13:02:24')
psutil.Process(pid=10249, name='kworker/u2:1-events_unbound', started='13:03:58')
psutil.Process(pid=10735, name='kworker/0:1-mm_percpu_wq', started='13:10:42')
psutil.Process(pid=10737, name='kworker/u2:2-events_unbound', started='13:10:42')
psutil.Process(pid=10987, name='ddclient - sleeping for 10 seconds', started='13:12:47')

PR for 1.3.4 https://github.com/vyos/vyos-1x/pull/2153

Thanks @Apachez - closing

In T5160#156049, @Apachez wrote:

If there would never be such then "INVALID" wouldnt exist as an option.