@tjjh89017 This will need to be re-evaluated. The build from your PR was taking in excess of 8 hours on the build server - the defconfig likely needs to be brought down to only the minimum required modules/drivers for successful builds on target devices.

Just a comment:

It should be fixed via https://github.com/vyos/vyos-build/pull/382

Reopen to investigate, as unresolved ... cf. T5515, T3821

This does still need to be addressed in 1.4. Without a version string, the 2-to-3 migrator is adding the conntrack helpers to the default config.

Duplicate T3275

The kernel modules handle tracking of those, rpc/tns are userspace helpers.

So how are all the other helpers added to the ruleset if not dynamically?

They are only defined. Only when the VYOS_CT_HELPER chain is reached will they take effect - see links in my above comment. Being in the default config will have no effect on connection tracking if bypassed by the notrack rule.

Then how come these helpers are always enabled as pointed out at https://vyos.dev/T5080#149232 ?

How come these helpers (pointed out by @saintclairpcarvalho but also )https://vyos.dev/T5479) are always enabled?

PR: https://github.com/vyos/vyos-1x/pull/2176

They are created but unused by default (see VYOS_CT_HELPER chain)

Found some anomalies regarding show firewall command (I assume related to the refactoring) which I have reported in https://vyos.dev/T5513

Thanks for following up on this issue @rayzilt

The refactored firewall frontend uses rule numbers as described in: https://docs.vyos.io/en/latest/configuration/firewall/general.html#firewall-rules

PR created: https://github.com/vyos/vyos-build/pull/381

Closing as dupe of T5080

Raspberry pi 4 wifi driver requires some missing files.

In T2229#142155, @Viacheslav wrote:

@skoenman Could you write some examples of configuration?

Ill see if i can get a example more or less of what one wants but it would be there were you asign the queue to the pppoe accoynt when authing..

Using VyOS 1.4-rolling-202308250021.