Implement hooks-script for livebuild that recursively go through following directories using "strip --strip-all" (syntax to be verified):
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Sep 25 2023
Sep 25 2023
Shouldnt that be default for lb then in the vyos buildscripts and how does --debug affect things other than logging during build?
What is the "system update-check url" supposed to be once its implemented?
dmbaturin edited projects for T2640: Running VyOS inside Docker containers, added: VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus (1.3.4).
dmbaturin changed Issue type from feature to bug on T3070: Firewall going OOM, possible related to nftables migration.
dmbaturin changed Issue type from unspecified to feature on T5354: Add sshguard to protect against brut-forces for 1.3.
dmbaturin changed Issue type from unspecified to improvement on T5315: vrrp: add support for version 3.
dmbaturin changed the status of T4479: generate wireguard client command prompt has some error from Not Applicable to Invalid.
dmbaturin renamed T3546: Add support for running scripts on PPPoE server session events from Add pppoe-server CLI custom script feature to Add support for running scripts on PPPoE server session events.
dmbaturin set Issue type to feature on T3546: Add support for running scripts on PPPoE server session events.
dmbaturin renamed T5526: Clarify the error message when trying to set an interface as a BGP peer group using the wrong syntax from BGP peer-group - don't support add interfaces over peer neigborhs to Clarify the error message when trying to set an interface as a BGP peer group using the wrong syntax.
Note that is is the "--debug" flag that one wants in order to see the full mksquashfs command that is executed.
Sep 24 2023
Sep 24 2023
@stingalleman As mentioned above (and confirmed in discussions earlier this week), we've had few if any reports of issues with the udev approach, so we would be very interested to hear details of your case.
Not sure what to do on this one. The firewall is depending on conntrack module, which updates the conntrack related sysctls. It'd be the same if someone defines custom sysctls used by other conf scripts.
When will this bug be fixed? I am having a lot of issues with this.
Apachez closed T5511: Cleanup of unused directories (and files) in order to shrink image-size as Resolved.
Verified to be working as expected.
@jestabro I havent verified it yet but then perhaps the buildscript for VyOS should be altered to include --verbose?
Verified through smoketests.
sarthurdev changed the status of T5614: Add conntrack helper matching on firewall from Open to In progress.
Apachez closed T5604: List of debian archives is out of date (non-free-firmware is missing) as Resolved.
Apachez added a comment to T5604: List of debian archives is out of date (non-free-firmware is missing).
Verified through smoketests.
sarthurdev changed the status of T5606: IPSec VPN: Allow multiple CAs certificates from In progress to Needs testing.
sarthurdev moved T5606: IPSec VPN: Allow multiple CAs certificates from Open to In Progress on the VyOS 1.5 Circinus board.
sarthurdev changed the status of T5606: IPSec VPN: Allow multiple CAs certificates from Open to In progress.
PR removing zone-policy op-mode: https://github.com/vyos/vyos-1x/pull/2304
sarthurdev changed the status of T5376: Conntrack FTP helper does not work properly from Confirmed to Needs testing.
sarthurdev changed the status of T5598: unknown parameter 'nf_conntrack_helper' ignored from Confirmed to Needs testing.
indrajitr updated the task description for T5612: Miscellaneous improvements and fixes for dynamic DNS configuration.
Sep 23 2023
Sep 23 2023
Viacheslav added a parent task for T2115: VyOS cannot load configs when running in a container: T5613: VyOS in container bugs.
Viacheslav added a project to T2115: VyOS cannot load configs when running in a container: VyOS 1.5 Circinus.
GitHub <[email protected]> committed rVYOSONEX734392fdff12: Merge pull request #2302 from sever-sever/T5497 (authored by Viacheslav).
Viacheslav changed the status of T5604: List of debian archives is out of date (non-free-firmware is missing) from Open to Needs testing.
Sep 22 2023
Sep 22 2023
indrajitr triaged T5612: Miscellaneous improvements and fixes for dynamic DNS configuration as Normal priority.
Op-mode command reduce
PR https://github.com/vyos/vyos-1x/pull/2302
vyos@r4:~$ show conf com | match firew set firewall ipv4 input filter default-action 'accept' set firewall ipv4 input filter rule 1 action 'accept' set firewall ipv4 input filter rule 1 description 'Allow loopback' set firewall ipv4 input filter rule 1 inbound-interface interface-name 'lo' set firewall ipv4 input filter rule 1 source address '127.0.0.0/8' set firewall ipv4 input filter rule 2 action 'accept' set firewall ipv4 input filter rule 2 description 'Allow established/related' set firewall ipv4 input filter rule 2 state established 'enable' set firewall ipv4 input filter rule 2 state related 'enable' set firewall ipv4 input filter rule 60 action 'accept' set firewall ipv4 input filter rule 60 description 'Allow SSH from trusted networks' set firewall ipv4 input filter rule 60 destination port '22' set firewall ipv4 input filter rule 60 protocol 'tcp' set firewall ipv4 input filter rule 10000 action 'drop' set firewall ipv4 input filter rule 10000 description 'Drop everything else' vyos@r4:~$ vyos@r4:~$ produce firewall rule-resequence start 10 step 10
jestabro moved T5607: Adjust RAID smoketest for non-deterministic SCSI device probing from Open to Finished on the VyOS 1.4 Sagitta board.
jestabro moved T5608: Rewrite add/delete raid member to Python and remove from vyatta-op from Open to Finished on the VyOS 1.4 Sagitta board.
jestabro closed T5608: Rewrite add/delete raid member to Python and remove from vyatta-op as Resolved.
jestabro closed T5608: Rewrite add/delete raid member to Python and remove from vyatta-op, a subtask of T5609: Add util to get drive device name from id, as Resolved.
jestabro moved T5609: Add util to get drive device name from id from Open to Finished on the VyOS 1.4 Sagitta board.
jestabro closed T5609: Add util to get drive device name from id, a subtask of T5607: Adjust RAID smoketest for non-deterministic SCSI device probing, as Resolved.
GitHub <[email protected]> committed rVYOSONEX90ce099f0653: Merge pull request #2301 from vyos/mergify/bp/sagitta/pr-2298 (authored by jestabro).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX7447b4ef6e6c: op-mode: raid: T5608: define add/delete raid member (authored by jestabro).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX4da9e2cf686a: op-mode: disk: T5609: add arg by-id to format disk (authored by jestabro).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXb5edc618a442: vyos.utils: T5609: get disk device by partial id (authored by jestabro).
GitHub <[email protected]> committed rVYOSONEXe0ce69365f46: Merge pull request #2291 from vyos/mergify/bp/sagitta/pr-2284 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX1f6b7168af0d: Merge pull request #2299 from vyos/mergify/bp/sagitta/pr-2294 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX7253377e754e: Merge pull request #2298 from jestabro/disk-by-id (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX7e16cea1897e: Merge pull request #2292 from vyos/mergify/bp/sagitta/pr-2289 (authored by c-po).
Sep 21 2023
Sep 21 2023
indrajitr updated the task description for T5574: Support per-service cache management for dynamic dns providers.
The quickfix is to add a space for your paths so something that looks like /usr/local/bin if cloudflare blocks that you just add a space after the first / and the WAF is bypassed.
Viacheslav moved T5576: Add bgp remove-private-as all option from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T5576: Add bgp remove-private-as all option from Open to Finished on the VyOS 1.5 Circinus board.
n.fort changed the status of T5594: VRRP - Error if using IPv6 Link Local as hello source address from In progress to Needs testing.
Apachez added a comment to rVYOSONEXa4aad112042b: frr: T5591: hint about daemons that always run and can't be disabled.
Ehm, that hint already exists at line 2 of that file?
sarthurdev changed the status of T5376: Conntrack FTP helper does not work properly from Open to Confirmed.
sarthurdev changed the status of T5598: unknown parameter 'nf_conntrack_helper' ignored from Open to Confirmed.
This is likely also the issue causing T5376
Viacheslav moved T5590: Firewall "log enable" logs every packet from Open to Finished on the VyOS 1.5 Circinus board.
GitHub <[email protected]> committed rVYOSONEXd9d2b2b96b37: frr: T5591: cleanup of daemons file (authored by Apachez).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXefc1f296826c: T5602: Reverse-proxy add option backup for backend server (authored by Viacheslav).
GitHub <[email protected]> committed rVYOSONEXcb06343979c0: Merge pull request #2294 from sever-sever/T5602 (authored by c-po).
Sep 20 2023
Sep 20 2023
Great, Thanks!