Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Feb 13 2024

Viacheslav changed the subtype of T6040: Implement a firewall blacklisting solution from "Task" to "Feature Request".
Feb 13 2024, 3:43 PM · VyOS 1.5 Circinus
Viacheslav changed the status of T5482: Chrony NTP Server Fails To Sync Time from Open to Needs reporter action.

@dcplaya provide the whole configuration to reproduce or close the task if the reason is firewall incorrect configuration.

Feb 13 2024, 3:42 PM · VyOS 1.4 Sagitta
adestis updated the task description for T6040: Implement a firewall blacklisting solution.
Feb 13 2024, 3:34 PM · VyOS 1.5 Circinus
adestis created T6040: Implement a firewall blacklisting solution.
Feb 13 2024, 3:21 PM · VyOS 1.5 Circinus
Viacheslav added a comment to T5928: Configuration fails to load on boot if offloading has VLAN interfaces defined.

PR https://github.com/vyos/vyos-1x/pull/2999

Feb 13 2024, 12:21 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav changed the status of T5930: vrf - route-leak not work using route-target both command. from In progress to Needs testing.
Feb 13 2024, 11:12 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav closed T5982: Isolated interfaces smoketest fail as Resolved N/A.
Feb 13 2024, 11:10 AM · VyOS 1.3 Equuleus (1.3.7)
sarthurdev changed the status of T5992: DHCP: show dhcp server leases not showing all leases from In progress to Needs testing.

PR: https://github.com/vyos/vyos-1x/pull/2998

Feb 13 2024, 10:57 AM · VyOS 1.5 Circinus
sarthurdev removed a project from T2737: DHCP Lease not displayed with a static map: VyOS 1.5 Circinus.

Not an issue on 1.5 with Kea.

Feb 13 2024, 10:49 AM · Restricted Project, VyOS 1.5 Circinus
lclements0 created T6039: cloud-init DNS search-domain causes configuration migration/validation error.
Feb 13 2024, 4:47 AM · VyOS 1.4 Sagitta

Feb 12 2024

sarthurdev changed the status of T5992: DHCP: show dhcp server leases not showing all leases from Confirmed to In progress.
Feb 12 2024, 11:51 PM · VyOS 1.5 Circinus
sarthurdev moved T5952: DHCP allow same MAC Address on same subnet from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Feb 12 2024, 11:26 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
sarthurdev closed T5952: DHCP allow same MAC Address on same subnet as Resolved.
Feb 12 2024, 11:26 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
sarthurdev moved T5993: DHCP6: no leases are created unless specifying a "interface" on the zone from Need Triage to In Progress on the VyOS 1.5 Circinus board.
Feb 12 2024, 11:05 PM · Restricted Project, VyOS 1.5 Circinus
sarthurdev edited projects for T5993: DHCP6: no leases are created unless specifying a "interface" on the zone, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
Feb 12 2024, 11:05 PM · Restricted Project, VyOS 1.5 Circinus
sarthurdev changed the status of T5993: DHCP6: no leases are created unless specifying a "interface" on the zone from In progress to Needs testing.

PR: https://github.com/vyos/vyos-1x/pull/2997

Feb 12 2024, 11:05 PM · Restricted Project, VyOS 1.5 Circinus
sarthurdev changed the status of T5993: DHCP6: no leases are created unless specifying a "interface" on the zone from Confirmed to In progress.
Feb 12 2024, 10:39 PM · Restricted Project, VyOS 1.5 Circinus
jestabro changed Difficulty level from normal to hard on T5996: Incorrect behavior for backslash escapes in config save and compare commands.
Feb 12 2024, 9:05 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
jestabro added a comment to T5996: Incorrect behavior for backslash escapes in config save and compare commands.

This turns out to be non-trivial, due to the interaction between legacy and modern behavior; nonetheless, a simple preliminary fix is in testing, and the task will be updated with the details when the PR is complete.

Feb 12 2024, 9:05 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po closed T5849: Add SRv6 route commands, a subtask of T591: Support SRv6, as Resolved.
Feb 12 2024, 8:44 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po closed T5849: Add SRv6 route commands as Resolved.
Feb 12 2024, 8:44 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po closed T5849: Add SRv6 route commands, a subtask of T5788: frr: update to 9.1 release, as Resolved.
Feb 12 2024, 8:44 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po moved T5849: Add SRv6 route commands from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Feb 12 2024, 8:44 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po closed T6010: Support setting multiple values in BGP path-attribute as Resolved.
Feb 12 2024, 8:44 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po moved T6010: Support setting multiple values in BGP path-attribute from In Progress to Finished on the VyOS 1.4 Sagitta board.
Feb 12 2024, 8:44 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po closed T6004: Missing RPKI boot priority prevents it from loading, a subtask of T5938: Migration fail root task for 1.4-rc, as Resolved.
Feb 12 2024, 8:43 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
c-po closed T6004: Missing RPKI boot priority prevents it from loading as Resolved.
Feb 12 2024, 8:43 PM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa2)
c-po moved T6032: bgp: add EVPN MAC-VRF Site-of-Origin support from Need Triage to In Progress on the VyOS 1.4 Sagitta board.
Feb 12 2024, 8:33 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po moved T6032: bgp: add EVPN MAC-VRF Site-of-Origin support from Need Triage to Finished on the VyOS 1.5 Circinus board.
Feb 12 2024, 8:33 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po added a comment to T6032: bgp: add EVPN MAC-VRF Site-of-Origin support.

https://github.com/vyos/vyos-1x/pull/2987

Feb 12 2024, 8:32 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
sarthurdev added a comment to T5993: DHCP6: no leases are created unless specifying a "interface" on the zone.

This does seem to be new behaviour introduced with Kea. ISC dhcpd did previously assume local distribution of a subnet based on the interface having an address within the subnet, Kea has changed to require this being explicitly defined.

Feb 12 2024, 8:23 PM · Restricted Project, VyOS 1.5 Circinus
sarthurdev moved T5981: IPsec site-to-site migrated PKI ca certificates are created with an '@' from Need Triage to In Progress on the VyOS 1.5 Circinus board.
Feb 12 2024, 8:10 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
sarthurdev changed the status of T5981: IPsec site-to-site migrated PKI ca certificates are created with an '@' from Open to Needs testing.

PR: https://github.com/vyos/vyos-1x/pull/2993

Feb 12 2024, 8:10 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
sarthurdev changed the status of T3771: DHCPv6 server prefix delegation - dynamically add route to delegated prefix via requesting router from In progress to Needs testing.
Feb 12 2024, 7:47 PM · VyOS 1.5 Circinus
thannaske created T6038: Losing default route after first reboot (cloud-init & DHCP).
Feb 12 2024, 6:30 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
evilmog added a comment to T6036: OpenVPN Register client names in DNS via learn-address.

I'm thinking end of the day an integrated learn address script that can update vyos's forwarder or any of the upstream DNS its using, and then calling learn-address on each client learned in the openvpn is the ideal way to do it since learn-address is built into openvpn

Feb 12 2024, 6:00 PM · VyOS 1.4 Sagitta (1.4.1)
evilmog added a comment to T6036: OpenVPN Register client names in DNS via learn-address.

Here is a redacted version

Feb 12 2024, 5:59 PM · VyOS 1.4 Sagitta (1.4.1)
Viacheslav triaged T6037: QoS policy limiter without specified class selector error as Normal priority.
Feb 12 2024, 5:16 PM · VyOS 1.5 Circinus
Viacheslav updated the task description for T6037: QoS policy limiter without specified class selector error.
Feb 12 2024, 5:15 PM · VyOS 1.5 Circinus
Viacheslav created T6037: QoS policy limiter without specified class selector error.
Feb 12 2024, 5:14 PM · VyOS 1.5 Circinus
Viacheslav added a comment to T6036: OpenVPN Register client names in DNS via learn-address.

@evilmog Can you provide the OpenVPN/other configuration to achieve what you want?

Feb 12 2024, 5:07 PM · VyOS 1.4 Sagitta (1.4.1)
n.fort changed the status of T6019: Bump nftables and libnftnl version from In progress to Needs testing.
Feb 12 2024, 5:05 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
n.fort changed the status of T6009: Firewall - Time not working properly when not using UTC from In progress to Needs testing.
Feb 12 2024, 5:05 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
evilmog created T6036: OpenVPN Register client names in DNS via learn-address.
Feb 12 2024, 4:38 PM · VyOS 1.4 Sagitta (1.4.1)
Viacheslav changed the status of T1317: OpenVPN configuration fails if it depends on another interface. from In progress to Needs reporter action.

Wait two weeks before closing.
@mb300sd Let us know if it is fixed.

Feb 12 2024, 4:26 PM · VyOS 1.3 Equuleus (1.3.9), test
Viacheslav triaged T6035: random-detect QoS policies cause commit failures due to a missing tc parameter (avpkt) as Normal priority.
Feb 12 2024, 3:07 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav created T6035: random-detect QoS policies cause commit failures due to a missing tc parameter (avpkt).
Feb 12 2024, 3:06 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav moved T3843: l2tp configuration not cleared after delete from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Feb 12 2024, 2:25 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
Viacheslav moved T3843: l2tp configuration not cleared after delete from Need Triage to Finished on the VyOS 1.5 Circinus board.
Feb 12 2024, 2:25 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
Viacheslav added a comment to T3843: l2tp configuration not cleared after delete.

It cannot be backported to 1.3 as there are no config-mode-dependencies

Feb 12 2024, 2:24 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
Viacheslav added a comment to T2505: XCP-ng packet drops for small packets (e.g. icmp) under Xen and AWS.

There have been no reports since 2021

Feb 12 2024, 2:21 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
danhusan added a comment to T5811: static dhcp-interface routes not installed.

@Viacheslav

Feb 12 2024, 1:00 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
n.fort added a comment to T6019: Bump nftables and libnftnl version.

PR for fix in vyos-build: https://github.com/vyos/vyos-build/pull/501
PR for smoketest (modified because of change in build): https://github.com/vyos/vyos-1x/pull/2991

Feb 12 2024, 12:44 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
n.fort added a comment to T6009: Firewall - Time not working properly when not using UTC.

PR for fix in vyos-build: https://github.com/vyos/vyos-build/pull/501
PR for smoketest (modified because of change in build): https://github.com/vyos/vyos-1x/pull/2991

Feb 12 2024, 12:44 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Sonicbx added a comment to T2505: XCP-ng packet drops for small packets (e.g. icmp) under Xen and AWS.

What is the resolution? How was it resolved? @Viacheslav

Feb 12 2024, 12:40 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
syncer renamed Customer request from Customer ticket to Customer request.
Feb 12 2024, 12:29 PM
dmbaturin created Customer request.
Feb 12 2024, 12:26 PM
HollyGurza changed the status of T6020: VRRP health-check script is not applied correctly in keepalived.conf from Open to In progress.
Feb 12 2024, 11:32 AM · VyOS 1.4 Sagitta (1.4.0-epa2)
HollyGurza claimed T3843: l2tp configuration not cleared after delete.
Feb 12 2024, 11:32 AM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
HollyGurza claimed T6020: VRRP health-check script is not applied correctly in keepalived.conf.
Feb 12 2024, 11:31 AM · VyOS 1.4 Sagitta (1.4.0-epa2)
dmbaturin added a member for Maintainers: natali-rs1985.
Feb 12 2024, 11:24 AM
dmbaturin added a member for Maintainers: HollyGurza.
Feb 12 2024, 11:24 AM
dmbaturin removed a member for Maintainers: Unknown Object (User).
Feb 12 2024, 11:23 AM
dmbaturin changed the edit policy for T6020: VRRP health-check script is not applied correctly in keepalived.conf.
Feb 12 2024, 11:22 AM · VyOS 1.4 Sagitta (1.4.0-epa2)
Viacheslav moved T5926: IPSEC does not apply after l2tp configuration was changed from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Feb 12 2024, 10:35 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.5 Circinus
Viacheslav moved T5926: IPSEC does not apply after l2tp configuration was changed from Need Triage to Finished on the VyOS 1.5 Circinus board.
Feb 12 2024, 10:35 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.5 Circinus
Viacheslav edited projects for T4393: sstp: add support for configuring host-name (SNI), added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
Feb 12 2024, 10:30 AM · VyOS 1.4 Sagitta (1.4.0-GA)
adestis added a comment to T4797: External address/network lists for firewall (Local and remote).

@TheSin- we also need this feature because our old blacklisting implementation is no longer working since the new nft implementation replaces sets after changes in the config.
So we have to go the official way and I just stumbled over your feature request when I started to make my own implementation.
Even when I have not implemented any core parts for VyOS yet, I offer my help with the implementation of this feature.

Feb 12 2024, 10:14 AM · VyOS 1.5 Circinus
Viacheslav reopened T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled as "Open".
Feb 12 2024, 9:45 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Viacheslav closed T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled as Resolved.
Feb 12 2024, 9:44 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Viacheslav closed T1941: Config mismatch with FRR on misconfiguration of V6 peer, a subtask of T2174: Rewrite protocol BGP to new XML/Python style, as Wontfix.
Feb 12 2024, 9:24 AM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav closed T1941: Config mismatch with FRR on misconfiguration of V6 peer as Wontfix.
Feb 12 2024, 9:24 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta
Viacheslav edited projects for T1911: Completion helper list is not sorted, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
Feb 12 2024, 9:21 AM · Restricted Project, VyOS 1.5 Circinus
Viacheslav removed a project from T2005: Two CEASE notifications sent to BGP peers during reboot: VyOS 1.3 Equuleus (1.3.7).
Feb 12 2024, 9:17 AM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Viacheslav edited projects for T2124: RPZ support in DNS forwarder for DNS Firewall, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
Feb 12 2024, 9:16 AM · VyOS 1.5 Circinus
Viacheslav changed the status of T2250: vyos-build "make iso" error if configure was ran outside of the docker container from Open to Needs reporter action.

merged

Feb 12 2024, 9:05 AM · VyOS 1.3 Equuleus (1.3.5)
Viacheslav closed T2505: XCP-ng packet drops for small packets (e.g. icmp) under Xen and AWS as Resolved N/A.
Feb 12 2024, 9:01 AM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Viacheslav edited projects for T2775: QAT acceleration for OpenVPN, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
Feb 12 2024, 9:00 AM · VyOS 1.5 Circinus
adestis added a comment to T1610: Support operator mode commands via REST API.

@dmbaturin I understand that show commands are already implemented via the API.
But what about commands like ping and traceroute?
Would this require much more effort?

Feb 12 2024, 7:44 AM

Feb 11 2024

c-po updated the task description for T6034: rpki: move file based SSH keys for authentication to PKI subsystem.
Feb 11 2024, 8:53 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po updated the task description for T6034: rpki: move file based SSH keys for authentication to PKI subsystem.
Feb 11 2024, 8:33 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po changed the status of T6034: rpki: move file based SSH keys for authentication to PKI subsystem, a subtask of T3642: PKI configuration, from Open to In progress.
Feb 11 2024, 8:33 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
c-po changed the status of T6034: rpki: move file based SSH keys for authentication to PKI subsystem from Open to In progress.
Feb 11 2024, 8:33 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po created T6034: rpki: move file based SSH keys for authentication to PKI subsystem.
Feb 11 2024, 8:32 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
ServerForge renamed T6033: hsflowd fails to start when using a tunnel interface from hsflowd fails to start when using a VRF to hsflowd fails to start when using a tunnel interface.
Feb 11 2024, 4:31 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
ServerForge added a comment to T6033: hsflowd fails to start when using a tunnel interface.

Seems its actually the tunnel interface it doesnt like, not the address.

Feb 11 2024, 4:30 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
ServerForge created T6033: hsflowd fails to start when using a tunnel interface.
Feb 11 2024, 4:20 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
c-po changed the status of T6032: bgp: add EVPN MAC-VRF Site-of-Origin support, a subtask of T5788: frr: update to 9.1 release, from Open to In progress.
Feb 11 2024, 8:30 AM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po changed the status of T6032: bgp: add EVPN MAC-VRF Site-of-Origin support from Open to In progress.
Feb 11 2024, 8:30 AM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po created T6032: bgp: add EVPN MAC-VRF Site-of-Origin support.
Feb 11 2024, 8:30 AM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus

Feb 10 2024

dmbaturin closed T2597: Add more options to API as Resolved.
Feb 10 2024, 8:50 PM
dmbaturin edited projects for T2114: Use unique interface name prefix for each tunnel type, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
Feb 10 2024, 8:48 PM · Restricted Project, VyOS 1.5 Circinus
dmbaturin lowered the priority of T1730: Adding the remote syslog feature to webproxy from Normal to Low.
Feb 10 2024, 8:47 PM · VyOS 1.5 Circinus
dmbaturin removed a project from T1610: Support operator mode commands via REST API: VyOS 1.3 Equuleus (1.3.7).
Feb 10 2024, 8:47 PM
dmbaturin closed T1610: Support operator mode commands via REST API as Resolved N/A.

The GraphQL API supports op mode in a much nicer way.

Feb 10 2024, 8:46 PM
dmbaturin closed T1417: IPv6 zone based firewall rules can't be modified as Resolved N/A.

The code in question was rewritten, but if any new bugs show up, feel free to report.

Feb 10 2024, 8:46 PM
dmbaturin closed T1198: Extra hyphen in suggested image name on upgrade as Resolved N/A.
Feb 10 2024, 8:45 PM · VyOS 1.3 Equuleus (1.3.7)
dmbaturin closed T1090: Webproxy overhaul, a subtask of T563: webproxy: migrate 'service webproxy' to get_config_dict(), as Resolved.
Feb 10 2024, 8:45 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
dmbaturin closed T1090: Webproxy overhaul as Resolved.
Feb 10 2024, 8:44 PM · VyOS 1.4 Sagitta
dmbaturin closed T1000: Broken 6rd tunnel implementation as Resolved N/A.

The code in question has been rewritten so if there are bugs, they are likely different. ;)

Feb 10 2024, 8:44 PM
First
Prev
Next