Does 1.5 has the same bug?
Feed Search
May 23 2024
May 23 2024
Viacheslav edited projects for T6387: Bump conntrack to version 1:1.4.7-1, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
Viacheslav closed T6357: Create test repository to validate setup, a subtask of T6309: Check code quality with CodeQL, as Resolved.
May 22 2024
May 22 2024
Viacheslav triaged T6382: Add dkms in order to make firmware updates of NIC's possible as Wishlist priority.
Viacheslav moved T6384: rollback-soft should tell the user to compare and commit from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-GA) board.
Viacheslav edited projects for T6373: QoS Policy Limiter - classes for marked traffic do not work, added: VyOS 1.4 Sagitta (1.4.0-GA); removed VyOS 1.4 Sagitta.
Viacheslav moved T3493: DHCPv6 does not have prefix range validation from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-GA) board.
Viacheslav added a comment to T3493: DHCPv6 does not have prefix range validation.
Viacheslav triaged T6379: "generate openvpn" uses "comp-lzo no", which leads to problems on Android-Clients as Normal priority.
Viacheslav closed T6366: CGNAT add the ability to show allocation per external or internal address, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
May 21 2024
May 21 2024
Viacheslav added a comment to T6247: Add CGN "full cone" EIF support per RFC6888 REQ-7.
Viacheslav changed the status of T6366: CGNAT add the ability to show allocation per external or internal address, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6366: CGNAT add the ability to show allocation per external or internal address from Open to In progress.
Viacheslav added a comment to T5584: System cannot boot with commit-arachive location sftp in some cases.
@jestabro It was a report from the user; unfortunately, I do not have more details.
May 20 2024
May 20 2024
Viacheslav closed T6364: CGNAT drop hard limit that allowed only one translation rule, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav updated the task description for T5169: Add CGNAT Carrier-Grade NAT based on nftables.
Viacheslav added a comment to T6368: acme should also be able to listen on IPv6 addresses.
Can you manually edit the node and re-check if it will work for acme
sudo nano -c /opt/vyatta/share/vyatta-cfg/templates/pki/certificate/node.tag/acme/listen-address/node.def
replace:
type: txt
help: Local IPv4 addresses to listen on
val_help: ipv4; IPv4 address to listen for incoming connections
allowed: sh -c "${vyos_completion_dir}/list_local_ips.sh --ipv4"
syntax:expression: exec "${vyos_libexec_dir}/validate-value --exec \"${vyos_validators_dir}/ipv4-address \" --value \'$VAR(@)\'"; "Invalid value"to
type: txt help: Local IPv4 addresses to listen on val_help: ipv4; IPv4 address to listen for incoming connections
May 19 2024
May 19 2024
May 18 2024
May 18 2024
Viacheslav triaged T6366: CGNAT add the ability to show allocation per external or internal address as Wishlist priority.
Viacheslav added a comment to T6364: CGNAT drop hard limit that allowed only one translation rule.
PR https://github.com/vyos/vyos-1x/pull/3483
set nat cgnat pool external ext-01 external-port-range '40000-60000' set nat cgnat pool external ext-01 per-user-limit port '5000' set nat cgnat pool external ext-01 range 192.0.2.1-192.0.2.2 set nat cgnat pool external ext-01 range 192.0.2.11/32
Viacheslav triaged T6364: CGNAT drop hard limit that allowed only one translation rule as Low priority.
Viacheslav changed the status of T6364: CGNAT drop hard limit that allowed only one translation rule, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6364: CGNAT drop hard limit that allowed only one translation rule from Open to In progress.
May 17 2024
May 17 2024
Viacheslav added a comment to T6344: multiple ntp listen-address commands not working.
Viacheslav added a parent task for T6362: Add a conntrack/translations logger daemon: T5169: Add CGNAT Carrier-Grade NAT based on nftables.
Viacheslav triaged T6360: CGNAT add the ability to exclude (bypass) the translations for specific destinations as Wishlist priority.
Viacheslav closed T6347: CGNAT external pools containing dashes cause Traceback error, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav closed T6351: CGNAT add check if external and internal pools exists, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav closed T6350: CGNAT add op-mode to get current port allocation mapping, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav triaged T6343: Firewall source validation loose end up in complete traffic block on VRF interface as Normal priority.
Viacheslav added a comment to T5835: UPnP port mapping / rule installation fails.
I'd prefer to integrate the Port Control Protocol (PCP) instead.
Viacheslav added a comment to T5835: UPnP port mapping / rule installation fails.
You can still have it in a container easily; as I mentioned, it has never worked since 2021
You do not lose anything.
Viacheslav changed the status of T6350: CGNAT add op-mode to get current port allocation mapping, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6350: CGNAT add op-mode to get current port allocation mapping from Open to In progress.
May 16 2024
May 16 2024
Viacheslav added a comment to T6350: CGNAT add op-mode to get current port allocation mapping.
PR https://github.com/vyos/vyos-1x/pull/3466
vyos@r4:~$ show nat cgnat allocation Internal IP External IP Port range ------------- --------------- ------------ 100.64.0.0 192.168.122.222 1024-3023 100.64.0.1 192.168.122.222 3024-5023 100.64.0.2 192.168.122.222 5024-7023 100.64.0.3 192.168.122.222 7024-9023 100.64.0.4 192.168.122.222 9024-11023 100.64.0.5 192.168.122.222 11024-13023 100.64.0.6 192.168.122.222 13024-15023 100.64.0.7 192.168.122.222 15024-17023 100.64.0.8 192.168.122.222 17024-19023 100.64.0.9 192.168.122.222 19024-21023 100.64.0.10 192.168.122.222 21024-23023 100.64.0.11 192.168.122.222 23024-25023 100.64.0.12 192.168.122.222 25024-27023 100.64.0.13 192.168.122.222 27024-29023 100.64.0.14 192.168.122.222 29024-31023 100.64.0.15 192.168.122.222 31024-33023 vyos@r4:~$
Viacheslav changed the status of T6351: CGNAT add check if external and internal pools exists, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6351: CGNAT add check if external and internal pools exists from Open to In progress.
PR https://github.com/vyos/vyos-1x/pull/3464
set nat cgnat pool external ext1 external-port-range '1024-65535' set nat cgnat pool external ext1 per-user-limit port '2000' set nat cgnat pool external ext1 range 192.168.122.222/32 set nat cgnat pool internal int1 range '100.64.0.0/28' set nat cgnat rule 10 source pool 'fake-pool' set nat cgnat rule 10 translation pool 'ext1'
Viacheslav updated the task description for T6351: CGNAT add check if external and internal pools exists.
Viacheslav added a comment to T6347: CGNAT external pools containing dashes cause Traceback error.
Viacheslav changed the status of T6347: CGNAT external pools containing dashes cause Traceback error, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6347: CGNAT external pools containing dashes cause Traceback error from Open to In progress.
Viacheslav triaged T6350: CGNAT add op-mode to get current port allocation mapping as Wishlist priority.
Viacheslav triaged T6349: keep all workflows as reusable workflows in global .github and make vyox-1x to use from there as Normal priority.
Viacheslav updated the task description for T6348: SNAT op-mode fails with flowtable offload entries.
Viacheslav updated the task description for T6348: SNAT op-mode fails with flowtable offload entries.
Viacheslav triaged T6347: CGNAT external pools containing dashes cause Traceback error as Normal priority.
Viacheslav changed the status of T6058: Commit-Archive Save doesn't use https_proxy from Needs reporter action to Open.
Viacheslav added a comment to T6344: multiple ntp listen-address commands not working.
@molocho see the tasks T5301 T5154 and https://chrony-project.org/doc/4.3/chrony.conf.html#bindaddress
Viacheslav triaged T6345: Source NAT Port Mapping setting of Fully-Random is superfluous in Kernels 5.0 onwards as Normal priority.
May 15 2024
May 15 2024
Viacheslav moved T5900: Improve reliability of the vyos powerdns recursor implementation from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav closed T5900: Improve reliability of the vyos powerdns recursor implementation as Resolved.
Viacheslav triaged T6338: Ability to use per-user traffic shaper or policy limits based on the network as Wishlist priority.