In T6344#188757, @n.fort wrote:Maybe we should create another xml file identical to listen-address.xml.i but without multi option define in line 16.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
May 17 2024
May 17 2024
Maybe we should create another xml file identical to listen-address.xml.i but without multi option define in line 16.
natali-rs1985 changed the status of T5487: OPENVPN -DEPRECATED OPTION: --cipher from Confirmed to In progress.
Related to https://vyos.dev/T5471 ?
Viacheslav triaged T6360: CGNAT add the ability to exclude (bypass) the translations for specific destinations as Wishlist priority.
natali-rs1985 changed Is it a breaking change? from compatible to syntax on T5487: OPENVPN -DEPRECATED OPTION: --cipher.
Viacheslav closed T6347: CGNAT external pools containing dashes cause Traceback error, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav closed T6351: CGNAT add check if external and internal pools exists, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav closed T6350: CGNAT add op-mode to get current port allocation mapping, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
Viacheslav triaged T6343: Firewall source validation loose end up in complete traffic block on VRF interface as Normal priority.
a.apostoliuk changed the status of T6359: Multicast does not forward after reboot from Open to In progress.
a.apostoliuk changed the status of T6157: Can not create two GRE tunnels to the same DST but from different SRC addresses from In progress to Open.
You can still have it in a container easily; as I mentioned, it has never worked since 2021
You do not lose anything.
Viacheslav changed the status of T6350: CGNAT add op-mode to get current port allocation mapping, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6350: CGNAT add op-mode to get current port allocation mapping from Open to In progress.
dylanneild added a comment.Tue, May 14, 8:59 AM
If someone wants, I can probably unearth my patches to 1.4 and miniupnpd to make it all work. It was technically functional and worked as expected. I just don't have the time or patience to deal with getting it merged/integrated back into the project.The only thing I didn't add was a status script to get lease data, but that would be easy enough to create.
I'm AFK for a few days and would have to spin up some cold VMware instances so it'd take me a bit to grab / package up the relevant components.
May 16 2024
May 16 2024
aga added a comment to T6355: Make the strip-private filter obfuscate only passwords and private keys.
I also agree that the "default" stripping-behaviour should definitely be rethought for certain parts of the config. For example: the full public-key gets shown of the wireguard-peers on interfaces.
Vijayakumar changed the status of T6349: keep all workflows as reusable workflows in global .github and make vyox-1x to use from there, a subtask of T6309: Check code quality with CodeQL, from Open to In progress.
Vijayakumar changed the status of T6349: keep all workflows as reusable workflows in global .github and make vyox-1x to use from there from Open to In progress.
jestabro removed a project from T6149: Update node_data when merging nodes in reference tree generation: VyOS 1.5 Circinus.
jestabro closed T6149: Update node_data when merging nodes in reference tree generation as Resolved.
PR https://github.com/vyos/vyos-1x/pull/3466
vyos@r4:~$ show nat cgnat allocation Internal IP External IP Port range ------------- --------------- ------------ 100.64.0.0 192.168.122.222 1024-3023 100.64.0.1 192.168.122.222 3024-5023 100.64.0.2 192.168.122.222 5024-7023 100.64.0.3 192.168.122.222 7024-9023 100.64.0.4 192.168.122.222 9024-11023 100.64.0.5 192.168.122.222 11024-13023 100.64.0.6 192.168.122.222 13024-15023 100.64.0.7 192.168.122.222 15024-17023 100.64.0.8 192.168.122.222 17024-19023 100.64.0.9 192.168.122.222 19024-21023 100.64.0.10 192.168.122.222 21024-23023 100.64.0.11 192.168.122.222 23024-25023 100.64.0.12 192.168.122.222 25024-27023 100.64.0.13 192.168.122.222 27024-29023 100.64.0.14 192.168.122.222 29024-31023 100.64.0.15 192.168.122.222 31024-33023 vyos@r4:~$
Viacheslav changed the status of T6351: CGNAT add check if external and internal pools exists, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6351: CGNAT add check if external and internal pools exists from Open to In progress.
PR https://github.com/vyos/vyos-1x/pull/3464
set nat cgnat pool external ext1 external-port-range '1024-65535' set nat cgnat pool external ext1 per-user-limit port '2000' set nat cgnat pool external ext1 range 192.168.122.222/32 set nat cgnat pool internal int1 range '100.64.0.0/28' set nat cgnat rule 10 source pool 'fake-pool' set nat cgnat rule 10 translation pool 'ext1'
Viacheslav updated the task description for T6351: CGNAT add check if external and internal pools exists.
I think a warning is better than to block it from being set, specially since the workaround to load it through already existing config still remains.
Viacheslav changed the status of T6347: CGNAT external pools containing dashes cause Traceback error, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
Viacheslav changed the status of T6347: CGNAT external pools containing dashes cause Traceback error from Open to In progress.
natali-rs1985 changed Is it a breaking change? from none to compatible on T6348: SNAT op-mode fails with flowtable offload entries.
natali-rs1985 changed the status of T6348: SNAT op-mode fails with flowtable offload entries from Open to In progress.
Viacheslav triaged T6350: CGNAT add op-mode to get current port allocation mapping as Wishlist priority.
Viacheslav triaged T6349: keep all workflows as reusable workflows in global .github and make vyox-1x to use from there as Normal priority.
Viacheslav updated the task description for T6348: SNAT op-mode fails with flowtable offload entries.
Viacheslav updated the task description for T6348: SNAT op-mode fails with flowtable offload entries.
Viacheslav triaged T6347: CGNAT external pools containing dashes cause Traceback error as Normal priority.
Viacheslav changed the status of T6058: Commit-Archive Save doesn't use https_proxy from Needs reporter action to Open.
sorry for the late reply.You don't need any special commands. The only thing you have to set is the proxy and the commit archive.
@molocho see the tasks T5301 T5154 and https://chrony-project.org/doc/4.3/chrony.conf.html#bindaddress
Viacheslav triaged T6345: Source NAT Port Mapping setting of Fully-Random is superfluous in Kernels 5.0 onwards as Normal priority.
nvollmar added a comment to T4519: DHCPv6: "set show dhcpv6 server leases" should show DUID instead of IAID_DUID.
IMO it would make sense to show the DUID since that has to be passed for static mappings and is also configured on the client side
c-po moved T6333: non-free-firmware to trixie from Need Triage to Finished on the VyOS 1.5 Circinus board.
c-po moved T6333: non-free-firmware to trixie from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0) board.