done
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Apr 10 2023
Apr 10 2023
tfiebig added a comment to T5078: VyOS BGP does not support 'show bgp neighbors $NB filtered-routes'.
After applying above rules an a system without any qos configured, it failed to create the redirect, commit was succesfull but tc disk show did not show the redirect. After removing and applying the redirect between commits, the redirect was present.
Changing the max bandwidth to 10mbit and commiting removed the redirect again.
Viacheslav added a comment to T5078: VyOS BGP does not support 'show bgp neighbors $NB filtered-routes'.
Create please the PR
Thanks.
Viacheslav closed T5110: Show frr op-mode vtysh_pam: Failed in account validation, a subtask of T5100: Update FRR to 8.5, as Resolved.
It cannot pass the smoketest /usr/libexec/vyos/tests/smoke/cli/test_interfaces_wireless.py
06:48:28 DEBUG - test_wireless_access_point_bridge (__main__.WirelessInterfaceTest.test_wireless_access_point_bridge) ... FAIL 06:48:29 DEBUG - test_wireless_access_point_bridge (__main__.WirelessInterfaceTest.test_wireless_access_point_bridge) ... ERROR 06:48:30 DEBUG - test_wireless_add_single_ip_address (__main__.WirelessInterfaceTest.test_wireless_add_single_ip_address) ... ERROR 06:48:32 DEBUG - test_wireless_add_single_ip_address (__main__.WirelessInterfaceTest.test_wireless_add_single_ip_address) ... ERROR 06:48:33 DEBUG - test_wireless_hostapd_config (__main__.WirelessInterfaceTest.test_wireless_hostapd_config) ... FAIL 06:48:34 DEBUG - test_wireless_hostapd_config (__main__.WirelessInterfaceTest.test_wireless_hostapd_config) ... ERROR 06:48:37 DEBUG - test_wireless_hostapd_wpa_config (__main__.WirelessInterfaceTest.test_wireless_hostapd_wpa_config) ... FAIL 06:48:38 DEBUG - test_wireless_hostapd_wpa_config (__main__.WirelessInterfaceTest.test_wireless_hostapd_wpa_config) ... ERROR
syncer reopened T425: AWS CloudWatch monitoring scripts, a subtask of T5129: Add AWS build flavour, as Open.
Requires some additional work
we need to preserve configuration between upgrade
alternatively, we need to investigate if default config can be used with VM role
Viacheslav changed the status of T5148: OpenVPN cannot start due to could not load plugin shared object /openvpn-otp.so from Open to In progress.
Viacheslav moved T5151: EAP-TLS TLSv1.0/1.1 regression after T5003 from Open to Finished on the VyOS 1.4 Sagitta board.
Closing as resolved because the PRs were merged (thanks for the quick review!)
Apr 9 2023
Apr 9 2023
GitHub <[email protected]> committed rVYOSONEXf5d40cf3cf8b: Merge pull request #1944 from chenxiaolong/eapol_tls_1.0_regression (authored by c-po).
For eapol specifically, if your use case involves only a single chain (1 root CA + 1 or more intermediate CAs), then my fix from T4245 should do the trick. You can add each root/intermediate CA to the PKI and then set eapol to the leaf intermediate CA. When the wpa_supplicant configuration is generated, vyos will add the intermediate CA and all of its parents to the .crt file.
Submitted PRs:
Apr 8 2023
Apr 8 2023
c-po changed the status of T5150: Rework CLI definitions to apply route-maps between routing daemons and zebra/kernel from Open to In progress.
c-po updated the task description for T5150: Rework CLI definitions to apply route-maps between routing daemons and zebra/kernel.
Apr 7 2023
Apr 7 2023
jestabro closed T5149: op-mode openvpn should not raise error in case interface is disabled as Resolved.
jestabro triaged T5149: op-mode openvpn should not raise error in case interface is disabled as Normal priority.
Viacheslav added a comment to T5148: OpenVPN cannot start due to could not load plugin shared object /openvpn-otp.so.
Otp not configured
Viacheslav updated the task description for T5148: OpenVPN cannot start due to could not load plugin shared object /openvpn-otp.so.
Apr 6 2023
Apr 6 2023
We have targets-checks 203.0.113.1, 192.0.2.1, and if any of these targets are unreachable, we delete this route.
Is it correct?
@c-po How is the review and discussion on this feature going?
Viacheslav closed T5125: Add op-mode commands for hsflowd based sflow, a subtask of T5086: Integrate hsflowd for sflow accounting, as Resolved.
Viacheslav closed T5146: Show recent login of all users, a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, as Invalid.
A similar output exists
show system login users Possible completions: <Enter> Execute the current command all Show information about all accounts locked Show information about locked accounts other Show information about non VyOS user accounts vyos Show information about VyOS user accounts`
Apr 5 2023
Apr 5 2023
Viacheslav changed the status of T5146: Show recent login of all users, a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, from Open to In progress.
GitHub <[email protected]> committed rVYOSONEX0b0f991a8646: Merge pull request #1928 from c-po/t4959-backport (authored by c-po).
c-po closed T425: AWS CloudWatch monitoring scripts, a subtask of T5129: Add AWS build flavour, as Resolved.
c-po moved T5136: Possible config corruption on upgrade from Backport Candidates to Finished on the VyOS 1.3 Equuleus (1.3.3) board.
Viacheslav closed T5145: Add maxsyslogins maximum number of all logins on system , a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, as Resolved.
In T4362#146398, @Viacheslav wrote:@marc_s Will be fixed in the next rolling release, could you check?
marc_s added a comment to T5141: Add numbers for dhclient-exit-hooks.d to enforce script order execution.
Thanks @Viacheslav will test ASAP, next week I have a maintenance window, will let you know.
a.apostoliuk changed the status of T5135: Rewrite opennhrp script using vyos.ipsec library from In progress to Needs testing.
Apr 4 2023
Apr 4 2023
Viacheslav changed the status of T5138: Add patch to accel-ppp build L2TP LNS use Calling-Number as RADIUS Calling-Station-ID from In progress to Needs testing.
Viacheslav changed the status of T5145: Add maxsyslogins maximum number of all logins on system , a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, from In progress to Needs testing.
Viacheslav changed the status of T5145: Add maxsyslogins maximum number of all logins on system from In progress to Needs testing.
GitHub <[email protected]> committed rVYOSONEX85b46a6b225c: Merge pull request #1937 from aapostoliuk/T5135-sagitta (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXe520e0841013: Merge pull request #1939 from sever-sever/T5145 (authored by c-po).
PR https://github.com/vyos/vyos-1x/pull/1939
set system login max-login-session '1' set system login timeout '600'
Viacheslav changed the status of T5145: Add maxsyslogins maximum number of all logins on system , a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, from Open to In progress.
Viacheslav changed the status of T5145: Add maxsyslogins maximum number of all logins on system from Open to In progress.
Is it possible to implement multiple test targets instead of just one?
Bug: unable to rename a failover route:
@Viacheslav Ok!
Harliff awarded T1237: Static Route Path Monitoring, failover a Burninate token.
Harliff awarded T1237: Static Route Path Monitoring, failover a Like token.
Viacheslav updated the task description for T4712: Collaborative Protection Profile cPP for Network Devices root task.
@Harliff It is better to write to this task if you find bugs or propose new features.
So anyone could claim/fix it.
Thanks.
@Viacheslav, where is best place to discuss the feature (ask a question or report a bug)?
Viacheslav updated the task description for T5142: One of the requirements is to use a system auditing tool to monitor and log all security-relevant events..
Viacheslav updated the task description for T5142: One of the requirements is to use a system auditing tool to monitor and log all security-relevant events..
Viacheslav changed the status of T5142: One of the requirements is to use a system auditing tool to monitor and log all security-relevant events., a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, from Open to In progress.
Viacheslav changed the status of T5142: One of the requirements is to use a system auditing tool to monitor and log all security-relevant events. from Open to In progress.
Nice feature. I'm testing it now.
Viacheslav changed the status of T5138: Add patch to accel-ppp build L2TP LNS use Calling-Number as RADIUS Calling-Station-ID from Open to In progress.
@neilmckee Thanks.
If output looks good we can close the task
a.apostoliuk changed the status of T5093: Command 'reset vpn ipsec-profile' doesn't work from In progress to Needs testing.
Viacheslav closed T4362: Wan Load Balancing - Can't create routing tables, a subtask of T4470: Rewrite load-balancing wan to XML/Python, as Resolved.
Apr 3 2023
Apr 3 2023
indrajitr changed the status of T5143: Apply constraint on powerdns forward-zones configuration from Open to In progress.
I think one of the problems is that all tables are generated even if there are no rules in it.