The firewall refactoring released 4th aug 2023 only (so far) took care about the documentation in the configuration section:
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Sep 2 2023
Sep 2 2023
GitHub <[email protected]> committed rVYOSONEXe74b38c4d862: Merge pull request #2191 from c-po/equuleus (authored by c-po).
alainlamar removed a project from T5540: vyos-1x: Wrong VHT configuration for WiFi 802.11ac: vyatta-wireless.
alainlamar updated the task description for T5539: vyos-build: wireless-regdb would not load due to signature mismatch.
Apachez added a comment to T5538: Change order within variable lb_config_tmpl to fit order of manpage and fix some typos.
PR created: https://github.com/vyos/vyos-build/pull/391
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.
PR created: https://github.com/vyos/vyos-build/pull/390
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.
PR389 build failed:
Sep 1 2023
Sep 1 2023
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.
PR created: https://github.com/vyos/vyos-build/pull/389
Viacheslav changed the status of T5536: show dhcp client leases caues No module named 'vyos.validate' from In progress to Needs testing.
GitHub <[email protected]> committed rVYOSONEXd3da15234e52: Merge pull request #2193 from sever-sever/T5536 (authored by c-po).
Apachez added a comment to T5534: VRRP rfc3768-compatibility broken after build 1.4-rolling-202308260020.
There was a similar case where it turned out that INPUT/OUTPUT chains for the firewall must be updated to include the stuff VRRP is doing.
Reported in: https://forum.vyos.io/t/error-show-dhcp-lease/12030
See this task instead: https://vyos.dev/T5536
Viacheslav changed the status of T5536: show dhcp client leases caues No module named 'vyos.validate' from Open to In progress.
At the moment of applying vrrp configuration eth1 IPv6 address
inet6 2001:db8::3/125 scope global tentative
Then
inet6 2001:db8::3/125 scope global
Viacheslav added a project to T4754: Improvement: system login: show configured 2FA OTP key: VyOS 1.5 Circinus.
Viacheslav edited projects for T3214: OpenVPN IPv6 fixes, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
Viacheslav edited projects for T3316: Use Kea DHCP(v6) instead of ISC DHCP(v6), added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
Viacheslav edited projects for T160: Support NAT64, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/2191
Thanks for the follow-up @eyanulis!
Aug 31 2023
Aug 31 2023
Unknown Object (User) added a comment to T5192: RNDIS Missing from Kernel.
vishvas added a comment to T5534: VRRP rfc3768-compatibility broken after build 1.4-rolling-202308260020.
Dear Sir
Problem is with virtual address is not reachable on this build. Does not work after VRRP restart.
jestabro edited projects for T5528: Replace legacy loadFile with config_diff, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
Close it for now.
There are no requirements to do it.
Ok, thanks for the info.
We have seen occasional corruption of config.boot during system update, as reported, for example:
https://vyos.dev/T5267
That issue has been resolved here:
https://vyos.dev/T5520
Viacheslav added a comment to T5534: VRRP rfc3768-compatibility broken after build 1.4-rolling-202308260020.
Try restart vrrp
There could be this bug https://vyos.dev/T5533
Just use /usr/bin/accel-cmd -p 2001 pppoe interface add "xxx"
Viacheslav moved T3546: Add support for running scripts on PPPoE server session events from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
Viacheslav changed the status of T3546: Add support for running scripts on PPPoE server session events from Unknown Status to Resolved.
GitHub <[email protected]> committed rVYOSONEX0ba723bcdbf6: Merge pull request #2181 from sever-sever/T738-eq (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXcfb75337c242: Merge pull request #2168 from sever-sever/T3546 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX8e9709002abf: Merge pull request #2166 from sever-sever/T5506-eq (authored by c-po).
jestabro added a comment to T5493: Add capability to use local and external dynamic-lists for firewall rules but also for various policies such as access-list, route-maps etc..
Note that the PR for T4797 was never updated for requested changes:
https://github.com/vyos/vyos-1x/pull/1648
Any updates on this?
GitHub <[email protected]> committed rVYOSONEX18a6163ed2e0: Merge pull request #2189 from sever-sever/T5531 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXca0cf364f05b: Merge pull request #2190 from sarthurdev/T4782 (authored by c-po).
Still bug
vyos@r1# set service webproxy
Possible completions:
append-domain
Default domain name
> authentication
Proxy Authentication Settings
+> cache-peer Specify other caches in a hierarchy
cache-size Disk cache size in MB (default: 100)
default-port Default Proxy Port (default: 3128)
disable-access-log
Disable logging of HTTP accesses
+ domain-block Domain name to block
+ domain-noncache
Domain name to access without caching
+> listen-address
IPv4 listen-address for WebProxy [REQUIRED]
maximum-object-size
Maximum size of object to be stored in cache in kilobytes
mem-cache-size
Memory cache size in MB
minimum-object-size
Maximum size of object to be stored in cache in kilobytes
outgoing-address
Outgoing IP address for webproxy
+ reply-block-mime
MIME type to block
reply-body-max-size
Maximum reply body size in KB
> url-filtering
URL filtering settingssyncer moved T5531: Containers add label option from Open to In Progress on the VyOS 1.4 Sagitta board.
evgbondarenko changed the Default View Policy policy for application Files from All Users to Custom Policy.
Viacheslav closed T4855: Trying to create more than one tunnel of the same type to the same address causes unhandled exception as Resolved.
Fixed VyOS 1.3-stable-202308240442
set interfaces tunnel tun1 encapsulation 'gre' set interfaces tunnel tun1 remote '203.0.113.254' set interfaces tunnel tun1 source-address '203.0.113.1'
evgbondarenko changed the Default View Policy policy for application Files from Custom Policy to All Users.
Viacheslav added a project to T5533: Keepalived VRRP IPv6 group enters in FAULT state : VyOS 1.3 Equuleus (1.3.5).
Apachez changed the status of T5513: Anomalies in show firewall command after refactoring from Needs testing to Open.
- Error in show firewall group:
Viacheslav updated the task description for T5532: After add system image the boot stuck and works again after the second reboot.
Apachez added a comment to T5532: After add system image the boot stuck and works again after the second reboot.
I can confirm that I experienced the same thing with update to VyOS 1.4-rolling-202308310021.
I assume backports will be used once VyOS 1.3.4 gets compiled?
Viacheslav renamed T5532: After add system image the boot stuck and works again after the second reboot from After add system image the boot stack and works again after the second reboot to After add system image the boot stuck and works again after the second reboot.
Viacheslav renamed T5532: After add system image the boot stuck and works again after the second reboot from Afterf add system image the boot stack to After add system image the boot stack and works again after the second reboot.
Viacheslav updated the task description for T5532: After add system image the boot stuck and works again after the second reboot.
sarthurdev changed the status of T4782: Allow multiple CA certificates (on e.g. EAPoL) from In progress to Needs testing.
Viacheslav moved T4874: Add Warning message to Equuleus from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
unity closed T5525: Change dev.packages.vyos.net repo to rolling-packages.vyos.net vyos-build:current uses as Resolved.
PR is merged
Viacheslav moved T5140: Firewall network-group problems from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
Fixed VyOS 1.3-stable-202308240442
vyos@r1# set firewall group network-group NG network 198.51.100.0/24 [edit] vyos@r1# commit [edit] vyos@r1# set firewall group network-group NG network 198.51.100.99/32 [edit] vyos@r1# commit [edit] vyos@r1#