@TheSin- we also need this feature because our old blacklisting implementation is no longer working since the new nft implementation replaces sets after changes in the config.
So we have to go the official way and I just stumbled over your feature request when I started to make my own implementation.
Even when I have not implemented any core parts for VyOS yet, I offer my help with the implementation of this feature.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Feb 12 2024
Feb 12 2024
dmbaturin changed the edit policy for T6020: VRRP health-check script is not applied correctly in keepalived.conf.
Viacheslav moved T5926: IPSEC does not apply after l2tp configuration was changed from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T5926: IPSEC does not apply after l2tp configuration was changed from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav edited projects for T4393: sstp: add support for configuring host-name (SNI), added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
Viacheslav reopened T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled as "Open".
Feb 12 2024, 9:45 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Viacheslav closed T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled as Resolved.
Feb 12 2024, 9:44 AM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Viacheslav closed T1941: Config mismatch with FRR on misconfiguration of V6 peer, a subtask of T2174: Rewrite protocol BGP to new XML/Python style, as Wontfix.
Viacheslav edited projects for T1911: Completion helper list is not sorted, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
Viacheslav removed a project from T2005: Two CEASE notifications sent to BGP peers during reboot: VyOS 1.3 Equuleus (1.3.7).
Viacheslav edited projects for T2124: RPZ support in DNS forwarder for DNS Firewall, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
Viacheslav changed the status of T2250: vyos-build "make iso" error if configure was ran outside of the docker container from Open to Needs reporter action.
merged
Viacheslav closed T2505: XCP-ng packet drops for small packets (e.g. icmp) under Xen and AWS as Not Applicable.
Viacheslav edited projects for T2775: QAT acceleration for OpenVPN, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
@dmbaturin I understand that show commands are already implemented via the API.
But what about commands like ping and traceroute?
Would this require much more effort?
GitHub <[email protected]> committed rVYOSONEX3234c16803f4: Merge pull request #2990 from vyos/mergify/bp/sagitta/pr-2980 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXb818555726b6: Merge pull request #2989 from vyos/mergify/bp/sagitta/pr-2986 (authored by c-po).
Feb 11 2024
Feb 11 2024
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXcafd8840dfed: srv6: T5849: add segment support to "protocols static route6" (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXb5525d96617a: bgp: T6010: support setting multiple values for neighbor path-attribute (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXbf595a899ae1: Merge pull request #2980 from c-po/srv6-T5849 (authored by dmbaturin).
GitHub <[email protected]> committed rVYOSONEX1d0c97f7b13e: Merge pull request #2986 from c-po/bgp-t6010 (authored by dmbaturin).
c-po updated the task description for T6034: rpki: move file based SSH keys for authentication to PKI subsystem.
c-po updated the task description for T6034: rpki: move file based SSH keys for authentication to PKI subsystem.
c-po changed the status of T6034: rpki: move file based SSH keys for authentication to PKI subsystem, a subtask of T3642: PKI configuration, from Open to In progress.
c-po changed the status of T6034: rpki: move file based SSH keys for authentication to PKI subsystem from Open to In progress.
ServerForge renamed T6033: hsflowd fails to start when using a tunnel interface from hsflowd fails to start when using a VRF to hsflowd fails to start when using a tunnel interface.
Seems its actually the tunnel interface it doesnt like, not the address.
c-po changed the status of T6032: bgp: add EVPN MAC-VRF Site-of-Origin support, a subtask of T5788: frr: update to 9.1 release, from Open to In progress.
c-po changed the status of T6032: bgp: add EVPN MAC-VRF Site-of-Origin support from Open to In progress.
Feb 10 2024
Feb 10 2024
dmbaturin edited projects for T2114: Use unique interface name prefix for each tunnel type, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
dmbaturin lowered the priority of T1730: Adding the remote syslog feature to webproxy from Normal to Low.
dmbaturin removed a project from T1610: Support operator mode commands via REST API: VyOS 1.3 Equuleus (1.3.7).
The GraphQL API supports op mode in a much nicer way.
The code in question was rewritten, but if any new bugs show up, feel free to report.
dmbaturin closed T1090: Webproxy overhaul, a subtask of T563: webproxy: migrate 'service webproxy' to get_config_dict(), as Resolved.
The code in question has been rewritten so if there are bugs, they are likely different. ;)
GitHub <[email protected]> committed rVYOSONEX5abd4333c1ee: Merge pull request #2985 from vyos/mergify/bp/sagitta/pr-2983 (authored by dmbaturin).
GitHub <[email protected]> committed rVYOSONEX3b383b52888a: Merge pull request #2984 from vyos/mergify/bp/sagitta/pr-2982 (authored by dmbaturin).
GitHub <[email protected]> committed rVYOSONEXf583773faf67: Merge pull request #2981 from c-po/equuleus (authored by dmbaturin).
c-po moved T6010: Support setting multiple values in BGP path-attribute from Open to In Progress on the VyOS 1.4 Sagitta board.
c-po moved T6010: Support setting multiple values in BGP path-attribute from Open to Finished on the VyOS 1.5 Circinus board.
c-po changed the status of T6010: Support setting multiple values in BGP path-attribute from Open to In progress.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX20131789db48: rpki: T6004: add missing startup priority (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXec049d192ddb: xml: T5738: improve PKI building blocks for CLI (authored by c-po).
c-po moved T6004: Missing RPKI boot priority prevents it from loading from Open to Finished on the VyOS 1.4 Sagitta board.
c-po moved T6004: Missing RPKI boot priority prevents it from loading from Open to Finished on the VyOS 1.5 Circinus board.
GitHub <[email protected]> committed rVYOSONEXf068330bb260: Merge pull request #2983 from c-po/rpki-t6004 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX3ae4c6236750: Merge pull request #2982 from c-po/pki-xml (authored by c-po).
c-po moved T2044: RPKI doesn't boot properly from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.7) board.
PR for 1.4 https://github.com/vyos/vyos-1x/pull/2962
c-po closed T6023: rpki: add support for CLI knobs expire-interval and retry-interval, a subtask of T6004: Missing RPKI boot priority prevents it from loading, as Resolved.
c-po moved T6023: rpki: add support for CLI knobs expire-interval and retry-interval from Open to Finished on the VyOS 1.4 Sagitta board.
syncer edited projects for T2612: HTTPS API, changing API key fails but goes through, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T5611: Difference in config file after interface MAC changed, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T5624: Remove /etc/debian_version from the image, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T75: NetFlow have impact on performance, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T5625: "restart vpn" does not work if ipsec-interfaces is not set, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T5761: Allow PPPoE interface to be assigned IPv6 address via DHCPv6, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T102: Add a command like "set service dns dynamic http-request url ...", added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T177: SSD tweaks, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T445: iptables error with policy routing, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T577: Unconfigured Ethernet interface discovery partial failure on boot, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T362: Proper target dependencies and error checking in the vyos-build makefile, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T659: Static DHCP mappings aren't available on DNS, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T681: Traffic-policy (shaper), returns: 'lowdelay unknown DSCP value', added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
Feb 10 2024, 9:25 AM · Restricted Project, VyOS 1.3 Equuleus (1.3.8), VyOS 1.4 Sagitta (1.4.0-GA), test
syncer edited projects for T660: 802.1p CoS priority support, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T693: net-snmp-cert missing in rolling release, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T695: Address-group commits with duplicate, but fails when adding rule later., added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T840: VRRP V3 backup router sending ND RA, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T732: Netflow: generate ASNs from the uacctd BGP thread., added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T925: Debug image, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T941: BGP neighbours with IPv6 link-local addresses, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).
syncer edited projects for T948: integrate aws cloud watch scripts into AMI, added: VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).