Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Sep 5 2023

sarthurdev claimed T5550: Source validation on interface does not work properly.
Sep 5 2023, 10:48 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav closed T5533: Keepalived VRRP IPv6 group enters in FAULT state as Resolved.
Sep 5 2023, 10:46 AM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
a.apostoliuk attached a referenced file: F3846394: source_validation.jpg.
Sep 5 2023, 10:37 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
a.apostoliuk created T5550: Source validation on interface does not work properly.
Sep 5 2023, 10:36 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav moved T5524: Add config directory to liveCD from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
Sep 5 2023, 10:25 AM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Viacheslav closed T5524: Add config directory to liveCD as Resolved.
Sep 5 2023, 10:24 AM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX500d59cb1fe1: T5533: Fix VRRP IPv6 FAULT state due to IPv6 tentative state.
Sep 5 2023, 10:23 AM
GitHub <[email protected]> committed rVYOSONEX7bc09074457e: Merge pull request #2200 from sever-sever/T5533-eq (authored by dmbaturin).
Sep 5 2023, 10:23 AM
n.fort claimed T4072: Feature Request: Firewall on bridge interfaces.
Sep 5 2023, 9:40 AM · VyOS 1.4 Sagitta
Viacheslav edited projects for T5545: sflow is not working, added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus.
Sep 5 2023, 8:13 AM · VyOS 1.3 Equuleus (1.3.4)
Viacheslav changed the status of T5545: sflow is not working from Open to Needs testing.
Sep 5 2023, 8:09 AM · VyOS 1.3 Equuleus (1.3.4)
Viacheslav changed the status of T5548: HAProxy renders timeouts incorrectly from Open to In progress.
Sep 5 2023, 7:30 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav added a comment to T5548: HAProxy renders timeouts incorrectly.

PR https://github.com/vyos/vyos-1x/pull/2202

Sep 5 2023, 7:30 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav changed the subtype of T5548: HAProxy renders timeouts incorrectly from "Task" to "Bug".
Sep 5 2023, 7:02 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav added a comment to T5548: HAProxy renders timeouts incorrectly.

There definitely should be a second, i.e., max value 3600 seconds.

Sep 5 2023, 7:01 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav added a project to T5524: Add config directory to liveCD: VyOS 1.3 Equuleus (1.3.4).

PR for 1.3.4 https://github.com/vyos/vyos-build/pull/393

Sep 5 2023, 6:45 AM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXc07055258b85: T2958: Refactor DHCP-server systemd unit and lease.
Sep 5 2023, 5:23 AM
GitHub <[email protected]> committed rVYOSONEX487c817ea320: Merge pull request #2184 from sever-sever/T2958 (authored by c-po).
Sep 5 2023, 5:23 AM
n.fort committed rVYOSONEX3b51c8af61d8: T5496: add fqdn and geo-ip matchers in op-mode command <show firewall statics>.
Sep 5 2023, 5:22 AM
n.fort committed rVYOSONEXac65673bd7b5: T5496: Change src and|or destination wildcard for any, which still makes it….
Sep 5 2023, 5:22 AM
GitHub <[email protected]> committed rVYOSONEX77937079d93a: Merge pull request #2188 from nicolas-fort/T5496 (authored by c-po).
Sep 5 2023, 5:22 AM
mlk-89 committed rVYOSONEXfebaec6eed16: T5545: fix sflow configuration.
Sep 5 2023, 5:22 AM
GitHub <[email protected]> committed rVYOSONEX68aac9a42f6d: Merge pull request #2198 from mlk-89/equuleus (authored by c-po).
Sep 5 2023, 5:22 AM
aztec102 added a comment to T5325: Moschip MCS9900 fix driver.
vyos@vyos:~$ zcat /proc/config.gz | grep PARPORT
CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
CONFIG_PARPORT=y
# CONFIG_PARPORT_PC is not set
# CONFIG_PARPORT_AX88796 is not set
# CONFIG_PARPORT_1284 is not set
# CONFIG_I2C_PARPORT is not set
# CONFIG_PPS_CLIENT_PARPORT is not set
# CONFIG_USB_SERIAL_MOS7715_PARPORT is not set
Sep 5 2023, 4:46 AM · VyOS 1.4 Sagitta

Sep 4 2023

anthr76 added a comment to T5546: Failed upgrade from 1.4-rolling-202212310809 to 1.4-rolling-202309030023.

I observed the trace from 1.4-rolling-202306180309 as I was trying to slowly increment up. This was the path I took to get there

Sep 4 2023, 8:02 PM · VyOS 1.4 Sagitta (1.4.1)
anthr76 added a comment to T5546: Failed upgrade from 1.4-rolling-202212310809 to 1.4-rolling-202309030023.

grub was very buggy for me in a USB console. I did finally manage to get vyos-config-debug to boot.

Sep 4 2023, 7:55 PM · VyOS 1.4 Sagitta (1.4.1)
anthr76 added a comment to T5546: Failed upgrade from 1.4-rolling-202212310809 to 1.4-rolling-202309030023.
Sep 4 2023, 7:51 PM · VyOS 1.4 Sagitta (1.4.1)
Apachez added a comment to T4712: Collaborative Protection Profile cPP for Network Devices root task.

Might be related:

Sep 4 2023, 6:28 PM · VyOS 1.5 Circinus
Apachez updated the task description for T5549: Result of system audit by Lynis.
Sep 4 2023, 6:27 PM · Invalid
Apachez attached a referenced file: F3846129: T5549_Lynis_audit_system_230904.txt.gz.
Sep 4 2023, 6:26 PM · Invalid
Apachez added a comment to T5549: Result of system audit by Lynis.

T5549_Lynis_audit_system_230904.txt.gz3 KBDownload

Sep 4 2023, 6:26 PM · Invalid
dmbaturin committed rVYOSONEX7f0a363c9034: T671: call dmidecode directly in "show hardware dmi".
Sep 4 2023, 6:25 PM
GitHub <[email protected]> committed rVYOSONEX432726d83c2e: Merge pull request #2201 from dmbaturin/T671-show-dmi (authored by c-po).
Sep 4 2023, 6:25 PM
Apachez created T5549: Result of system audit by Lynis.
Sep 4 2023, 6:23 PM · Invalid
jestabro added a project to T5412: Add support for extending config-mode dependencies in supplemental package: VyOS 1.5 Circinus.
Sep 4 2023, 6:00 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
mhamzahkhan created T5548: HAProxy renders timeouts incorrectly.
Sep 4 2023, 5:11 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav changed the status of T5480: Ability to disable SNMP for VRRP keepalived service from Open to In progress.
Sep 4 2023, 4:13 PM · VyOS 1.4 Sagitta
Viacheslav moved T5506: Container bridge interfaces do not have a link-local address from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.4) board.
Sep 4 2023, 4:11 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Viacheslav closed T5506: Container bridge interfaces do not have a link-local address as Resolved.
Sep 4 2023, 4:11 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
anthr76 added a comment to T5546: Failed upgrade from 1.4-rolling-202212310809 to 1.4-rolling-202309030023.

I would like to stage this in a VM if I do try the above as physical access to the router is tough. Does anyone know where I can find a ISO for 1.4-rolling-202212310809. It seems the old s3 endpoint doesn't resolve https://s3.vyos.io/rolling/current/vyos-1.4-rolling-202212310809-amd64.iso

Sep 4 2023, 4:00 PM · VyOS 1.4 Sagitta (1.4.1)
Viacheslav moved T5533: Keepalived VRRP IPv6 group enters in FAULT state from Open to Finished on the VyOS 1.4 Sagitta board.
Sep 4 2023, 3:59 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Viacheslav edited projects for T5533: Keepalived VRRP IPv6 group enters in FAULT state , added: VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.5).

PR 1.3.4 https://github.com/vyos/vyos-1x/pull/2200

Sep 4 2023, 3:59 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
jestabro added a comment to T5546: Failed upgrade from 1.4-rolling-202212310809 to 1.4-rolling-202309030023.

Adding vyos-config-debug to the boot cmdline should allow you to log in and will provide some information in /tmp/boot-config-trace. Cf.:
https://docs.vyos.io/en/latest/contributing/debugging.html

Sep 4 2023, 3:54 PM · VyOS 1.4 Sagitta (1.4.1)
jagekurt added a comment to T5508: Configuration Migration Fails to New Netfilter Firewall Syntax.

I upgraded from 1.4-rolling-202307060317 to 1.4-rolling-202309040919 and the issue mention in this post was resolved. The configuration was migrated. However nothing worked in regards to the firewall, and I am not familiar enough with the new syntax so I cannot, nor do I have time to troubleshoot it right now.

Sep 4 2023, 3:48 PM · VyOS 1.4 Sagitta
Viacheslav closed T5536: show dhcp client leases caues No module named 'vyos.validate' as Resolved.
Sep 4 2023, 3:05 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T5543: Fix source address handling in static joins.

@syncer At first glance, the generated config is correct for VyOS 1.3-stable-202308240442

set protocols igmp interface eth0 join 239.1.2.3 source '192.0.2.1'
set protocols igmp interface eth1 join 239.1.2.3
set protocols igmp interface eth2
Sep 4 2023, 2:18 PM · VyOS 1.4 Sagitta, VyOS Rolling, VyOS 1.3 Equuleus (1.3.6)
fernando changed the status of T5547: ISIS: The L1-2 router cannot advertise L1 routes into L2 from Open to Confirmed.
Sep 4 2023, 1:37 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.0-GA), Known issue
fernando created T5547: ISIS: The L1-2 router cannot advertise L1 routes into L2.
Sep 4 2023, 1:36 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.0-GA), Known issue
swanduron added a comment to T5376: Conntrack FTP helper does not work properly.

Unless there is something wrong with the firewall ruleset in VyOS any malfunctions in the FTP helper itself will mainly be fixed upstream at the Linux kernel or in this particular case the netfilter team:

Sep 4 2023, 1:36 PM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.5 Circinus
anthr76 added a comment to T5546: Failed upgrade from 1.4-rolling-202212310809 to 1.4-rolling-202309030023.

My config file is https://gist.github.com/anthr76/4b091d952bcd69b1ac8d4c7d08aaaac6

Sep 4 2023, 12:50 PM · VyOS 1.4 Sagitta (1.4.1)
anthr76 created T5546: Failed upgrade from 1.4-rolling-202212310809 to 1.4-rolling-202309030023.
Sep 4 2023, 12:49 PM · VyOS 1.4 Sagitta (1.4.1)
sarthurdev changed the status of T4903: Support IPv6 addresses in "set system conntrack ignore" from In progress to Needs testing.

PR: https://github.com/vyos/vyos-1x/pull/2199

Sep 4 2023, 10:50 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
sarthurdev changed the status of T4309: Support network/address-groups and ipv6-network/ipv6-address-groups in "conntrack ignore" from In progress to Needs testing.

PR: https://github.com/vyos/vyos-1x/pull/2199

Sep 4 2023, 10:50 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
mlk-89 updated the task description for T5545: sflow is not working.
Sep 4 2023, 10:26 AM · VyOS 1.3 Equuleus (1.3.4)
mlk-89 created T5545: sflow is not working.
Sep 4 2023, 10:13 AM · VyOS 1.3 Equuleus (1.3.4)
sarthurdev changed the status of T4309: Support network/address-groups and ipv6-network/ipv6-address-groups in "conntrack ignore" from Open to In progress.
Sep 4 2023, 9:38 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
sarthurdev changed the status of T4903: Support IPv6 addresses in "set system conntrack ignore" from Open to In progress.
Sep 4 2023, 9:38 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav committed rVYOSONEX5fb77805f0fc: T5533: Fix VRRP IPv6 group enters in FAULT state.
Sep 4 2023, 7:59 AM
GitHub <[email protected]> committed rVYOSONEX8e22a2f6f77d: Merge pull request #2192 from sever-sever/T5533 (authored by zdc <[email protected]>).
Sep 4 2023, 7:59 AM
anthr76 committed rVYOSONEXe623c10ab41e: feat(T5544): Allow CAP_SYS_MODULE to be set on containers.
Sep 4 2023, 4:42 AM
anthr76 committed rVYOSONEXd9b0551c8517: fix: sys-module auto-tab completion.
Sep 4 2023, 4:42 AM
GitHub <[email protected]> committed rVYOSONEXbbcf94bba674: Merge pull request #2197 from anthr76/cap-sys-module (authored by c-po).
Sep 4 2023, 4:42 AM

Sep 3 2023

Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.

Disabling all validators for both vyatta-cfg and vyatta-op bring the boot time down to approx 73 seconds.

Sep 3 2023, 9:41 PM · Restricted Project, VyOS 1.5 Circinus
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.

Modifying node.def (comment out "syntax:expression:") recursively in the paths of:

Sep 3 2023, 9:11 PM · Restricted Project, VyOS 1.5 Circinus
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.

Moving along in the blamegame I will after a tip try to disable the various validators being runned.

Sep 3 2023, 8:56 PM · Restricted Project, VyOS 1.5 Circinus
Apachez added a comment to T2431: Python validators are slow.

Any updates to this?

Sep 3 2023, 8:28 PM · VyOS 1.3 Equuleus (1.3.6)
cacack added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.

That relates would seem reasonable. I'm seeing a similar explosion in commit lag but I have zero static routes. I did change to zone-based firewall and added about 6 vlans. Lines of my config went from ~500 to ~3000. Commit times increased almost linearly.

Sep 3 2023, 8:17 PM · Restricted Project, VyOS 1.5 Circinus
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.

Can be related: https://vyos.dev/T2431

Sep 3 2023, 7:14 PM · Restricted Project, VyOS 1.5 Circinus
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.

Continued debugging by also modifying /usr/libexec/vyos/services/vyos-configd by adding:

Sep 3 2023, 7:10 PM · Restricted Project, VyOS 1.5 Circinus
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.

Attempted some debugging on this issue.

Sep 3 2023, 6:43 PM · Restricted Project, VyOS 1.5 Circinus
syncer reassigned T1869: Install and Boot from RAID Doesn't Work from UnicronNL to zsdc.
Sep 3 2023, 6:30 PM
syncer triaged T5544: Allow CAP_SYS_MODULE to be set on containers as Low priority.
Sep 3 2023, 5:44 PM · VyOS 1.4 Sagitta
syncer triaged T5543: Fix source address handling in static joins as Normal priority.
Sep 3 2023, 5:44 PM · VyOS 1.4 Sagitta, VyOS Rolling, VyOS 1.3 Equuleus (1.3.6)
Apachez added a comment to T5544: Allow CAP_SYS_MODULE to be set on containers .

According to https://man7.org/linux/man-pages/man7/capabilities.7.html this capability can load, unload AND delete kernel modules.

Sep 3 2023, 4:27 PM · VyOS 1.4 Sagitta
anthr76 added a comment to T5544: Allow CAP_SYS_MODULE to be set on containers .

https://github.com/vyos/vyos-1x/pull/2197

Sep 3 2023, 4:20 PM · VyOS 1.4 Sagitta
anthr76 created T5544: Allow CAP_SYS_MODULE to be set on containers .
Sep 3 2023, 4:10 PM · VyOS 1.4 Sagitta
alainlamar changed the status of T5540: vyos-1x: Wrong VHT configuration for WiFi 802.11ac from Open to In progress.
Sep 3 2023, 2:19 PM · VyOS 1.4 Sagitta
syncer moved T5543: Fix source address handling in static joins from Need Triage to Backlog on the VyOS 1.3 Equuleus (1.3.4) board.
Sep 3 2023, 11:44 AM · VyOS 1.4 Sagitta, VyOS Rolling, VyOS 1.3 Equuleus (1.3.6)
syncer closed T5543: Fix source address handling in static joins as Unknown Status.

@Viacheslav, can you backport this to 1.3

Sep 3 2023, 11:43 AM · VyOS 1.4 Sagitta, VyOS Rolling, VyOS 1.3 Equuleus (1.3.6)
GitHub <[email protected]> committed rVYOSONEX630d40046b4f: T5543: IGMP: fix source address handling in static joins (authored by vfreex).
Sep 3 2023, 11:28 AM
vfreex added a comment to T5543: Fix source address handling in static joins.

PR https://github.com/vyos/vyos-1x/pull/2196

Sep 3 2023, 11:19 AM · VyOS 1.4 Sagitta, VyOS Rolling, VyOS 1.3 Equuleus (1.3.6)
vfreex created T5543: Fix source address handling in static joins.
Sep 3 2023, 11:17 AM · VyOS 1.4 Sagitta, VyOS Rolling, VyOS 1.3 Equuleus (1.3.6)
sarthurdev closed T4612: Support arbitrary netmasks in firewall rules as Resolved.
Sep 3 2023, 10:37 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T5542: ipoe-server: external-dhcp(dhcp-relay) not woking / not implemented from Open to Needs testing.
Sep 3 2023, 9:13 AM · VyOS 1.4 Sagitta
GitHub <[email protected]> committed rVYOSONEX1ae9c4162dc1: ipoe: T5542: fix Jinja2 template and add missing dhcp relay config (authored by Niklasthegeek).
Sep 3 2023, 7:25 AM
c-po committed rVYOSONEXb295a1470b04: wireless: T5540: fix smoketests after adjusting VHT channel width.
Sep 3 2023, 6:40 AM
c-po committed rVYOSONEX6ff0e8f6a024: wireless: T5540: use elif in Jinja2 template for VHT channel width.
Sep 3 2023, 6:40 AM
Apachez added a comment to T5532: After add system image the boot stuck and works again after the second reboot.

Still occurs for:

Sep 3 2023, 6:10 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.

PR created: https://github.com/vyos/vyos-build/pull/392

Sep 3 2023, 5:17 AM · VyOS 1.4 Sagitta
Apachez closed T5538: Change order within variable lb_config_tmpl to fit order of manpage and fix some typos as Resolved.
Sep 3 2023, 5:04 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5538: Change order within variable lb_config_tmpl to fit order of manpage and fix some typos.

Verified working with VyOS 1.4-rolling-202309030023.

Sep 3 2023, 5:03 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5538: Change order within variable lb_config_tmpl to fit order of manpage and fix some typos.

Was missing quotes around the variable within lb_config_tmpl like so:

Sep 3 2023, 5:02 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.

Some further testing:

Sep 3 2023, 4:57 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.

Reference to https://jonathancarter.org/2015/04/06/squashfs-performance-testing/ using 1M blocksize will give approx the same readspeed as with default 128k blocksize but result in an even smaller file.

Sep 3 2023, 4:02 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.

Regarding filesystem.squashfs the changes through changed mksquashfs syntax are:

Sep 3 2023, 2:48 AM · VyOS 1.4 Sagitta
Niklasthegeek claimed T5542: ipoe-server: external-dhcp(dhcp-relay) not woking / not implemented.
Sep 3 2023, 2:09 AM · VyOS 1.4 Sagitta
Apachez added a comment to T5510: Shrink imagesize and improve read performance by changing mksquashfs syntax.

Was missing quotes around the variable within lb_config_tmpl like so:

Sep 3 2023, 2:01 AM · VyOS 1.4 Sagitta
Niklasthegeek created T5542: ipoe-server: external-dhcp(dhcp-relay) not woking / not implemented.
Sep 3 2023, 12:55 AM · VyOS 1.4 Sagitta

Sep 2 2023

GitHub <[email protected]> committed rVYOSONEX6896aabb6406: wireless: T5540: fix VHT capability settings for 802.11ac (authored by alainlamar).
Sep 2 2023, 5:26 PM
c-po committed rVYOSONEX396329cc9a24: vrf: T5428: stop DHCP processes on VRF removal.
Sep 2 2023, 5:03 PM
First
Prev
Next