There is no protocol under facility settings anymore, so the issue is no longer relevant.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Jan 9 2024
Jan 9 2024
dmbaturin closed T1850: syslog protocol can be set multiple times per facility for the same host, a subtask of T1845: syslog host no longer accepts a port, as Not Applicable.
dmbaturin closed T1850: syslog protocol can be set multiple times per facility for the same host as Not Applicable.
dmbaturin triaged T1848: Rework the handling of special characters inside node values as Wishlist priority.
dmbaturin edited projects for T1790: OSPF Exchanged Routes marked as invalid when run through a GRE PTMP/PTP OSPF between peers , added: VyOS 1.4 Sagitta; removed VyOS 1.2 Crux (VyOS 1.2.9).
dmbaturin triaged T1790: OSPF Exchanged Routes marked as invalid when run through a GRE PTMP/PTP OSPF between peers as High priority.
dmbaturin closed T1759: Replacing Vyatta::Interface perl, a subtask of T1579: Rewrite all interface types in new XML/Python style, as Resolved.
The new interface handling infrastructure is firmly in place now.
dmbaturin renamed T1733: Route filters syntax redesign from structure of prefix-lists to Route filters syntax redesign.
dmbaturin closed T1667: Add a tool for automatically importing old style command definitions into XML as Not Applicable.
The last old-style definitions are gone, so the tool is no longer relevant.
dmbaturin triaged T1641: VRRP conntrack-sync dropping packets passing through the router as High priority.
dmbaturin closed T1634: Commit fails when changing policy route "set table" and adding the table at the same time, results in config deadlock as Not Applicable.
The new firewall implementation solved it.
dmbaturin removed a project from T1625: Update validation rules for OSPF max-metric values: VyOS 1.3 Equuleus (1.3.6).
dmbaturin closed T1549: ipsec ikev2 multi usergroup roadwarrior configuration, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, as Not Applicable.
Since we do have proper support for IKEv2 remote access VPN, the issue of configuring it with a workaround is no longer relevant, I suppose.
dmbaturin removed a project from T1549: ipsec ikev2 multi usergroup roadwarrior configuration: VyOS 1.4 Sagitta.
Let's give it some thought for 1.5/Circinus.
dmbaturin triaged T1499: Move nic to mac mapping out of the configuration file as Wishlist priority.
dmbaturin closed T1492: Not able to delete the configured arp-monitor target and interval attribute on VyOS 1.2.0 as Resolved.
It is impossible to create the config in question now.
dmbaturin closed T1481: When deleting and re-adding a configuration node with the same value, exit and save still say configuration has been modified as Wontfix.
I agree this is an issue, but it's a feature for the new configuration backend. Trying to fix it in the current legacy backend is likely futile.
Now the readthedocs process is well-established.
Jan 9 2024, 3:33 PM · Restricted Project
dmbaturin closed T1442: Add documentation how people can add patches and some guidelines. as Resolved.
We have sorta decent contribution guidelines now, or so I hope. ;)
Jan 9 2024, 3:31 PM · Restricted Project
The use case for it will be addressed by the future support for true (ignored by the parser) comments.
GitHub <[email protected]> committed rVYOSONEXe8d57b5f9cae: Merge pull request #2776 from nicolas-fort/T1297 (authored by dmbaturin).
Viacheslav moved T1297: Add GARP settings to VRRP/keepalived from Backport Candidates to Finished on the VyOS 1.4 Sagitta board.
PR for Equuleus: https://github.com/vyos/vyos-1x/pull/2776
a.apostoliuk edited projects for T5914: CVE-2023-48795 - Terrapin vulnerability, added: VyOS 1.3 Equuleus (1.3.6); removed VyOS 1.3 Equuleus.
Hi, If it helps
Viacheslav changed the status of T5909: Container registry with authentication prevents config load (section container) after reboot from Open to In progress.
adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.
Warning would be much better because it would solve the problem.
When you have the image already loaded and the system was rebooted, the image should still exist and therefore the user/pass is not required (for the moment).
Viacheslav added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.
There could be another bug related T5407
I guess we should not Raise config but use the Warning here https://github.com/vyos/vyos-1x/blob/864524ba86b0a4d57ab64d6e9398c3fd5eb2fce4/src/conf_mode/container.py#L405-L408
adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.
Viacheslav suggested the following change which worked for me:
c-po moved T5911: pki: service update ignored if certificate name contains a hyphen (-) from Open to Finished on the VyOS 1.5 Circinus board.
c-po moved T5902: http: remove virtual-host configuration in webserver from Open to Finished on the VyOS 1.5 Circinus board.
c-po moved T5886: Add support for ACME protocol (LetsEncrypt) from Open to Finished on the VyOS 1.5 Circinus board.
c-po moved T5886: Add support for ACME protocol (LetsEncrypt) from Open to Finished on the VyOS 1.4 Sagitta board.
c-po moved T5766: http: rewrite conf-mode script to get_config_dict() from Open to Finished on the VyOS 1.4 Sagitta board.
c-po moved T5766: http: rewrite conf-mode script to get_config_dict() from Open to Finished on the VyOS 1.5 Circinus board.
c-po closed T5905: pki: IPsec and VTI interface priority inversion when using x509 site-to-site peer, a subtask of T5886: Add support for ACME protocol (LetsEncrypt), as Resolved.
c-po added a comment to T5905: pki: IPsec and VTI interface priority inversion when using x509 site-to-site peer.
PR for 1.5 https://github.com/vyos/vyos-1x/pull/2768
PR for 1.4 https://github.com/vyos/vyos-1x/pull/2774
Can you please paste the output of ls -ld /config/dhcp and ls -l /config/dhcp. It is possible you might have installed a version _before_ 1.5-rolling-202401030023 and the instance is carrying forward the misconfigured directory/file persmissions.
I replied to jestabro via email a couple of hours back, but noticed that it didn't show up here. For the benefit of anybody else interested in this bug I'm cutting and pasting the email below:
Jan 8 2024
Jan 8 2024
GitHub <[email protected]> committed rVYOSONEXa9ed12de9342: Merge pull request #2774 from vyos/mergify/bp/sagitta/pr-2758 (authored by c-po).
PR for VyOS 1.4 https://github.com/vyos/vyos-1x/pull/2774
Well, the webserver is for an API - if you wan't to server files you can either use the default document root, or spawn a container. We should focus on packet pushing and administration.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXb93786b8c855: https: T5886: migrate https certbot to new "pki certificate" CLI tree (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXfa61e4076a47: pki: T5886: add op-mode commands for log and renewal (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX8edc78dcbc01: pki: T5886: add support for ACME protocol (LetsEncrypt) (authored by c-po).
c-po added a parent task for T5911: pki: service update ignored if certificate name contains a hyphen (-): T3642: PKI configuration.
c-po added a comment to T5911: pki: service update ignored if certificate name contains a hyphen (-).
jestabro closed T3980: vrrp transition-script validator makes warning fatal and also causes a python NameError exception as Resolved.
The errors here were fixed in:
https://vyos.dev/T4052
https://vyos.dev/T4053
in equuleus and subsequent.
dmbaturin triaged T3450: Make libvyosconfig avoid quoting values that don't need quoting as Low priority.
dmbaturin edited projects for T4193: Add support for transparent firewall, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.6).
The new firewall implementation by Nicholas et al. supports bridge firewalls.
I suppose with the new firewall implementation, this is no longer relevant.
With the migration to nftables, I suppose this is not relevant anymore.
With the current smoke test infrastructure, I'm inclined to call the original task resolved.
Neither 1.1.8 nor Crux are supported anymore.
dmbaturin closed T3484: Kernel panic when QAT uses, a subtask of T3587: Intel QAT support is broken on VyOS 1.4 due to a Kernel Crash, as Not Applicable.
I presume the issue is no longer relevant since people do successfully use QAT now, but feel free to reopen if anything.