Page MenuHomeVyOS Platform
Feed All Stories

May 24 2024

n.fort changed the status of T6394: Migrate conntrack timeout sysctl parameter to firewall from Open to In progress.
May 24 2024, 12:34 PM · VyOS 1.5 Circinus
n.fort created T6394: Migrate conntrack timeout sysctl parameter to firewall.
May 24 2024, 12:33 PM · VyOS 1.5 Circinus
alainlamar added a comment to T6318: vyos-1x: WiFi Regulatory Domain should be set system-wide instead of per-device.

Is there already something in the works? As for now, there seem to be issues with regdom settings in VyOS 1.5 anyways (see https://vyos.dev/T6320 "Quirks and Workarounds").

May 24 2024, 12:14 PM · VyOS 1.5 Circinus
alainlamar updated the task description for T6320: WiFi: Enable support for 6GHz AccesPoints.
May 24 2024, 12:12 PM · VyOS Rolling, VyOS 1.4 Sagitta (1.4.1), VyOS 1.5 Circinus
Viacheslav added a comment to T6211: kea DHCP server not vrf aware.

Probably the best way will be moving the config to the vrf section (not implemented)
For example:

set vrf name foo service dhcp-server shared-network-name eth1 option default-router '192.168.1.1'
set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 lease '300'
set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 range default start '192.168.1.10'
set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 range default stop '192.168.1.100'
set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 subnet-id '1'

And start several instances, each with its configuration.

May 24 2024, 12:04 PM · Restricted Project, VyOS 1.5 Circinus
tuxnet added a comment to T6211: kea DHCP server not vrf aware.

you have to adapt a few more things, if absolutely necessary it also works with several VRFs - but it is very ugly...

May 24 2024, 10:55 AM · Restricted Project, VyOS 1.5 Circinus
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXf9363fb00b80: load-balancing haproxy: T6391: fix typo in timeout help (#3513) (authored by hirnpfirsich).
May 24 2024, 7:56 AM
GitHub <[email protected]> committed rVYOSONEX609563d6acfe: load-balancing haproxy: T6391: fix typo in timeout help (#3513) (authored by hirnpfirsich).
May 24 2024, 7:55 AM
Viacheslav triaged T6393: Port mirroring to tunnel interface fails during boot as Normal priority.
May 24 2024, 7:50 AM · Restricted Project, VyOS 1.4 Sagitta
haakon.nore added a comment to T6393: Port mirroring to tunnel interface fails during boot.

FYI: The configuration is valid and works. It just fails during boot.

May 24 2024, 7:06 AM · Restricted Project, VyOS 1.4 Sagitta
Viacheslav added a comment to T6393: Port mirroring to tunnel interface fails during boot.

The similar task for redirect T260

May 24 2024, 7:05 AM · Restricted Project, VyOS 1.4 Sagitta
haakon.nore created T6393: Port mirroring to tunnel interface fails during boot.
May 24 2024, 6:56 AM · Restricted Project, VyOS 1.4 Sagitta
Apachez added a comment to T6211: kea DHCP server not vrf aware.

I assume that workaround would only work for a single VRF or can one do something like this?

May 24 2024, 5:57 AM · Restricted Project, VyOS 1.5 Circinus
tuxnet added a comment to T6211: kea DHCP server not vrf aware.

The following can be configured as a quick and dirty workaround:

May 24 2024, 5:16 AM · Restricted Project, VyOS 1.5 Circinus
Vijayakumar created T6392: validate backport with reusable action.
May 24 2024, 4:34 AM · GitHub Infrastructure

May 23 2024

syncer assigned T6391: load-balancing reverse-proxy: typo in timeout help to Viacheslav.
May 23 2024, 11:25 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
syncer triaged T6391: load-balancing reverse-proxy: typo in timeout help as Normal priority.
May 23 2024, 11:25 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
hirnpfirsich added a comment to T6391: load-balancing reverse-proxy: typo in timeout help.

PR: https://github.com/vyos/vyos-1x/pull/3513

May 23 2024, 11:15 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
hirnpfirsich added a comment to T6391: load-balancing reverse-proxy: typo in timeout help.

I am already working on the PR :)

May 23 2024, 11:00 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
hirnpfirsich created T6391: load-balancing reverse-proxy: typo in timeout help.
May 23 2024, 10:59 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po closed T6293: add Mediatek MT7921 to defconfig as Resolved.
May 23 2024, 7:58 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po moved T6293: add Mediatek MT7921 to defconfig from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-GA) board.
May 23 2024, 7:58 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po moved T6293: add Mediatek MT7921 to defconfig from In Progress to Finished on the VyOS 1.5 Circinus board.
May 23 2024, 7:58 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po added a project to T6293: add Mediatek MT7921 to defconfig: VyOS 1.4 Sagitta (1.4.0-GA).
May 23 2024, 7:58 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po moved T751: IDS and IPS (suricata) from Open to Finished on the VyOS 1.5 Circinus board.
May 23 2024, 7:57 PM · VyOS 1.5 Circinus
c-po changed the status of T751: IDS and IPS (suricata) from Open to Needs testing.
May 23 2024, 7:57 PM · VyOS 1.5 Circinus
0xThiebaut committed rVYOSONEX549089a970e3: suricata: T751: Initial support for suricata.
May 23 2024, 7:56 PM
c-po committed rVYOSONEXcd32928e1856: suricata: T751: move CLI from "service ids suricata" -> "service suricata".
May 23 2024, 7:56 PM
c-po committed rVYOSONEX01464a6069fa: suricata: T751: use key_mangling in get_config_dict().
May 23 2024, 7:56 PM
c-po committed rVYOSONEX2af04a53a4c1: suricata: T751: remove implicit default dictionary.
May 23 2024, 7:56 PM
GitHub <[email protected]> committed rVYOSONEX9f9fb8d63f92: Merge pull request #3399 from 0xThiebaut/suricata (authored by c-po).
May 23 2024, 7:56 PM
Embezzle changed the status of T6370: Add option to set custom HTTP headers in reverse-proxy responses from In progress to Needs testing.
May 23 2024, 7:50 PM · VyOS 1.5 Circinus
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX6c25888fe0e3: reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses (authored by Embezzle).
May 23 2024, 7:24 PM
Embezzle committed rVYOSONEXe1450096b4c6: reverse-proxy: T6370: Set custom HTTP headers in reverse-proxy responses.
May 23 2024, 7:23 PM
GitHub <[email protected]> committed rVYOSONEX3e69d8bbe01b: Merge pull request #3487 from Embezzle/T6370 (authored by c-po).
May 23 2024, 7:23 PM
syncer moved T6390: Compensate for packer packaging update from Need Triage to In Progress on the VyOS 1.3 Equuleus (1.3.8) board.
May 23 2024, 7:16 PM · VyOS 1.3 Equuleus (1.3.8)
syncer edited projects for T6390: Compensate for packer packaging update, added: VyOS 1.3 Equuleus (1.3.8); removed VyOS 1.5 Circinus.
May 23 2024, 7:16 PM · VyOS 1.3 Equuleus (1.3.8)
syncer edited projects for T6390: Compensate for packer packaging update, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus.
May 23 2024, 7:09 PM · VyOS 1.3 Equuleus (1.3.8)
cjac created T6390: Compensate for packer packaging update.
May 23 2024, 4:37 PM · VyOS 1.3 Equuleus (1.3.8)
Viacheslav moved T6381: Typos in select ConfigError messages in dhcpv6-server from Open to Finished on the VyOS 1.5 Circinus board.
May 23 2024, 3:53 PM · VyOS 1.5 Circinus
Giggum closed T6381: Typos in select ConfigError messages in dhcpv6-server as Resolved.

Resolved, merged PR: https://github.com/vyos/vyos-1x/pull/3508

May 23 2024, 2:53 PM · VyOS 1.5 Circinus
GitHub <[email protected]> committed rVYOSONEX371517c4dcf9: Merge pull request #3511 from vyos/mergify/bp/sagitta/pr-3507 (authored by dmbaturin).
May 23 2024, 2:49 PM
dmbaturin created T6389: Check architecture and flavor compatibility on upgrade attempts.
May 23 2024, 2:36 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
jestabro added a comment to T6363: Expose element 'secret' in xml cache and add boolean check.

Difficulty changed to normal to consider one subtlety of xml cache, and add POC for use in (a later version of) the strip-private filter. POC below; some subset of commits may be added to 1.5:
https://github.com/vyos/vyos-1x/compare/current...jestabro:example-property-secret

May 23 2024, 2:21 PM · VyOS Rolling
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX2c94114a3fe1: nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel >=5. (authored by c-po).
May 23 2024, 2:19 PM
jestabro changed Difficulty level from easy to normal on T6363: Expose element 'secret' in xml cache and add boolean check.
May 23 2024, 2:19 PM · VyOS Rolling
erkin added a comment to T6352: Tool for generating valid configs based on XML schemas.

The idea is feasible for parameters with constraints (like number ranges) defined in the XML, but there are many other cases where human input is necessary. We could give the tool a set of parameters to randomly generate, or a half-complete config with slots to fill in with random values. Worst case, we'd discover new constraints for more rigid templates; best case, we'd have a proper tool for generating corner cases for smoke tests and fuzzing.

May 23 2024, 2:16 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
dmbaturin created T6388: Use OCaml 4.14 for CI builds.
May 23 2024, 1:11 PM · VyOS 1.4 Sagitta (1.4.0), VyOS Rolling, VyOS 1.5 Circinus
HollyGurza moved T4576: vpn l2tp logging level configuration from Open to In Progress on the VyOS 1.5 Circinus board.
May 23 2024, 12:19 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.0-GA)
HollyGurza changed the status of T4576: vpn l2tp logging level configuration from Open to In progress.
May 23 2024, 12:19 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.0-GA)
HollyGurza added a comment to T4576: vpn l2tp logging level configuration.

https://github.com/vyos/vyos-1x/pull/3510

May 23 2024, 12:14 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.0-GA)
GitHub <[email protected]> committed rVYOSONEXc9945d09c2ad: Merge pull request #3509 from vyos/mergify/bp/sagitta/pr-3505 (authored by c-po).
May 23 2024, 9:49 AM
c-po committed rVYOSONEX7fe568ca1672: nat: T6345: source NAT port mapping "fully-random" is superfluous in Kernel >=5..
May 23 2024, 9:23 AM
GitHub <[email protected]> committed rVYOSONEX5678e37fd0b3: Merge pull request #3507 from c-po/nat-T6345 (authored by dmbaturin).
May 23 2024, 9:23 AM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXb1342f186c56: nat66: T6365: remove warnings for negated interface selections by name (authored by c-po).
May 23 2024, 9:23 AM
c-po committed rVYOSONEX59781ff365a5: nat66: T6365: remove warnings for negated interface selections by name.
May 23 2024, 9:22 AM
GitHub <[email protected]> committed rVYOSONEX0f551d2a1d58: Merge pull request #3505 from c-po/nat66-T6365 (authored by dmbaturin).
May 23 2024, 9:22 AM
GitHub <[email protected]> committed rVYOSONEX7279f7496698: Merge pull request #3504 from vyos/mergify/bp/sagitta/pr-3482 (authored by dmbaturin).
May 23 2024, 9:21 AM
Vijayakumar added a comment to T6386: add caller workflows and codeowners file for vyos-build.

https://github.com/vyos/vyos-build/pull/634 Merged

May 23 2024, 7:05 AM · VyOS 1.4 Sagitta
Vijayakumar closed T6386: add caller workflows and codeowners file for vyos-build as Resolved.
May 23 2024, 7:04 AM · VyOS 1.4 Sagitta
Vijayakumar renamed T6386: add caller workflows and codeowners file for vyos-build from add caller workflows and codeowners file for vyox-build to add caller workflows and codeowners file for vyos-build.
May 23 2024, 6:11 AM · VyOS 1.4 Sagitta
Viacheslav edited projects for T6387: Bump conntrack to version 1:1.4.7-1, added: VyOS 1.5 Circinus; removed VyOS 1.4 Sagitta.
May 23 2024, 6:07 AM · VyOS 1.5 Circinus
Viacheslav created T6387: Bump conntrack to version 1:1.4.7-1.
May 23 2024, 6:07 AM · VyOS 1.5 Circinus
Vijayakumar changed the status of T6386: add caller workflows and codeowners file for vyos-build from Open to In progress.
May 23 2024, 5:14 AM · VyOS 1.4 Sagitta
Viacheslav closed T6357: Create test repository to validate setup, a subtask of T6309: Check code quality with CodeQL, as Resolved.
May 23 2024, 5:14 AM · GitHub Infrastructure
Viacheslav closed T6357: Create test repository to validate setup as Resolved.
May 23 2024, 5:14 AM · GitHub Infrastructure
Vijayakumar added a comment to T6357: Create test repository to validate setup.

Please mark this as resolved

May 23 2024, 5:13 AM · GitHub Infrastructure
GitHub <[email protected]> committed rVYOSONEX55f2681bc5ec: dhcpv6-server: T6381: fix typos in select ConfigError messages in VyOS current… (authored by Giggum).
May 23 2024, 5:10 AM
Viacheslav assigned T6371: Show nat source rules shows unexpected dictionary to Giggum.
May 23 2024, 5:05 AM · Restricted Project, VyOS 1.5 Circinus
Giggum added a comment to T6371: Show nat source rules shows unexpected dictionary.

Follow up, I was able to make nat.py throw the error below.

May 23 2024, 3:10 AM · Restricted Project, VyOS 1.5 Circinus
Giggum added a comment to T6371: Show nat source rules shows unexpected dictionary.

@Viacheslav, same behaviour exists for epa3, I numbered mine 999 so as not to interfere with existing rules.

May 23 2024, 2:34 AM · Restricted Project, VyOS 1.5 Circinus

May 22 2024

Giggum added a comment to T6371: Show nat source rules shows unexpected dictionary.

@Viacheslav
Happy to dig into this if can assign it to me.

May 22 2024, 8:39 PM · Restricted Project, VyOS 1.5 Circinus
c-po added a comment to T6345: Source NAT Port Mapping setting of Fully-Random is superfluous in Kernels 5.0 onwards.

https://github.com/vyos/vyos-1x/pull/3507

May 22 2024, 7:36 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po added a project to T6345: Source NAT Port Mapping setting of Fully-Random is superfluous in Kernels 5.0 onwards: VyOS 1.5 Circinus.
May 22 2024, 7:13 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po closed T6367: op-mode: commit-archive: TypeError: attribute name must be string, not 'NoneType' as Resolved.
May 22 2024, 7:12 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po moved T6367: op-mode: commit-archive: TypeError: attribute name must be string, not 'NoneType' from In Progress to Finished on the VyOS 1.4 Sagitta (1.4.0-GA) board.
May 22 2024, 7:12 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
GitHub <[email protected]> committed rVYOSONEX434222b8dbc5: Merge pull request #3506 from vyos/mergify/bp/sagitta/pr-3502 (authored by c-po).
May 22 2024, 7:09 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX616ede08a69a: vyos.utils.io: T6385: handle keyboard interrupts in ask_yes_no (authored by dmbaturin).
May 22 2024, 6:14 PM
dmbaturin committed rVYOSONEX5a5dda14fd3d: vyos.utils.io: T6385: handle keyboard interrupts in ask_yes_no.
May 22 2024, 6:13 PM
GitHub <[email protected]> committed rVYOSONEX409c9708874c: Merge pull request #3502 from dmbaturin/T6385-yes-no-ctrl-c (authored by c-po).
May 22 2024, 6:13 PM
c-po added a comment to T6365: Negating interface names in NAT configuration causes invalid warnings.

Same issue applies to NAT66, too

May 22 2024, 6:12 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po added a comment to T6365: Negating interface names in NAT configuration causes invalid warnings.

https://github.com/vyos/vyos-1x/pull/3482

May 22 2024, 6:07 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXa2293874c80d: nat: T6365: use interface_exists() over netifaces.interfaces() (authored by c-po).
May 22 2024, 6:02 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX50e7577815ca: nat: T6365: use string startswith() over [0] index access (authored by c-po).
May 22 2024, 6:02 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXc64d877d2a1f: nat: T6365: remove warnings for negated interface selections by name (authored by alryaz).
May 22 2024, 6:02 PM
c-po changed the status of T6365: Negating interface names in NAT configuration causes invalid warnings from Open to In progress.
May 22 2024, 6:01 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po committed rVYOSONEX03eae30b2743: nat: T6365: remove warnings for negated interface selections by name (authored by alryaz).
May 22 2024, 6:01 PM
c-po committed rVYOSONEX387024751774: nat: T6365: use string startswith() over [0] index access.
May 22 2024, 6:01 PM
c-po committed rVYOSONEX645c43ba60d2: nat: T6365: use interface_exists() over netifaces.interfaces().
May 22 2024, 6:01 PM
GitHub <[email protected]> committed rVYOSONEX252ae4b0b951: Merge pull request #3482 from alryaz/patch-1 (authored by c-po).
May 22 2024, 6:01 PM
GitHub <[email protected]> committed rVYOSONEXd0b2766b6053: Merge pull request #3500 from vyos/feature/T6378-remove-labeler-yml (authored by c-po).
May 22 2024, 5:43 PM
jestabro closed T5940: [1.3.5 -> 1.4.0-RC1 Migration] commit-archive Fails to Migrate, a subtask of T5938: Migration fail root task for 1.4-rc, as Resolved.
May 22 2024, 5:40 PM · VyOS Rolling, Restricted Project
jestabro closed T5940: [1.3.5 -> 1.4.0-RC1 Migration] commit-archive Fails to Migrate as Resolved.
May 22 2024, 5:40 PM · VyOS 1.4 Sagitta (1.4.0-GA)
Viacheslav closed T3493: DHCPv6 does not have prefix range validation as Resolved.
May 22 2024, 5:39 PM · VyOS 1.4 Sagitta (1.4.0-GA)
Viacheslav triaged T6382: Add dkms in order to make firmware updates of NIC's possible as Wishlist priority.
May 22 2024, 5:37 PM · VyOS 1.5 Circinus
Viacheslav moved T6384: rollback-soft should tell the user to compare and commit from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-GA) board.
May 22 2024, 5:34 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Viacheslav closed T6384: rollback-soft should tell the user to compare and commit as Resolved.
May 22 2024, 5:34 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
GitHub <[email protected]> committed rVYOSONEX82b14fb2bb89: Merge pull request #3503 from vyos/mergify/bp/sagitta/pr-3501 (authored by jestabro).
May 22 2024, 5:32 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXb2ce6057473d: rollback-soft: T6384: tell the user to compare or commit (authored by dmbaturin).
May 22 2024, 5:16 PM
dmbaturin committed rVYOSONEX7bba95c8052a: rollback-soft: T6384: tell the user to compare or commit.
May 22 2024, 5:13 PM