Page MenuHomeVyOS Platform
People L0crian

L0crian (Ryan)
User

Projects

User does not belong to any projects.

User Details

User Since
Jan 8 2024, 5:46 PM (107 w, 1 d)

Recent Activity
View All

Today

L0crian added a comment to T7569: Add ability to create raw nftables rule.

This way, it is simple to handle native nft commands with custom tables, then use them in the VyOS CLI.
I'm not expecting this feature to be implemented in the suggested format.

Wed, Jan 28, 2:09 AM · VyOS Rolling

Dec 27 2025

L0crian created T8127: firewall: Simplify and optimize vyos_conntrack table.
Dec 27 2025, 5:00 PM · VyOS Rolling

Dec 24 2025

L0crian created T8122: firewall: logging in prerouting rules not shown in 'show log firewall'.
Dec 24 2025, 5:53 PM · VyOS Rolling

Dec 23 2025

L0crian updated the task description for T8118: firewall: Traffic is processed multiple times when using zone-based firewall.
Dec 23 2025, 10:21 PM · VyOS Rolling
L0crian created T8118: firewall: Traffic is processed multiple times when using zone-based firewall.
Dec 23 2025, 10:19 PM · VyOS Rolling

Dec 22 2025

L0crian updated the task description for T8115: Use a vmap for Zone based firewall config.
Dec 22 2025, 2:29 AM · VyOS Rolling
L0crian created T8115: Use a vmap for Zone based firewall config.
Dec 22 2025, 2:19 AM · VyOS Rolling

Dec 21 2025

L0crian created T8112: Add prom2json to VyOS.
Dec 21 2025, 2:20 PM · VyOS Rolling

Dec 7 2025

L0crian placed T7886: Create unified check for interface dependencies- up for grabs.
Dec 7 2025, 7:20 PM · VyOS Rolling
L0crian placed T6455: Add Support for ZeroTier up for grabs.
Dec 7 2025, 7:18 PM · VyOS Rolling

Dec 4 2025

L0crian created T8070: "Monitor protocols" commands broken.
Dec 4 2025, 6:45 PM · VyOS Rolling

Nov 6 2025

L0crian committed rVYOSONEX354517677fb9: wlb: T7977: Updated smoketest to validate nft vmap weight buckets.
Nov 6 2025, 7:52 PM
L0crian committed rVYOSONEX559dd60a3bdb: wlb: T7977: Fix weight calculation for multiple interfaces.
Nov 6 2025, 7:52 PM

Nov 3 2025

L0crian committed rVYOSONEX7e5fd62fcf58: wlb: TT7966: Refactor dynamic nexthop resolution.
Nov 3 2025, 1:35 PM
L0crian committed rVYOSONEXc3bc42001e47: wlb: T7966: Restore default route when interface disconnects/reconnects.
Nov 3 2025, 1:35 PM
L0crian committed rVYOSONEX27645da08856: smoketests: T7971: Add docstrings to nftables verification helpers.
Nov 3 2025, 1:35 PM

Oct 31 2025

L0crian renamed T7977: Load balancing fails when more than two interfaces are in the same rule from wlb: Load balancing fails when more than 2 interfaces are equal weight in a single rule: to wlb: Load balancing fails when more than 2 interfaces are in a single rule:.
Oct 31 2025, 12:47 AM
L0crian added a comment to T7977: Load balancing fails when more than two interfaces are in the same rule.

PR: https://github.com/vyos/vyos-1x/pull/4823

Oct 31 2025, 12:18 AM
L0crian claimed T7977: Load balancing fails when more than two interfaces are in the same rule.
Oct 31 2025, 12:01 AM

Oct 30 2025

L0crian created T7977: Load balancing fails when more than two interfaces are in the same rule.
Oct 30 2025, 11:43 PM
L0crian claimed T7971: smoketest: Add instructive docstrings to verify_nftables functions.
Oct 30 2025, 1:30 AM · VyOS Rolling

Oct 29 2025

L0crian added a comment to T7971: smoketest: Add instructive docstrings to verify_nftables functions.

PR: https://github.com/vyos/vyos-1x/pull/4819

Oct 29 2025, 11:46 PM · VyOS Rolling
L0crian created T7971: smoketest: Add instructive docstrings to verify_nftables functions.
Oct 29 2025, 10:07 PM · VyOS Rolling
L0crian added a comment to T7966: wlb: Route tables do not repopulate when an interface is disconnected.

PR: https://github.com/vyos/vyos-1x/pull/4818

Oct 29 2025, 1:38 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling
L0crian created T7966: wlb: Route tables do not repopulate when an interface is disconnected.
Oct 29 2025, 2:15 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

Oct 1 2025

L0crian claimed T7886: Create unified check for interface dependencies-.
Oct 1 2025, 10:44 PM · VyOS Rolling
L0crian added a comment to T7886: Create unified check for interface dependencies-.

PR: https://github.com/vyos/vyos-1x/pull/4765

Oct 1 2025, 10:44 PM · VyOS Rolling

Sep 30 2025

L0crian claimed T7863: container: Add user-defined MAC address option to container configs.
Sep 30 2025, 6:27 PM · VyOS 1.5 Circinus (2025.11)
L0crian added a comment to T7863: container: Add user-defined MAC address option to container configs.

PR: https://github.com/vyos/vyos-1x/pull/4762

Sep 30 2025, 6:27 PM · VyOS 1.5 Circinus (2025.11)

Sep 29 2025

L0crian created T7886: Create unified check for interface dependencies-.
Sep 29 2025, 4:39 PM · VyOS Rolling

Sep 28 2025

L0crian created T7880: NTP hardware timestamping fails when the interface doesn't support it.
Sep 28 2025, 1:35 AM · VyOS Rolling
L0crian created T7879: dhcp-relay services fails to start if interface doesn't exist.
Sep 28 2025, 12:22 AM · VyOS Rolling

Sep 25 2025

L0crian claimed T7781: Firewall chains are created when unnecessary.
Sep 25 2025, 6:34 PM · VyOS Rolling
L0crian added a comment to T7781: Firewall chains are created when unnecessary.

PR: https://github.com/vyos/vyos-1x/pull/4757

Sep 25 2025, 6:17 PM · VyOS Rolling
L0crian renamed T7781: Firewall chains are created when unnecessary from Firewall chains are created no matter if the user intended to Firewall chains are created when unnecessary.
Sep 25 2025, 4:49 PM · VyOS Rolling
L0crian created T7863: container: Add user-defined MAC address option to container configs.
Sep 25 2025, 11:41 AM · VyOS 1.5 Circinus (2025.11)
L0crian updated the task description for T6455: Add Support for ZeroTier.
Sep 25 2025, 1:11 AM · VyOS Rolling
L0crian added a comment to T6455: Add Support for ZeroTier.

vyos-1x PR: https://github.com/vyos/vyos-1x/pull/4752

Sep 25 2025, 12:47 AM · VyOS Rolling

Sep 22 2025

L0crian committed rVYOSONEX6611627f6a73: Firewall: T7475: Disable conntrack per firewall chain.
Sep 22 2025, 12:55 PM
L0crian committed rVYOSONEX61e234a74a95: firewall: T7475: Remove redundant if statement in jinja template.
Sep 22 2025, 12:55 PM

Sep 20 2025

L0crian created T7850: op_mode_config_dict function not 'edit' aware.
Sep 20 2025, 12:31 PM · VyOS Rolling
L0crian committed rVYOSONEX027ed9b80b62: op-mode: T7516: fix reset ip bgp base commands.
Sep 20 2025, 11:05 AM
L0crian added a comment to T6455: Add Support for ZeroTier.

vyos-build PR to add zerotier binary: https://github.com/vyos/vyos-build/pull/1041

Sep 20 2025, 10:41 AM · VyOS Rolling

Sep 19 2025

L0crian added a comment to T7516: Add reset ip bgp all soft in out.

PR for fix: https://github.com/vyos/vyos-1x/pull/4733

Sep 19 2025, 12:10 PM · VyOS 1.5 Circinus (2025.11)
L0crian added a comment to T7516: Add reset ip bgp all soft in out.

Looks like all of the calls to the script for the reset-ip-bgp.xml.in file are wrong. I originally was making a dedicated reset_bgp.py script before just incorporating it into bgp.py. I must have forgot to update those. I'll make a PR to fix it.

Sep 19 2025, 11:53 AM · VyOS 1.5 Circinus (2025.11)

Sep 18 2025

L0crian committed rVYOSONEX4013ad156804: Firewall: T6857: Fix default action for prerouting hook.
Sep 18 2025, 3:03 PM
L0crian committed rVYOSONEX5c5d3a6b839b: container: T7681: fix multiple name servers.
Sep 18 2025, 2:34 PM
L0crian committed rVYOSONEX2f188ad3866a: op-mode: T7746: Fix 'show interfaces' description wrapping.
Sep 18 2025, 2:27 PM

Sep 17 2025

L0crian added a comment to T7835: 'show interfaces' refactor.

A quick flyby review shows the number of lines of code could be reduced by quite a bit. This isn't conclusive for a direction one way or the other. Just informational. Less code does not necessarily equal better:

Sep 17 2025, 2:10 PM · VyOS Rolling
L0crian created T7835: 'show interfaces' refactor.
Sep 17 2025, 1:53 PM · VyOS Rolling

Sep 16 2025

L0crian added a comment to T7816: Collapse tables in nftables into single tables per address-family.

Adding to this conversation. The one benefit to how things are currently being done is that changes to a single section (firewall, policy, conntrack, nat) just requires a simple delete of the entire table, then an atomic load of the updated config.

Sep 16 2025, 4:58 PM · VyOS Rolling
L0crian claimed T7746: op-mode: 'show interfaces' description wrapping is broken.
Sep 16 2025, 4:27 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS 1.4 Sagitta (1.4.3), VyOS Rolling
L0crian added a comment to T7681: Settings multiple DNS resolvers for containers prevents container start.

PR: https://github.com/vyos/vyos-1x/pull/4724

Sep 16 2025, 4:27 PM · VyOS 1.5 Circinus (2025.11)
L0crian added a comment to T7746: op-mode: 'show interfaces' description wrapping is broken.

PR: https://github.com/vyos/vyos-1x/pull/4725

Sep 16 2025, 4:26 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS 1.4 Sagitta (1.4.3), VyOS Rolling

Sep 15 2025

L0crian committed rVYOSONEX048ff4fab605: container: T7186: Add macvlan network type for containers.
Sep 15 2025, 10:19 AM
L0crian committed rVYOSONEX86b3b035b855: container: T7186: Add macvlan network type for containers.
Sep 15 2025, 10:19 AM

Sep 13 2025

L0crian created T7816: Collapse tables in nftables into single tables per address-family.
Sep 13 2025, 10:27 AM · VyOS Rolling

Sep 12 2025

L0crian committed rVYOSONEXad6b626e1b5f: BGP: T7516: Expand 'reset bgp all' elements with in/out/soft options.
Sep 12 2025, 7:25 AM
L0crian added a comment to T7144: Firewall Cannot Load Podman Network Interfaces at Boot.
In T7144#234113, @astr0n8t wrote:

Everything seems to be working as it should on both 1.4.3 and 1.5Q2 for stream, I recently started running tailscale in a container which creates tailscale0 and while I was expecting to run into issues with this, I did not, but it got me thinking, does the interface even need to exist to be able to add it to the nftables ruleset?

Sep 12 2025, 7:10 AM · VyOS Rolling

Sep 11 2025

L0crian updated the task description for T7808: 'monitor command' feature no longer works after T7745.
Sep 11 2025, 6:48 PM · VyOS Rolling
L0crian created T7808: 'monitor command' feature no longer works after T7745.
Sep 11 2025, 6:42 PM · VyOS Rolling

Sep 10 2025

L0crian added a comment to T7516: Add reset ip bgp all soft in out.

PR: https://github.com/vyos/vyos-1x/pull/4709

Sep 10 2025, 4:51 PM · VyOS 1.5 Circinus (2025.11)
L0crian added a comment to T6438: Add BGP solo option for peer group.

PR: https://github.com/vyos/vyos-1x/pull/4706

Sep 10 2025, 6:04 AM · VyOS 1.5 Circinus (2025.11)

Sep 9 2025

L0crian committed rVYOSONEXe92d00786e7c: op-mode: T7764: Add 'vlan-to-vni statistics' op-mode command.
Sep 9 2025, 2:10 PM
L0crian committed rVYOSONEX6403816d96f3: op-mode: T7764: Add 'vlan-to-vni statistics' op-mode command.
Sep 9 2025, 2:10 PM

Sep 6 2025

L0crian claimed T7740: Development: dict_search_arg function that returns user defined default.
Sep 6 2025, 9:47 PM · VyOS 1.5 Circinus (2025.11)
L0crian added a comment to T7740: Development: dict_search_arg function that returns user defined default.

PR: https://github.com/vyos/vyos-1x/pull/4700

Sep 6 2025, 9:47 PM · VyOS 1.5 Circinus (2025.11)
L0crian added a comment to T1124: Support BGP Prefix Origin Validation State Extended Community (RFC 8097).

PR: https://github.com/vyos/vyos-1x/pull/4699

Sep 6 2025, 9:46 PM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

Sep 5 2025

L0crian added a comment to T7475: Make it possible to disable connection tracking for specific firewall chains.

PR: https://github.com/vyos/vyos-1x/pull/4698

Sep 5 2025, 8:58 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

Sep 3 2025

L0crian added a comment to T7475: Make it possible to disable connection tracking for specific firewall chains.

I found a companion issue to this and created a task for it:
https://vyos.dev/T7781

Sep 3 2025, 5:02 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling
L0crian created T7781: Firewall chains are created when unnecessary.
Sep 3 2025, 5:01 PM · VyOS Rolling
L0crian added a comment to T7760: bgp: remove per vrf instance system-as node.

@c-po

! In T7760#233813, @L0crian wrote:
Quick note on this. It'll maintain the existing AS-Path in the advertisements, but it COULD change the behavior of route rejection on received routes.

Sep 3 2025, 1:29 PM · Rejected

Sep 2 2025

L0crian added a comment to T6673: Unexpected error when restart container via native Podman command.

PR: https://github.com/vyos/vyos-1x/pull/4691

Sep 2 2025, 12:40 PM · VyOS 1.5 Circinus (2025.11)
L0crian added a comment to T6857: Ruleset information for ipv6 firewall "prerouting raw" shows wrong default action.

PR: https://github.com/vyos/vyos-1x/pull/4692

Sep 2 2025, 12:40 PM · VyOS 1.5 Circinus (2025.11)

Sep 1 2025

L0crian added a comment to T7769: Containers: Add 'Requires' and 'After' as container opttions.
In T7769#234133, @Viacheslav wrote:

What about option priority?

set container name c1 priority 1
set container name c2 priority 2

Do you mean to manipulate the start order of the containers? If so, I don’t think it’d solve the issue. On a suitably fast system, all of the containers would start within a fraction of a second of each other. So it’d be a race condition that would almost always fail.

Sep 1 2025, 8:56 PM · VyOS Rolling
L0crian renamed T7769: Containers: Add 'Requires' and 'After' as container opttions from Containers: Add 'Requires' and 'After' to Containers: Add 'Requires' and 'After' as container opttions.
Sep 1 2025, 1:38 AM · VyOS Rolling
L0crian created T7769: Containers: Add 'Requires' and 'After' as container opttions.
Sep 1 2025, 1:37 AM · VyOS Rolling

Aug 31 2025

L0crian created T7767: Firewall: Add icmp-group and icmpv6-groups.
Aug 31 2025, 10:39 AM · VyOS Rolling

Aug 29 2025

L0crian added a comment to T7764: Add 'vlan-to-vni statistics' op-mode command.

PR: https://github.com/vyos/vyos-1x/pull/4687

Aug 29 2025, 3:36 PM · VyOS 1.5 Circinus (2025.11)
L0crian claimed T7764: Add 'vlan-to-vni statistics' op-mode command.
Aug 29 2025, 3:19 PM · VyOS 1.5 Circinus (2025.11)
L0crian created T7764: Add 'vlan-to-vni statistics' op-mode command.
Aug 29 2025, 3:18 PM · VyOS 1.5 Circinus (2025.11)
L0crian committed rVYOSONEX13a37b831d61: T7742: Add 'show interfaces kernel statistics' command.
Aug 29 2025, 1:42 PM

Aug 28 2025

L0crian added a comment to T7186: Macvlan support for podman containers.

PR: https://github.com/vyos/vyos-1x/pull/4686

Aug 28 2025, 7:49 PM · VyOS 1.5 Circinus (2025.11)
L0crian added a comment to T7760: bgp: remove per vrf instance system-as node.

Quick note on this. It'll maintain the existing AS-Path in the advertisements, but it COULD change the behavior of route rejection on received routes.

Aug 28 2025, 2:27 PM · Rejected

Aug 26 2025

L0crian added a comment to T7742: Add operational mode 'show interfaces kernel statistics' command.

PR: https://github.com/vyos/vyos-1x/pull/4680

Aug 26 2025, 3:57 PM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)
L0crian committed rVYOSONEX5176bb18f499: T7741: Fixes for 'show interfaces kernel'.
Aug 26 2025, 12:38 PM
L0crian committed rVYOSONEX9886da9143f5: Merge branch 'kernel-updates' of https://github.com/l0crian1/vyos-1x into….
Aug 26 2025, 12:38 PM
L0crian committed rVYOSONEX71f731abc458: T7741: Fixes for 'show interfaces kernel'.
Aug 26 2025, 12:38 PM
L0crian committed rVYOSONEXe22b051ec918: op-mode: T7741: Fixes for 'show interfaces kernel'.
Aug 26 2025, 12:38 PM

Aug 25 2025

L0crian created T7753: Interfaces: Interface names can exceed 15 characters.
Aug 25 2025, 10:12 PM · VyOS Rolling

Aug 21 2025

L0crian created T7746: op-mode: 'show interfaces' description wrapping is broken.
Aug 21 2025, 10:38 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS 1.4 Sagitta (1.4.3), VyOS Rolling

Aug 20 2025

L0crian added a comment to T7741: The output of 'show interfaces kernel' has incorrect columns and layout issues.

PR: https://github.com/vyos/vyos-1x/pull/4673

Aug 20 2025, 9:24 PM · VyOS 1.5 Circinus (2025.11)
L0crian claimed T7742: Add operational mode 'show interfaces kernel statistics' command.
Aug 20 2025, 8:44 PM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)
L0crian created T7742: Add operational mode 'show interfaces kernel statistics' command.
Aug 20 2025, 8:44 PM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)
L0crian created T7741: The output of 'show interfaces kernel' has incorrect columns and layout issues.
Aug 20 2025, 8:38 PM · VyOS 1.5 Circinus (2025.11)
L0crian created T7740: Development: dict_search_arg function that returns user defined default.
Aug 20 2025, 8:14 PM · VyOS 1.5 Circinus (2025.11)

Aug 19 2025

L0crian added a comment to T7736: Container: virtual-ethernet exception when attempting to modify container network created veth.

Has Podman 5.4 been evaluated at all? It seems like 5.4 introduced a new feature that would solve this in the cleanest way:

Aug 19 2025, 8:35 PM · VyOS Rolling
L0crian created T7736: Container: virtual-ethernet exception when attempting to modify container network created veth.
Aug 19 2025, 7:15 PM · VyOS Rolling
L0crian committed rVYOSONEX3d2bdd92146a: T7687: Add op-mode for VLAN-to-VNI mapping.
Aug 19 2025, 2:46 PM

Aug 11 2025

L0crian committed rVYOSONEX38c5df791210: T7468: add VLAN-to-VNI mapping description.
Aug 11 2025, 7:01 PM