User Details
- User Since
- Oct 2 2019, 6:00 PM (208 w, 3 d)
Fri, Sep 29
Could be a cause of this bug https://forum.vyos.io/t/igmp-proxy-not-working-in-1-4-since-around-7-sept
PR migration https://github.com/vyos/vyos-1x/pull/2325
Wed, Sep 27
Add option protocol, PR https://github.com/vyos/vyos-1x/pull/2313
set policy local-route rule 100 destination '192.0.2.12' set policy local-route rule 100 protocol 'tcp' set policy local-route rule 100 set table '100'
Fixed
Tue, Sep 26
PR for 1.3 https://github.com/vyos/vyos-1x/pull/2310
We have fwmark for policy local-route
But it is only for match mark and routing decision
vyos@vyos-lns# set policy local-route rule 100 Possible completions: + destination Destination address or prefix fwmark Match fwmark value inbound-interface Inbound Interface > set Packet modifications + source Source address or prefix
Sat, Sep 23
Fri, Sep 22
Op-mode command reduce
PR https://github.com/vyos/vyos-1x/pull/2302
vyos@r4:~$ show conf com | match firew set firewall ipv4 input filter default-action 'accept' set firewall ipv4 input filter rule 1 action 'accept' set firewall ipv4 input filter rule 1 description 'Allow loopback' set firewall ipv4 input filter rule 1 inbound-interface interface-name 'lo' set firewall ipv4 input filter rule 1 source address '127.0.0.0/8' set firewall ipv4 input filter rule 2 action 'accept' set firewall ipv4 input filter rule 2 description 'Allow established/related' set firewall ipv4 input filter rule 2 state established 'enable' set firewall ipv4 input filter rule 2 state related 'enable' set firewall ipv4 input filter rule 60 action 'accept' set firewall ipv4 input filter rule 60 description 'Allow SSH from trusted networks' set firewall ipv4 input filter rule 60 destination port '22' set firewall ipv4 input filter rule 60 protocol 'tcp' set firewall ipv4 input filter rule 10000 action 'drop' set firewall ipv4 input filter rule 10000 description 'Drop everything else' vyos@r4:~$ vyos@r4:~$ produce firewall rule-resequence start 10 step 10
Thu, Sep 21
Wed, Sep 20
@Apachez It is not FQDN based
Contact our sales or ask forum
set netns name mgmt
set interfaces virtual-ethernet veth1 address '10.0.0.0/31'
set interfaces virtual-ethernet veth1 peer-name 'veth10'
set interfaces virtual-ethernet veth10 address '10.0.0.1/31'
set interfaces virtual-ethernet veth10 netns 'mgmt'
set interfaces virtual-ethernet veth10 peer-name 'veth1'
PR https://github.com/vyos/vyos-1x/pull/2295
set system sysctl parameter net.ipv4.tcp_syncookies value '1' set system sysctl parameter net.ipv4.tcp_timestamps value '1'
You do not use port 80/443, so it does not have HTTP-HEADER (in theory).
service LB_port_451 { listen-address 10.1.1.1 mode tcp port 451
Try to change to port 80 and check if it works.
You need another solution/configuration
Tue, Sep 19
First tests unsecseful
vyos@r4# sudo nft list ruleset table ip vyos_synproxy { chain PRE { type filter hook prerouting priority raw; policy accept; tcp dport 22 tcp flags syn counter packets 1 bytes 60 notrack }
Mon, Sep 18
r4# show version FRRouting 9.0.1 (r4) on Linux(6.1.53-amd64-vyos)
Still has bugs
For example with redistribute
r4# conf t r4(config)# router eigrp 65001 r4(config-router)# redistribute connected % Configuration failed.
Cannot pass the smoketest:
DEBUG - ====================================================================== DEBUG - FAIL: test_01_dyndns_service_standard (__main__.TestServiceDDNS.test_01_dyndns_service_standard) DEBUG - ---------------------------------------------------------------------- DEBUG - Traceback (most recent call last): DEBUG - File "/usr/libexec/vyos/tests/smoke/cli/test_service_dns_dynamic.py", line 82, in test_01_dyndns_service_standard DEBUG - self.assertIn(f'use=if', ddclient_conf) DEBUG - AssertionError: 'use=if' not found in '### Autogenerated by dns_dynamic.py ###\ndaemon=300\nsyslog=yes\nssl=yes\npid=/run/ddclient/ddclient.pid\ncache=/run/ddclient/ddclient.cache\nweb=googledomains use=no \n # Web service dynamic DNS configuration for cloudflare: [cloudflare, test.ddns.vyos.io]\nusev4=ifv4, \\\nifv4=eth0, \\\nprotocol=cloudflare, \\\nzone=vyos.io, \\\npassword=paSS_@4ord \\\ntest.ddns.vyos.io' DEBUG - DEBUG - ---------------------------------------------------------------------- DEBUG - Ran 4 tests in 11.489s DEBUG - DEBUG - FAILED (failures=1)
Fri, Sep 15
Fixed
Thu, Sep 14
Wed, Sep 13
PR for 1.3.x https://github.com/vyos/vyatta-cfg-quagga/pull/102
Tue, Sep 12
Mon, Sep 11
Sun, Sep 10
PR https://github.com/vyos/vyos-1x/pull/2240
set protocols static proxy-arp 192.0.2.1 interface eth0 set protocols static proxy-arp 192.0.2.1 interface eth1 set protocols static proxy-ndp 2001:db8::1 interface eth1
I guess we should use the current ip neighbor xxx instead of ol arp. I hope it does the same.
sudo ip neighbor add proxy 192.0.2.1 dev eth0