Page MenuHomeVyOS Platform

adestis (Markus Berthold)
User

Projects

User does not belong to any projects.

User Details

User Since
Apr 4 2016, 12:29 PM (416 w, 4 d)

Recent Activity

Feb 27 2024

adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.

Thank you very much!

Feb 27 2024, 12:15 PM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus

Feb 13 2024

adestis updated subscribers of T6040: Implement a firewall blacklisting solution.

@c-po in task T4797 (https://github.com/vyos/vyos-1x/pull/1648) you mentioned that the author should use the system task-scheduler feature.
I would understand this the same way as the author did:
The implementation of scheduling should be a module which could be reused by other features/extensions but the "cron" data should be stored separate from
what the user can schedule via the config.
But maybe you see it differently?

Feb 13 2024, 4:25 PM · VyOS 1.4 Sagitta
adestis added a comment to T5493: Add capability to use local and external dynamic-lists for firewall rules but also for various policies such as access-list, route-maps etc..

@Apachez I would need this feature in another feature (https://vyos.dev/T6040) to avoid a double implementation.

Feb 13 2024, 4:20 PM · VyOS 1.4 Sagitta
adestis updated the task description for T6040: Implement a firewall blacklisting solution.
Feb 13 2024, 3:34 PM · VyOS 1.4 Sagitta
adestis created T6040: Implement a firewall blacklisting solution.
Feb 13 2024, 3:21 PM · VyOS 1.4 Sagitta

Feb 12 2024

adestis added a comment to T4797: External address/network lists for firewall (Local and remote).

@TheSin- we also need this feature because our old blacklisting implementation is no longer working since the new nft implementation replaces sets after changes in the config.
So we have to go the official way and I just stumbled over your feature request when I started to make my own implementation.
Even when I have not implemented any core parts for VyOS yet, I offer my help with the implementation of this feature.

Feb 12 2024, 10:14 AM · VyOS 1.4 Sagitta
adestis added a comment to T1610: Support operator mode commands via REST API.

@dmbaturin I understand that show commands are already implemented via the API.
But what about commands like ping and traceroute?
Would this require much more effort?

Feb 12 2024, 7:44 AM

Jan 25 2024

adestis created T5986: Container: Error on commit when environment variable value contains \n line break.
Jan 25 2024, 5:16 PM · VyOS 1.4 Sagitta

Jan 22 2024

adestis added a comment to T5249: Add rollback-soft feature to rollback without a reboot.
Jan 22 2024, 7:18 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Jan 12 2024

adestis added a comment to T5249: Add rollback-soft feature to rollback without a reboot.

Just a question: Would it be nice if this feature could also be combined with the commit-confirm?
e.g. like commit-confirm soft 20

Jan 12 2024, 6:45 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Jan 9 2024

adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.

Warning would be much better because it would solve the problem.
When you have the image already loaded and the system was rebooted, the image should still exist and therefore the user/pass is not required (for the moment).

Jan 9 2024, 7:56 AM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus
adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.

Viacheslav suggested the following change which worked for me:

Jan 9 2024, 7:48 AM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus

Jan 8 2024

adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.

The same problem (container config does not get loaded) occurs, when DNS is not available for whatever reason.
This must not prevent the current container settings to be online.

Jan 8 2024, 4:48 PM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus
adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.

I think I found the problem.

Jan 8 2024, 4:30 PM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus
adestis created T5909: Container registry with authentication prevents config load (section container) after reboot.
Jan 8 2024, 4:07 PM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus

Nov 27 2023

adestis added a comment to T5785: API output of show container image broken.

Seems like it's the same for the other functions
sudo podman ps --all vs. sudo podman ps --all --format='{{json .}}'
sudo podman network ls vs. sudo podman network ls --format='{{json .}}'

Nov 27 2023, 5:02 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
adestis added a comment to T5785: API output of show container image broken.

The implementation in file container.py has the command podman image ls which is ok when called from shell.
When called from API it should have been podman image ls --format='{{json .}}'

Nov 27 2023, 4:57 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
adestis added a comment to T5785: API output of show container image broken.

Seems like I was wrong, the content is returned but not in structured json format.
For further automation it would be nice to have json objects instead of a string which needs to be parsed by the client.

Nov 27 2023, 4:41 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
adestis updated the task description for T5785: API output of show container image broken.
Nov 27 2023, 4:33 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
adestis created T5785: API output of show container image broken.
Nov 27 2023, 4:29 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Apr 4 2023

Harliff awarded T1237: Static Route Path Monitoring, failover a Burninate token.
Apr 4 2023, 11:28 AM · VyOS 1.4 Sagitta
Harliff awarded T1237: Static Route Path Monitoring, failover a Like token.
Apr 4 2023, 11:28 AM · VyOS 1.4 Sagitta

Oct 13 2022

danhusan awarded T1237: Static Route Path Monitoring, failover a Orange Medal token.
Oct 13 2022, 1:02 PM · VyOS 1.4 Sagitta

May 23 2022

adestis added a comment to T4147: New Firewall Implementation - proposed changes on group implementation.

I was not aware that the nft implementation changes the kind of how groups are used.
We have implemented a blacklisting approach which heavily relates on using ipset because no one wants to have hundred thousand of addresses in the config file.
So I think this is essential, at least for us.

May 23 2022, 7:17 AM · VyOS 1.4 Sagitta

Mar 22 2022

adestis added a comment to T1610: Support operator mode commands via REST API.

@adestis there were discussions on this in the past week --- I will be helping @dmbaturin with the task

Mar 22 2022, 1:53 PM

Feb 1 2022

adestis closed T4198: Error shown on commit as Resolved.
Feb 1 2022, 10:56 AM · VyOS 1.3 Equuleus (1.3.0)
adestis added a comment to T4198: Error shown on commit.

Seems like this is already handled in T4101

Feb 1 2022, 10:51 AM · VyOS 1.3 Equuleus (1.3.0)

Jan 28 2022

adestis added a comment to T4198: Error shown on commit.

I could commit a merge request but I have not figured out in which repo the file is located.

Jan 28 2022, 3:38 PM · VyOS 1.3 Equuleus (1.3.0)
adestis added a comment to T4198: Error shown on commit.

@Viacheslav steps to reproduce:

Jan 28 2022, 3:35 PM · VyOS 1.3 Equuleus (1.3.0)
adestis updated the task description for T4198: Error shown on commit.
Jan 28 2022, 3:15 PM · VyOS 1.3 Equuleus (1.3.0)

Jan 20 2022

adestis created T4198: Error shown on commit.
Jan 20 2022, 3:40 PM · VyOS 1.3 Equuleus (1.3.0)

Dec 20 2021

adestis added a comment to T4078: A hybrid of "network-group" and "address-group"..

@m.korobeinikov why not use network group with /32 host addresses ?

Dec 20 2021, 7:41 AM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta

Dec 14 2021

adestis awarded T970: Hostname Support in NAT and Firewall Rules a Like token.
Dec 14 2021, 3:24 PM · VyOS 1.4 Sagitta

Dec 9 2021

adestis created T4064: IP address for vif is not removed from the system when deleted in configuration.
Dec 9 2021, 3:05 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)

Nov 5 2021

adestis added a comment to T1610: Support operator mode commands via REST API.

Great. As soon as there is an example available I think I can also help provide additional commands.

Nov 5 2021, 2:52 PM
adestis added a comment to T1610: Support operator mode commands via REST API.

Who can help with the architecture of this webservice?

Nov 5 2021, 10:14 AM

Sep 6 2021

adestis added a comment to T1610: Support operator mode commands via REST API.

When there is an example for operator rest api commands I could add some functionality.
But the architecture for such operations should be provided by someone who is deeper involved in the vyos roadmap.

Sep 6 2021, 3:52 PM

Sep 28 2020

adestis added a comment to T1237: Static Route Path Monitoring, failover.

So far I have seen that BFD for static routes in FRR is currently under development:
https://github.com/FRRouting/frr/issues/3369

Sep 28 2020, 1:07 PM · VyOS 1.4 Sagitta

Aug 31 2020

adestis added a comment to T1237: Static Route Path Monitoring, failover.

@Cheeze_It BFD for static routes would be nice as well but sometimes the target you test against is not under your control and/or does not support BFD.

Aug 31 2020, 4:38 PM · VyOS 1.4 Sagitta

Apr 14 2020

adestis added a comment to T2096: Provide "generate" and "show" commands via the http API.

@jestabro you removed VyOS 1.2.6 does this mean it will not be included in 1.2.x ?

Apr 14 2020, 7:12 AM · VyOS 1.3 Equuleus (1.3.0)

Nov 22 2019

adestis edited projects for T1820: VRRP transition scripts for sync-groups are not supported in VyOS (anymore), added: VyOS 1.2 Crux (VyOS 1.2.4); removed VyOS 1.2 Crux.
Nov 22 2019, 5:34 PM · VyOS 1.3 Equuleus (1.3.0)
adestis created T1820: VRRP transition scripts for sync-groups are not supported in VyOS (anymore).
Nov 22 2019, 4:30 PM · VyOS 1.3 Equuleus (1.3.0)

Oct 9 2019

adestis added a comment to T1183: BFD Support via FRR.

@c-po wrote:
I would not backport it. Its a proof of concept and things are still unclear about peer configuration (why does cumulus FRR behave differently and has no peer config) also the FRR interface is only a PoC.

Oct 9 2019, 7:16 AM · VyOS 1.2 Crux (VyOS 1.2.4)

Oct 4 2019

adestis added a comment to T1183: BFD Support via FRR.

Hi trae32566

Oct 4 2019, 6:46 AM · VyOS 1.2 Crux (VyOS 1.2.4)

Sep 25 2019

adestis added a comment to T1183: BFD Support via FRR.

It would be awsome if the feature could also be made available in the next VyOS 1.2.x version.
Because it likely takes a lot more time until version 1.3 gets released.

Sep 25 2019, 7:30 AM · VyOS 1.2 Crux (VyOS 1.2.4)

Aug 23 2019

adestis created T1610: Support operator mode commands via REST API.
Aug 23 2019, 10:29 AM

Apr 8 2019

adestis added a comment to T1237: Static Route Path Monitoring, failover.

Hello runar,
I know that it's possible to do it manually.
But I really would like to see a more integrated solution where you can add a check for the next hop inside the configuration.

Apr 8 2019, 11:43 AM · VyOS 1.4 Sagitta
adestis added a comment to T1209: OSPF max-metric values over 100 cause commit errors.

Hi zsdc,

Apr 8 2019, 11:42 AM · VyOS 1.2 Crux (VyOS 1.2.3)

Feb 19 2019

adestis created T1253: Feature Request: FRR Flowspec.
Feb 19 2019, 8:39 AM · VyOS 1.5 Circinus

Feb 9 2019

adestis created T1237: Static Route Path Monitoring, failover.
Feb 9 2019, 6:04 AM · VyOS 1.4 Sagitta

Jan 28 2019

adestis created T1209: OSPF max-metric values over 100 cause commit errors.
Jan 28 2019, 1:07 PM · VyOS 1.2 Crux (VyOS 1.2.3)

Nov 27 2018

adestis added a project to T1048: [IPSec] Protocol all does not work in IPSec Tunnel: VyOS 1.2 Crux.
Nov 27 2018, 8:07 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux ( VyOS 1.2.0-rc11)

Nov 26 2018

adestis created T1048: [IPSec] Protocol all does not work in IPSec Tunnel.
Nov 26 2018, 11:20 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux ( VyOS 1.2.0-rc11)

Oct 24 2018

adestis created T930: "show vpn ipsec policy" does not work in VyOS 1.2 rc3.
Oct 24 2018, 9:38 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc6)

Oct 16 2018

adestis edited projects for T905: The command show remote-config does not work for remote-platform openvpn, added: VyOS 1.2 Crux (VyOS 1.2.0-rc4); removed VyOS 1.2 Crux (VyOS 1.2.0-rc3).
Oct 16 2018, 8:40 AM · VyOS 1.4 Sagitta
adestis created T905: The command show remote-config does not work for remote-platform openvpn.
Oct 16 2018, 8:29 AM · VyOS 1.4 Sagitta

Jan 9 2017

adestis added a comment to V3: Tag node syntax for VyOS 2.0.

The suggestion from @rps (XORP style) seems to be the best way from my point of view:
https://phabricator.vyos.net/V3#51

Jan 9 2017, 7:13 AM · VyOS 2.0.x, VyConf

May 19 2016

adestis added a comment to T67: VyOS freeze during creating VMware snapshot with quiesce a file system option.

@higebu: Thank you we will give it a try.
I think that should be the default setting as long as the problem is not fixed.

May 19 2016, 4:01 AM · Invalid

May 18 2016

adestis added a comment to T67: VyOS freeze during creating VMware snapshot with quiesce a file system option.
In T67#1060, @dmbaturin wrote:

@brona Do you know exact reproducing procedure?
We noticed this problem with Veeam Backup and Replication tool that uses quiescence, but we could never reproduce it simply by making a snapshot of a test VM.

May 18 2016, 6:44 PM · Invalid
adestis added a comment to T67: VyOS freeze during creating VMware snapshot with quiesce a file system option.

Maybe just bad luck, but 4x create snapshot 4x frozen router (Always on ESXi 5.5)

May 18 2016, 6:41 PM · Invalid
adestis created T68: VyOS SDN support (openconfig, netconf, telemetry).
May 18 2016, 6:29 PM · Rejected

Apr 4 2016

adestis created T41: Include bgpq3 for BGP policy creation.
Apr 4 2016, 12:32 PM · VyOS 1.2 Crux (VyOS 1.2.2)