User Details
- User Since
- May 6 2021, 3:27 PM (98 w, 3 d)
Wed, Mar 22
Sat, Mar 11
Thu, Mar 9
My bad
Discovered a couple of problems with chrony using the existing CLI.
Thu, Mar 2
Have started work on migrating isc-dhcp v4/v6 server to Kea.
Feb 22 2023
Feb 21 2023
Builds completing. ISO worker on Jenkins should be fixed and pushing new rolling images shortly.
Feb 13 2023
Feb 3 2023
Jan 29 2023
Jan 7 2023
Jan 6 2023
Dec 3 2022
PR to fix recursion check: https://github.com/vyos/vyos-1x/pull/1691
Nov 22 2022
Nov 11 2022
PR for policy route refactor updates to vyos_mangle: https://github.com/vyos/vyos-1x/pull/1654
Nov 3 2022
PR adds groups to NAT: https://github.com/vyos/vyos-1x/pull/1633
Nov 1 2022
Adds firewall node rule N source/destination fqdn domain.com for single domains per rule and refactors resolver daemon.
Oct 31 2022
Oct 29 2022
Good point, I'll try and look into this and see if it can be handled everywhere the new PKI nodes are used.
Oct 28 2022
Best suggestion seems to be introducing a script to call podman stop -t N on shutdown/reboot to reduce the timeout before SIGKILL is sent.
Oct 27 2022
Oct 25 2022
Oct 11 2022
Oct 10 2022
Sep 28 2022
Sep 27 2022
Can we see example destination NAT config with the issue?
Sep 21 2022
Included a fix for this in NAT refactor: https://github.com/vyos/vyos-1x/pull/1552
PR for NAT included with refactor: https://github.com/vyos/vyos-1x/pull/1552
Sep 12 2022
Refactor PR: https://github.com/vyos/vyos-1x/pull/1534
PR for filter tables: https://github.com/vyos/vyos-1x/pull/1534
Sep 10 2022
Aug 17 2022
Not supported at the moment, but we can look into adding it for both ipv4/v6 in 1.4
While I'm for changing to prefixed tables, I think the issue of tailscale and custom apps should fall under the accepted risk of running custom scripts outside of the config.
Any config available to test against?
Jul 7 2022
Jul 6 2022
I think there's still a problem possible with /var/log/messages handling:
Confirmed issue, seems to be a problem in rsyslog/logrotate. Possibly related to T4250
Jul 5 2022
Jul 2 2022
Inverse match PR: https://github.com/vyos/vyos-1x/pull/1386
Jul 1 2022
If the counters are visible and incrementing when checking with nft list table ip filter then I don't think this is an implementation issue. Wondering if its a problem with the syslog daemon.
Jun 29 2022
Jun 27 2022
Jun 25 2022
Jun 15 2022
Jun 13 2022
Working on moving groups to named set as part of a refactor in some firewall code.
Jun 10 2022
May 31 2022
May 30 2022
PR for op-mode importing existing PKI files into config: https://github.com/vyos/vyos-1x/pull/1343
May 27 2022
May 26 2022
@panachoi If you can share the anonymized config that works in 1.2.8 that would be useful. I'd expect migrating to 1.4 to see a decent improvement in firewall load times.
Apr 20 2022
Apr 14 2022
30 largest packages in 1.4 dev build:
telegraf 144 MB linux-image-5.10.109-amd64-vyos 107 MB libwireshark14 100 MB vyos-linux-firmware 68.8 MB containernetworking-plugins 51.2 MB vyos-http-api-tools 40.4 MB podman 37.3 MB python3-pycryptodome 36.0 MB libicu67 33.9 MB vim-runtime 32.9 MB vyos-1x 29.2 MB libperl5.32 28.5 MB salt-common 27.9 MB nmap-common 21.2 MB frr 20.2 MB libruby2.7 17.9 MB coreutils 17.9 MB perl-modules-5.32 17.9 MB grub-common 17.8 MB systemd 16.4 MB locales 16.4 MB libc6 13.1 MB pmacct 13.0 MB ieee-data 12.3 MB vyos-intel-qat 11.7 MB aptitude-common 10.3 MB gdb 10.0 MB udev 9,184 kB grub-efi-amd64-bin 8,831 kB squid 8,582 kB
Apr 6 2022
Mar 29 2022
Mar 18 2022
Perhaps only in-use sets can be determined and loaded?
Error implies that firewall failed to configure on boot as mangle table is missing. Any logs/config trace from boot?