Page MenuHomeVyOS Platform

Updated 706 Days AgoPublic


  • T4204: Update Accel-PPP to a newer revision
  • T4310: CVE-2022-0778: infinite loop in OpenSSL certificate parsing
  • T4311: CVE-2021-4034: local privilege escalation in PolKit

Configuration syntax changes (automatically migrated)

  • T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID
  • T4273: ssh: Upgrade from 1.2.X to 1.3.0 breaks config

New features and improvements

  • T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID
  • T2400: OpenVPN: dont restart server if no need
  • T2764: Increase maximum number of NAT rules
  • T3164: console-server ssh does not work with RADIUS PAM auth
  • T3299: Allow the web proxy service to listen on all IP addresses
  • T3854: Missing op-mode commands for conntrack-sync
  • T3872: Add configurable telegraf monitoring service
  • T4055: Add VRF support for HTTP(S) API service
  • T4100: Firewall increase maximum number of rules
  • T4120: [VXLAN] add ability to set multiple unicast-remotes
  • T4128: keepalived: Upgrade package to add VRF support
  • T4261: MACsec: add DHCP client support

Bug fixes

  • T2922: The vpn ipsec logging log-modes miss the IPSec daemons state check
  • T3380: "show vpn ike sa" does not display IPv6 peers
  • T3686: Bridging OpenVPN tap with no local-address breaks
  • T3914: VRRP rfc3768-compatibility doesn't work with unicast peers
  • T3924: VRRP stops working with VRF
  • T4002: firewall group network-group long names restriction incorrect behavior
  • T4081: VRRP health-check script stops working when setting up a sync group
  • T4087: IPsec IKE-group proposals limit of 10 pieces
  • T4092: IKEv2 mobike commit failed with DMVPN nhrp
  • T4093: SNMPv3 snmpd.conf generation bug
  • T4101: commit-archive: Use of uninitialized value $source_address in concatenation
  • T4104: RAID1: "add raid md0 member sda1" does not restore boot sector
  • T4110: [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0
  • T4141: Set high-availability vrrp sync-group without members error
  • T4142: Input ifbX interfaces not displayed in op-mode
  • T4152: NHRP shortcut-target holding-time does not work
  • T4154: Error add second gre tunnel with the same source interface
  • T4165: Custom conntrack rules cannot be deleted
  • T4168: IPsec VPN is impossible to restart when DMVPN is configured
  • T4183: IPv6 link-local address not accepted as wireguard peer
  • T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses
  • T4191: Lost access to host after VRF re-creating
  • T4196: DHCP server client-prefix-length parameter results in non-functional leases
  • T4203: Reconfigure DHCP client interface causes brief outages
  • T4226: VRRP transition-script does not work for groups name which contains -(minus) sign
  • T4228: bond: OS error thrown when two bonds use the same member
  • T4233: ssh: sync regex for allow/deny usernames to "system login"
  • T4234: Show firewall partly broken in 1.3.x
  • T4237: Conntrack-sync error - error adding listen-address command
  • T4240: Cannot add wlan0 to bridge via configure
  • T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus
  • T4242: ethernet speed/duplex can never be switched back to auto/auto
  • T4258: [DHCP-SERVER] error parameter on Failover
  • T4259: The conntrackd daemon can be started wrongly
  • T4263: vyos.util.leaf_node_changed() dos not honor valueLess nodes
  • T4264: vxlan: interface is destroyed and rebuild on description change
  • T4267: Error - Missing required "ip key" parameter
  • T4273: ssh: Upgrade from 1.2.X to 1.3.0 breaks config
  • T4297: Interface configuration saving fails for ice/iavf based interfaces because they can't change speed/duplex settings
  • T4377: generate tech-support archive includes previous archives

Other resolved issues

  • T4227: Typo in help completion of hello-time option of bridge interface
  • T4255: Unexpected print of dict bridge on delete
Last Author
Last Edited
Jun 11 2022, 8:40 AM