Feed Search
Dec 21 2021
Dec 21 2021
Viacheslav changed the subtype of T4072: Feature Request: Firewall on bridge interfaces from "Task" to "Feature Request".
Viacheslav removed a project from T4087: IPsec IKE-group proposals limit of 10 pieces : VyOS 1.2 Crux.
Viacheslav renamed T4039: Rsyslog to use 'protocol23format' for protocol UDP from Rsyslog to use 'protocol23format' to Rsyslog to use 'protocol23format' for protocol UDP.
Viacheslav added a comment to T4039: Rsyslog to use 'protocol23format' for protocol UDP.
Viacheslav added a project to T4039: Rsyslog to use 'protocol23format' for protocol UDP: VyOS 1.4 Sagitta.
Viacheslav added a comment to T4062: VRRP IPSEC-AH : sequence number xxxxxxx already processed. Packet dropped. Local(xxxxxxx).
@boevering Do you know how to reproduce it?
Viacheslav moved T4082: Add op mode command to restart ldpd from Open to Backport Candidates on the VyOS 1.4 Sagitta board.
Dec 20 2021
Dec 20 2021
Viacheslav changed the subtype of T4087: IPsec IKE-group proposals limit of 10 pieces from "Task" to "Feature Request".
Viacheslav added a comment to T4087: IPsec IKE-group proposals limit of 10 pieces .
Unknown Object (User) updated subscribers of T4087: IPsec IKE-group proposals limit of 10 pieces .
@Viacheslav found the source of the restriction:
Unknown Object (User) created T4087: IPsec IKE-group proposals limit of 10 pieces .
Dec 19 2021
Dec 19 2021
c-po changed the status of T3700: Support VLAN tunnel mapping of VLAN aware bridges, a subtask of T3137: Let VLAN aware bridge approach the behavior of professional equipment, from Open to In progress.
Dec 17 2021
Dec 17 2021
devon added a comment to T4082: Add op mode command to restart ldpd.
I've opened a PR: https://github.com/vyos/vyos-1x/pull/1111
Dec 16 2021
Dec 16 2021
GallySoft added a comment to T3006: Accel-PPP & vlan-mon config get invalid VLAN.
@Dmitry there it is:
Dec 15 2021
Dec 15 2021
Unknown Object (User) added a comment to T3006: Accel-PPP & vlan-mon config get invalid VLAN.
@GallySoft could you please share your configuration commands?
Is S-VLAN 995 and C-VLAN 2092 as an example configured on the bond0 interface?
GallySoft added a comment to T3006: Accel-PPP & vlan-mon config get invalid VLAN.
Hi @Dmitry, thank you.
Unknown Object (User) added a comment to T3006: Accel-PPP & vlan-mon config get invalid VLAN.
Hi @GallySoft, this fix is still not in 1.3. Try to test it on 1.4 fresh rollings.
GallySoft added a comment to T3006: Accel-PPP & vlan-mon config get invalid VLAN.
On VyOS 1.3-beta-202112150443 seems not working:
Dec 14 2021
Dec 14 2021
Unknown Object (User) created T4072: Feature Request: Firewall on bridge interfaces.
Dec 10 2021
Dec 10 2021
Unknown Object (User) changed the status of T4062: VRRP IPSEC-AH : sequence number xxxxxxx already processed. Packet dropped. Local(xxxxxxx) from Open to Needs testing.
Dec 9 2021
Dec 9 2021
c-po moved T4041: "transition-script" doesn't work on "sync-group" from Open to Finished on the VyOS 1.4 Sagitta board.
Unknown Object (User) closed T3546: Add support for running scripts on PPPoE server session events as Unknown Status.
Dec 8 2021
Dec 8 2021
Dec 7 2021
Dec 7 2021
Cheeze_It added a comment to T4024: Access-lists and prefix-lists disappear when setting ldp hello-ipv4-interval.
Now that's......different.
Unknown Object (User) changed the status of T3006: Accel-PPP & vlan-mon config get invalid VLAN from In progress to Needs testing.
There is a task with VRRP scripts problem on reboot:
Dec 6 2021
Dec 6 2021
Unknown Object (User) reopened T4041: "transition-script" doesn't work on "sync-group" as "Open".
I tested this bug on "vyos-1.3-beta-202112060443".
The problem has been partially resolved. If you restart VYOS, scripts on syn-groups don't work. After using the "vrrp restart" command, everything is ok.
Viacheslav added a comment to T4024: Access-lists and prefix-lists disappear when setting ldp hello-ipv4-interval.
To reproduce:
set policy access-list 100 rule 1 source any set policy access-list 100 rule 1 destination any set policy access-list 100 rule 1 action permit set interface ethernet eth1 address 203.0.113.1/24 set protocols mpls ldp discovery transport-ipv4-address 203.0.113.1 set protocols mpls ldp interface eth1 set protocols mpls ldp router-id 203.0.113.1 commit
Access list is present:
vyos@r4-epa2# vtysh -c "show run" | grep access access-list 100 seq 5 permit ip any any [edit]
Add hello interval:
set protocols mpls ldp discovery hello-ipv4-interval 1
There is no access-list anymore
vyos@r4-epa2# commit [edit] vyos@r4-epa2# vtysh -c "show run" | grep access [edit] vyos@r4-epa2#
Viacheslav changed the status of T4024: Access-lists and prefix-lists disappear when setting ldp hello-ipv4-interval from Open to Confirmed.
showipintbri added a comment to T4039: Rsyslog to use 'protocol23format' for protocol UDP.
As mentioned I'm running: VyOS 1.3.0-rc6
Unknown Object (User) changed the status of T3006: Accel-PPP & vlan-mon config get invalid VLAN from Open to In progress.
c-po moved T4052: Validator return traceback on VRRP configuration with the script path not in config dir from Open to Finished on the VyOS 1.4 Sagitta board.
c-po moved T4052: Validator return traceback on VRRP configuration with the script path not in config dir from 1.3.0 to Finished on the VyOS 1.3 Equuleus board.
Viacheslav changed the status of T4052: Validator return traceback on VRRP configuration with the script path not in config dir from In progress to Needs testing.
Viacheslav changed the status of T4033: VRRP - Error security when setting scripts from Open to In progress.
Unknown Object (User) added a comment to T4033: VRRP - Error security when setting scripts.
Viacheslav changed the status of T4052: Validator return traceback on VRRP configuration with the script path not in config dir from Open to In progress.
Unknown Object (User) added a comment to T4033: VRRP - Error security when setting scripts.
We definitely have to delete enable_script_security from https://github.com/vyos/vyos-1x/blob/current/data/templates/vrrp/keepalived.conf.tmpl#L10
Unknown Object (User) added a project to T4033: VRRP - Error security when setting scripts: VyOS 1.4 Sagitta.
Unknown Object (User) added a project to T4052: Validator return traceback on VRRP configuration with the script path not in config dir: VyOS 1.4 Sagitta.
Unknown Object (User) created T4052: Validator return traceback on VRRP configuration with the script path not in config dir.
Unknown Object (User) added a comment to T4033: VRRP - Error security when setting scripts.
I have the same problem. I created a script, but it doesn't work. VRRP Log write that the skript is unsecure.
Dec 5 2021
Dec 5 2021
c-po edited a custom field on T4041: "transition-script" doesn't work on "sync-group".
Dec 4 2021
Dec 4 2021
jestabro edited projects for T2768: Define a high level HTTP API, added: VyOS 1.3 Equuleus, VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.0).
n.fort added a comment to T4041: "transition-script" doesn't work on "sync-group".
It may be related to T4033 ???
Dec 3 2021
Dec 3 2021
Unknown Object (User) edited projects for T3006: Accel-PPP & vlan-mon config get invalid VLAN, added: VyOS 1.4 Sagitta, VyOS 1.3 Equuleus; removed vyos-pppoe-server, vyatta-cfg-op-pppoe.
Unknown Object (User) added a comment to T4041: "transition-script" doesn't work on "sync-group".
I checked it on these versions of VYOS. (VyOS 1.3.0-epa3, VyOS 1.3-beta-202112010443 , VyOS 1.4-rolling-202112021432)
Unknown Object (User) created T4041: "transition-script" doesn't work on "sync-group".
Dec 2 2021
Dec 2 2021
Viacheslav added a comment to T4039: Rsyslog to use 'protocol23format' for protocol UDP.
It is working only for TCP right now
set system syslog host 192.168.122.1 facility all protocol 'tcp' set system syslog host 192.168.122.1 format octet-counted set system syslog host 192.168.122.1 port '1514'
Config:
vyos@r4-epa2# cat /etc/rsyslog.d/vyos-rsyslog.conf ## generated by syslog.py ## ## file based logging $outchannel global,/var/log/messages,262144,/usr/sbin/logrotate /etc/logrotate.d/vyos-rsyslog *.info;local7.debug :omfile:$global ## console logging ## remote logging *.err @@(o)192.168.122.1:1514;RSYSLOG_SyslogProtocol23Format [edit] vyos@r4-epa2#
Nov 29 2021
Nov 29 2021
Viacheslav added a comment to T4013: Add pkg cloudwatch for AWS images.
PR https://github.com/vyos/vyos-build/pull/206
vyos@vyos:~$ show version all | match cloud ii amazon-cloudwatch-agent 1.247349.0b251399-1 amd64 Amazon CloudWatch Agent ii cloud-init 20.4-404-g0a9f4841-1~bddeb all Init scripts for cloud instances vyos@vyos:~$
Unknown Object (User) created T4027: Does not possible to update the system with 512MB of RAM.
Nov 26 2021
Nov 26 2021
23:05:52 DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_vpn_openconnect.py 23:06:04 DEBUG - test_vpn (__main__.TestVpnOpenconnect) ... ok 23:06:07 DEBUG - 23:06:07 DEBUG - ---------------------------------------------------------------------- 23:06:07 DEBUG - Ran 1 test in 11.396s 23:06:07 DEBUG - 23:06:07 DEBUG - OK 23:06:07 DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_vpn_sstp.py 23:06:22 DEBUG - test_accel_local_authentication (__main__.TestVPNSSTPServer) ... ok 23:06:28 DEBUG - test_accel_name_servers (__main__.TestVPNSSTPServer) ... ok 23:06:38 DEBUG - test_accel_radius_authentication (__main__.TestVPNSSTPServer) ... ok 23:06:40 DEBUG - 23:06:41 DEBUG - ---------------------------------------------------------------------- 23:06:41 DEBUG - Ran 3 tests in 32.454s 23:06:41 DEBUG - 23:06:41 DEBUG - OK
Unknown Object (User) changed the status of T4019: Smoketests for SSTP and openconnect fails from Open to In progress.
Unknown Object (User) created T4019: Smoketests for SSTP and openconnect fails .
Nov 24 2021
Nov 24 2021
jestabro added a comment to T3980: vrrp transition-script validator makes warning fatal and also causes a python NameError exception.
The plan is to weaken this to a warning in 'verify'; as summarized above, validators are pass/fail and warnings are not an appropriate response for a validator
erkin closed T1083: Implement persistent/random address and port mapping options for NAT rules, a subtask of T2198: Rewrite NAT in new XML/Python style, as Resolved.
Nov 22 2021
Nov 22 2021
Nov 19 2021
Nov 19 2021
jestabro moved T4003: API for "show interfaces ethernet" does not include the interface description from Need Triage to Finished on the VyOS 1.3 Equuleus board.
jestabro changed the status of T4003: API for "show interfaces ethernet" does not include the interface description from Unknown Status to Resolved.
jestabro triaged T4003: API for "show interfaces ethernet" does not include the interface description as Normal priority.
c-po added a comment to T3987: An error occurs after stopping snmpd in frr.
I would not call this a bug as this is produced on intention.
Nov 18 2021
Nov 18 2021
erkin changed the status of T1083: Implement persistent/random address and port mapping options for NAT rules, a subtask of T2198: Rewrite NAT in new XML/Python style, from Needs testing to In progress.
Nov 17 2021
Nov 17 2021
dmbaturin reopened T1083: Implement persistent/random address and port mapping options for NAT rules, a subtask of T2198: Rewrite NAT in new XML/Python style, as Needs testing.
Nov 15 2021
Nov 15 2021
c-po moved T3982: DHCP server commit fails if static-mapping contains + or . from Open to Finished on the VyOS 1.4 Sagitta board.
jestabro edited projects for T3993: Extend HTTP API GraphQL support, added: VyOS 1.3 Equuleus; removed VyOS 1.3 Equuleus (1.3.0).
Viacheslav added a comment to T3989: Firewall - Can't delete rule in firewall entry and leave just default-action when firewall entry is in used.
Duplicate T1292
Nov 13 2021
Nov 13 2021
Nov 12 2021
Nov 12 2021
jestabro added a comment to T3980: vrrp transition-script validator makes warning fatal and also causes a python NameError exception.
This brings up an interesting issue: validate_value.ml could easily be modified to print warnings, while maintaining T2759 (namely, only print fatal errors if _all_ validators fail for a given setting), however, is this reasonable behaviour ? One would think that a 'validator' is either pass or fail, and if it is just giving a warning, it is no longer a validator.
jestabro claimed T3980: vrrp transition-script validator makes warning fatal and also causes a python NameError exception.
I will take a look; thanks for the report !
ross211 added a comment to T3980: vrrp transition-script validator makes warning fatal and also causes a python NameError exception.
From what I understand this looks to be due to https://github.com/vyos/vyos-utils/blob/master/src/validate_value.ml catching both stdout and stderr output from the validators and only printing the captured output if the validator exit status is 0 so there isn't a way to print warnings unless it always prints the output or handling for a special 'warning' exit code was added.
Nov 11 2021
Nov 11 2021
ross211 added a comment to T3980: vrrp transition-script validator makes warning fatal and also causes a python NameError exception.
This doesn't seem to help, whatever is calling the validator script seems to hide the output unless the exit status is non-zero.
Nov 10 2021
Nov 10 2021
c-po renamed T3982: DHCP server commit fails if static-mapping contains + or . from DHCP server commit fails if static-mapping contains + to DHCP server commit fails if static-mapping contains + or ..
Viacheslav added a comment to T3980: vrrp transition-script validator makes warning fatal and also causes a python NameError exception.
Try to restart vyos-configd after changing script file
Nov 8 2021
Nov 8 2021
olofl added a comment to T3977: dhcp-relay-agent uses "physical" IP instead of vrrp IP.
Just want to know, did you try rfc3768-compatibility?
It probably works that way.
Unfortunately that breaks other parts of our setup.
Viacheslav added a comment to T3977: dhcp-relay-agent uses "physical" IP instead of vrrp IP.
I don't see any option like "source address"
https://manpages.debian.org/testing/isc-dhcp-relay/dhcrelay.8.en.html
olofl updated the task description for T3977: dhcp-relay-agent uses "physical" IP instead of vrrp IP.
Nov 6 2021
Nov 6 2021
syncer moved T1307: add RTL8111/RTL8168 driver from Need Triage to Finished on the VyOS 1.3 Equuleus board.
syncer moved T1251: IKEv2 Agile VPN Support from Need Triage to Finished on the VyOS 1.3 Equuleus board.
syncer moved T1314: Allow BGP on unnumbered interfaces from Need Triage to Finished on the VyOS 1.3 Equuleus board.
syncer moved T1340: 'diff' function malfunction from Need Triage to Finished on the VyOS 1.3 Equuleus board.