Page MenuHomeVyOS Platform
Feed Advanced Search

Jun 27 2020

elbandi added a comment to T2159: webproxy log read from wrong file.

i think, the squid access log doesnt go to the log/messages.
And sorry, i wasnt accurate. this is the issue: access log is in var/log/squid3/ directory not in var/log/squid/.
two file is affected: https://github.com/vyos/vyatta-webproxy/blob/current/templates-op/show/webproxy/log/node.def and https://github.com/vyos/vyatta-webproxy/blob/current/templates-op/monitor/webproxy/access-log/node.def

Jun 27 2020, 12:34 PM · VyOS 1.3 Equuleus (1.3.0), vyatta-webproxy

May 10 2020

elbandi added a comment to T2267: equuleus: Autogenerating deb package version number for internal packages.

For _stable_ release build, you need a fixed point in every vyos/vyatta package (vyos-1x=1.3.1, vyos-netplug=1.2.9.2-3, vyos-opennhrp=0.14.1-1, etc), so you have to release every package, something like 'Oh, this package is in this point stable enought for a stable release', and the stable iso contains this stable packages. But the development doesnt stop, some packages receive new fetaures. Until stable packages are waiting for each other, need a versioning for daily snapshot. for that, the commit count based versioning is good.

May 10 2020, 8:11 PM · VyOS 1.3 Equuleus (1.3.7)
elbandi added a comment to T2267: equuleus: Autogenerating deb package version number for internal packages.
VER=$(dpkg-parsechangelog --show-field Version)
COMMIT_COUNTS=$(git rev-list $VER.. --count)
LAST_ID=$(git rev-parse --short HEAD)
git config user.name "Vyos CI"
git config user.email [email protected]
gbp dch --full -s $VER -D unstable -U low -N $VER+dev$COMMIT_COUNTS-git$LAST_ID --ignore-branch --git-author
May 10 2020, 1:16 PM · VyOS 1.3 Equuleus (1.3.7)
elbandi added a comment to T2267: equuleus: Autogenerating deb package version number for internal packages.

i would leave the items in changelog, just every changelog items have git tag. if there is a new release (=new _stable_ release iso), make a new changelog item + git tag.
and for the development packages use your versioning: 1.3.0-17+dev<commitcountfromtag>-git<commit-id>
anyway, there is a "gbp dch" command can generate entries from Git commit messages. you you can fill the "dev" changelog entries with real commit messages. you can set the versionstring too.

May 10 2020, 10:45 AM · VyOS 1.3 Equuleus (1.3.7)

May 9 2020

elbandi added a comment to T2267: equuleus: Autogenerating deb package version number for internal packages.

you can use '+' and '~' chars in versions. plus gives newer version (1.2.3-4-5+foo32 > 1.2.3-4-5 ) but less than the new upstream (1.2.3-4-6 > 1.2.3-4-5+foo32), tilde gives older version (1.2.3-4-5~foo-2 < 1.2.3-4-5 )
i always use + for my own builds, thats gives me newer package version than ubuntu/debian version.

May 9 2020, 7:37 PM · VyOS 1.3 Equuleus (1.3.7)

Apr 29 2020

elbandi created T2400: OpenVPN: dont restart server if no need.
Apr 29 2020, 2:09 PM · VyOS 1.3 Equuleus ( 1.3.1)

Apr 26 2020

elbandi added a comment to T2381: OpenVPN: openvpn-option parsed/rendered improperly.

Just call the multiple options other name (like 'option'), and admin can modify they config if they want. no need a IM migrate script.
And leave the openvpn-option for raw option, if someone want to make a magic things in openvpn.
(like, in dhcp server, static mapping has option tagnode for "Host-specific settings" and static-mapping-parameters for raw hacking :)

Apr 26 2020, 3:55 PM · VyOS 1.3 Equuleus (1.3.0)
elbandi added a comment to T2381: OpenVPN: openvpn-option parsed/rendered improperly.

sould rewrite to multioption:

Apr 26 2020, 11:04 AM · VyOS 1.3 Equuleus (1.3.0)

Apr 23 2020

elbandi added a comment to T2133: ipv6 disable not working.

sorry, i'm not a hacker, so i dont know any attach vector. :( But it does not mean that it does not exist.

Apr 23 2020, 10:20 PM · VyOS 1.3 Equuleus (1.3.7), test, vyatta-cfg-system, vyatta-ipv6-rtradv
elbandi added a comment to T2339: OpenVPN: IPv4 no longer working after adding IPv6 support.

@jjakob detect_if_systemipv6_is_disabled just an idea, but looking to interfaces-openvpn.py, it's easy:

Apr 23 2020, 12:00 PM · VyOS 1.3 Equuleus (1.3.0)
elbandi added a comment to T2339: OpenVPN: IPv4 no longer working after adding IPv6 support.

This code doesnt break if ipv6 is disabled by system wide:

Apr 23 2020, 12:09 AM · VyOS 1.3 Equuleus (1.3.0)

Apr 10 2020

elbandi added a comment to T1538: Update conntrack-sync packages to fix VRRP issues.

The new conntract package depend in newer libnetfilter. but you dont need to rebuild the package, just download the debs.

Apr 10 2020, 3:03 PM · VyOS 1.3 Equuleus (1.3.0)

Mar 28 2020

elbandi added a comment to T2133: ipv6 disable not working.

it's enabled by default.

Mar 28 2020, 2:06 PM · VyOS 1.3 Equuleus (1.3.7), test, vyatta-cfg-system, vyatta-ipv6-rtradv

Mar 25 2020

elbandi created T2161: snmpd cannot start if ipv6 disabled.
Mar 25 2020, 10:06 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

Mar 24 2020

elbandi renamed T2159: webproxy log read from wrong file from squid webproxylog read from wrong file to webproxy log read from wrong file.
Mar 24 2020, 8:35 PM · VyOS 1.3 Equuleus (1.3.0), vyatta-webproxy
elbandi created T2159: webproxy log read from wrong file.
Mar 24 2020, 8:32 PM · VyOS 1.3 Equuleus (1.3.0), vyatta-webproxy
elbandi added a comment to T2133: ipv6 disable not working.

https://github.com/vyos/vyos-1x/pull/263
https://github.com/vyos/vyatta-cfg-system/pull/121

Mar 24 2020, 12:32 PM · VyOS 1.3 Equuleus (1.3.7), test, vyatta-cfg-system, vyatta-ipv6-rtradv

Mar 20 2020

elbandi added a comment to T2054: Changing "system name-server" doesn't update dns forwarding config, neither does "restart dns forwarding".

just note. our fw is using own dns forwarder for resolv, because the internal ip reverse addresses are redirected to local dns server.
so plase handle this situation too.

Mar 20 2020, 11:40 AM · VyOS 1.3 Equuleus (1.3.0)

Mar 17 2020

elbandi added a comment to T1538: Update conntrack-sync packages to fix VRRP issues.

https://salsa.debian.org/pkg-netfilter-team/pkg-conntrack-tools/-/merge_requests/1
if he merge the PR, we can use it!

Mar 17 2020, 8:07 PM · VyOS 1.3 Equuleus (1.3.0)
elbandi updated the task description for T2133: ipv6 disable not working.
Mar 17 2020, 4:05 PM · VyOS 1.3 Equuleus (1.3.7), test, vyatta-cfg-system, vyatta-ipv6-rtradv
elbandi triaged T2133: ipv6 disable not working as Normal priority.
Mar 17 2020, 4:04 PM · VyOS 1.3 Equuleus (1.3.7), test, vyatta-cfg-system, vyatta-ipv6-rtradv

Mar 5 2020

elbandi added a comment to T118: Native Zabbix Support.

from https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agentd

Mar 5 2020, 11:46 PM · Restricted Project, VyOS 1.4 Sagitta

Mar 3 2020

elbandi added a comment to T2062: Wrong dhcp-server static route subnet bytes.

Here is a solution (based from https://github.com/jansegre/dhcplib/blob/master/dhcplib/rfc.py#L225-L232):

Mar 3 2020, 12:29 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux (VyOS 1.2.6)

Mar 2 2020

elbandi created T2092: dhcp-server rfc3442 static route should add default route.
Mar 2 2020, 11:26 PM · VyOS 1.3 Equuleus (1.3.0)
elbandi added a comment to T1968: Allow multiple static routes in dhcp-server.

For 1.3, i use this: https://github.com/Elbandi/vyos-1x/commit/f364770fdb5ea8b61d42cb22ca428604d9c6b1df

Mar 2 2020, 11:10 PM · VyOS 1.4 Sagitta

Feb 28 2020

elbandi added a comment to T1538: Update conntrack-sync packages to fix VRRP issues.

That's bad, because debian stable (=buster) is fixing security bugs only. They will not fix/add this patches to conntrack package, they leave conntrack buggy. So you sould build an own conntrack-tools package for 1.3 too :( If not, vyos will be less good software.

Feb 28 2020, 10:34 PM · VyOS 1.3 Equuleus (1.3.0)

Feb 27 2020

elbandi added a comment to T2056: Building images using vyos-build Docker container error .

i think, you sould use crux branch for 1.2 build, current branch is 1.3

Feb 27 2020, 11:02 AM · Rejected

Feb 22 2020

elbandi created T2062: Wrong dhcp-server static route subnet bytes.
Feb 22 2020, 11:51 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux (VyOS 1.2.6)

Feb 20 2020

elbandi added a comment to T1538: Update conntrack-sync packages to fix VRRP issues.

It's an upstream bug as @xrobau said. vyos dev sould upgrade https://github.com/vyos/conntrack-tools repo, and apply this patch:
https://git.netfilter.org/conntrack-tools/commit/?id=c12fa8df76752b0a011430f069677b52e4dad164

Feb 20 2020, 1:56 PM · VyOS 1.3 Equuleus (1.3.0)

Dec 13 2019

elbandi added a comment to T1806: Add missing documentation on how to use quote characters inside dhcp-server raw parameters.

Yepp, the issue is the quotes in dhcp server config (like the sample line i wrote).
i think, duplicates functionality doesnt matter, there are already such duplications: global-parameters, subnet-parameters, etc. That are for raw settings, if someone want a magic things in dhcp. But adding normal options to static-mapping-parameters are just a workaround.

Dec 13 2019, 11:32 AM · Restricted Project

Nov 14 2019

elbandi created T1806: Add missing documentation on how to use quote characters inside dhcp-server raw parameters.
Nov 14 2019, 2:48 PM · Restricted Project

Nov 13 2019

elbandi created T1805: vyos-build adding host system mdadm config to iso.
Nov 13 2019, 10:45 PM · VyOS 1.5 Circinus