Page MenuHomePhabricator
Feed Advanced Search

Dec 17 2018

zsdc created T1111: Misbehaviour of "recent" options in firewall rules.
Dec 17 2018, 9:19 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux ( VyOS 1.2.0-rc11)

Dec 14 2018

zsdc added a comment to T1102: Disabling rp_filter don't work.

Here what I mean.
Before enabling rp_filter:

net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth2.rp_filter = 0
net.ipv4.conf.l2tpeth1.rp_filter = 0
net.ipv4.conf.lo.rp_filter = 0

After enabling:

net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.eth0.rp_filter = 2
net.ipv4.conf.eth1.rp_filter = 2
net.ipv4.conf.eth2.rp_filter = 2
net.ipv4.conf.l2tpeth1.rp_filter = 2
net.ipv4.conf.lo.rp_filter = 2

After disabling:

net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.eth0.rp_filter = 2
net.ipv4.conf.eth1.rp_filter = 2
net.ipv4.conf.eth2.rp_filter = 2
net.ipv4.conf.l2tpeth1.rp_filter = 2
net.ipv4.conf.lo.rp_filter = 2
Dec 14 2018, 3:12 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)

Dec 13 2018

zsdc updated the task description for T1102: Disabling rp_filter don't work.
Dec 13 2018, 10:44 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)
zsdc created T1102: Disabling rp_filter don't work.
Dec 13 2018, 10:42 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)

Dec 5 2018

zsdc created T1083: Implement "--persistent" option to NAT rules.
Dec 5 2018, 9:27 AM · VyOS 1.3 Equuleus

Dec 4 2018

zsdc added a comment to T1000: Broken 6rd tunnel implementation.

Tested with 1.2.0-rolling+201812010337. Still many bugs, very hard to diagnostic it properly.
Minimal list TODO, for we can continue testing:

Dec 4 2018, 3:24 PM · VyOS 1.3 Equuleus
zsdc added a comment to T1025: Command "show routing table XX" don't work (FRRouting bug).

Checked in 1.2.0-rolling+201812010337, all works fine.
Vtysh:

root@vyos:/home/vyos# vtysh
Dec 4 2018, 10:00 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc9)

Dec 3 2018

zsdc created T1078: Problems in RED/WRED implementation (QoS).
Dec 3 2018, 2:43 PM · VyOS 1.3 Equuleus

Nov 26 2018

zsdc created T1050: Wrong queue-limit for fair-queue.
Nov 26 2018, 9:01 PM · VyOS 1.2 Crux (VyOS 1.2.0-EPA3)

Nov 20 2018

zsdc added a comment to T1000: Broken 6rd tunnel implementation.

I will check fix soon.
By creating tunnels without remote side I mean something like:

ip tunnel add sit1 mode sit local 192.168.20.20 ttl 64

This is "vanilla way", as I understand.

Nov 20 2018, 9:44 PM · VyOS 1.3 Equuleus

Nov 18 2018

zsdc created T1025: Command "show routing table XX" don't work (FRRouting bug).
Nov 18 2018, 12:31 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc9)

Nov 15 2018

zsdc created T1018: Incorrect (obsoleted) option "dynamic" for NTP server.
Nov 15 2018, 10:05 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc8)

Nov 11 2018

zsdc created T1000: Broken 6rd tunnel implementation.
Nov 11 2018, 11:15 PM · VyOS 1.3 Equuleus

Oct 28 2018

zsdc added a comment to T945: Unable to change configuration after changing it from script (vbash + script-template).

@dmbaturin after some thinking about this problem I think that doing sg for all script is not a very good idea. There can be a situations, when we wan't to run it from other groups.
By now, I see two ways:

  • add additional parameter to executable option, that will define using script vbash with template or not;
  • move setting up right group to /opt/vyatta/etc/functions/script-template.

Second way seems more practical and easy for configuration migrations.

Oct 28 2018, 8:02 PM · VyOS 1.3 Equuleus
zsdc added a comment to T945: Unable to change configuration after changing it from script (vbash + script-template).

@syncer, thanks for hint. Works with:

[edit]
vyos@vyos# show system task-scheduler 
 task testtask01 {
     crontab-spec @reboot
     executable {
         arguments "vyattacfg /config/scripts/testscript01.script"
         path /usr/bin/sg
     }
 }
[edit]
vyos@vyos#

But this workaround is ugly a little bit (if we want to use arguments for example).
Maybe, better will be if VyOS will do this under the hood, without end-user engagement?

Oct 28 2018, 7:43 PM · VyOS 1.3 Equuleus
zsdc created T945: Unable to change configuration after changing it from script (vbash + script-template).
Oct 28 2018, 7:13 PM · VyOS 1.3 Equuleus