Page MenuHomePhabricator
Feed Advanced Search

Fri, Dec 7

dmbaturin added a commit to T1060: Possibility to bypass the webproxy based on source IP address: Unknown Object (Diffusion Commit).
Fri, Dec 7, 1:45 PM · VyOS 1.3.x, vyatta-webproxy
dmbaturin added a parent task for T1060: Possibility to bypass the webproxy based on source IP address: T1090: Webproxy overhaul.
Fri, Dec 7, 1:44 PM · VyOS 1.3.x, vyatta-webproxy
dmbaturin added a subtask for T1090: Webproxy overhaul: T1060: Possibility to bypass the webproxy based on source IP address.
Fri, Dec 7, 1:44 PM · VyOS 1.3.x
dmbaturin triaged T1090: Webproxy overhaul as Low priority.
Fri, Dec 7, 1:43 PM · VyOS 1.3.x

Tue, Dec 4

dmbaturin added a comment to T1075: Unable to build the ISO for VyOS 1.2.0.

@begetan Yeah, very strange. I need to check why this issue re-appeared, hope I'll get it fixed by tomorrow.

Tue, Dec 4, 3:30 PM · VyOS 1.2.x
dmbaturin renamed T1047: Configuration saved on a livecd cannot be carried over to the installed image from Configuration does not propagate to install image. to Configuration saved on a livecd cannot be carried over to the installed image.
Tue, Dec 4, 3:27 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin closed T1019: Enable Google BBR support at kernel compile time as Resolved.
Tue, Dec 4, 12:48 AM · VyOS 1.2.x (VyOS 1.2.0-rc10)

Mon, Dec 3

dmbaturin closed T902: VyOS 1.2.0-rc2 fails to load configuration when conntrack modules are disabled in config as Resolved.

I've tested this configuration again and it works for me, so I suppose it's fixed. If it reapprears, feel free to reopen.

Mon, Dec 3, 3:02 AM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin renamed T888: Cannot set the "system conntrack tcp loose enable" option from conntrack tcp loose error to Cannot set the "system conntrack tcp loose enable" option.
Mon, Dec 3, 3:01 AM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc2)
dmbaturin closed T337: 'show vpn ipsec sa' output wrong when remote or local prefix not in system subnet as Resolved.

@hagbard "show vpn ipsec sa verbose" is now a thin wrapper for "ipsec statusall" so it's not applicable there either. :)

Mon, Dec 3, 2:56 AM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin added a comment to T1047: Configuration saved on a livecd cannot be carried over to the installed image.

...to be fair, I also think there should be a warning when trying to save a config on a livecd. We hear from people once in a while that they forgot they are running from a livecd and lose their config after reboot.

Mon, Dec 3, 1:52 AM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin created T1076: Configuration files are kept in the system when VyOS config is commited but not saved.
Mon, Dec 3, 1:51 AM · VyOS 1.3.x
dmbaturin edited projects for T769: StrongSWAN starts when "vpn ipsec" is not present in the config, added: VyOS 1.2.x (VyOS 1.2.0-rc9); removed VyOS 1.2.x (VyOS 1.2.0-rc10).
Mon, Dec 3, 1:37 AM · VyOS 1.2.x (VyOS 1.2.0-rc9)
dmbaturin closed T769: StrongSWAN starts when "vpn ipsec" is not present in the config as Resolved.

Clearly undesirable behaviour was caused by a combination of two issues: StrongSWAN starting even when IPsec is not present in the VyOS config, and /etc/ipsec.conf staying in place if config was commited but not saved.

Mon, Dec 3, 1:36 AM · VyOS 1.2.x (VyOS 1.2.0-rc9)
dmbaturin renamed T769: StrongSWAN starts when "vpn ipsec" is not present in the config from /etc/ipsec.conf stored persistent with just commit to StrongSWAN starts when "vpn ipsec" is not present in the config.
Mon, Dec 3, 1:33 AM · VyOS 1.2.x (VyOS 1.2.0-rc9)
dmbaturin closed T1006: Eliminate unnecessary IP address validation utilities as Resolved.

The only remaining bit is the valid_address utility, which is much more difficult to remove because it's so pervasive (used by the "address" option in every interface type).

Mon, Dec 3, 1:25 AM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin changed the status of T1047: Configuration saved on a livecd cannot be carried over to the installed image from Open to Needs testing.

The root cause is that /config is not mounted on livecd anymore, due to the difference in startup scripts.

Mon, Dec 3, 1:21 AM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin edited projects for T1007: site-to-site GRE IPSEC VPN fails, added: VyOS 1.2.x ( VyOS 1.2.0-rc11); removed VyOS 1.2.x (VyOS 1.2.0-rc10).
Mon, Dec 3, 12:47 AM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin changed the status of T1007: site-to-site GRE IPSEC VPN fails from Open to Needs testing.
Mon, Dec 3, 12:47 AM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin closed T956: Incorrect output of "run show vpn ipsec sa" as Resolved.

Ok, the issue is that StrongSWAN uses different format for SAs with zero and non-zero counters!

Mon, Dec 3, 12:43 AM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin added a comment to T1007: site-to-site GRE IPSEC VPN fails.

@jakevis This exact config works for me in rc9. Could you update and re-test?

Mon, Dec 3, 12:10 AM · VyOS 1.2.x ( VyOS 1.2.0-rc11)

Sun, Dec 2

dmbaturin edited projects for T962: Intel 520 card requires modprobe option when using non-Intel SFP, added: VyOS 1.2.x (VyOS 1.2.0-rc8); removed VyOS 1.2.x (VyOS 1.2.0-rc10).
Sun, Dec 2, 11:42 PM · VyOS 1.2.x (VyOS 1.2.0-rc8)
dmbaturin closed T962: Intel 520 card requires modprobe option when using non-Intel SFP as Resolved.

This should have been resolved by https://github.com/vyos/vyos-build/commit/2896acaf144a6091576e10b65e477ea35243b3c2

Sun, Dec 2, 11:41 PM · VyOS 1.2.x (VyOS 1.2.0-rc8)
dmbaturin added a comment to T1026: Removing tunnel deletes all tunnels?.

I could not reproduce it, in its simplest form:

Sun, Dec 2, 11:32 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)

Sat, Dec 1

dmbaturin removed a project from T1073: "bridge-group" option is missing for tunnel intefaces: VyOS 1.2.x ( VyOS 1.2.0-rc11).
Sat, Dec 1, 8:49 PM
dmbaturin closed T1073: "bridge-group" option is missing for tunnel intefaces as Invalid.

It is a known design weirdness. That command is "set interfaces tunnel tun0 parameters ip bridge-group bridge br0". Don't ask why. We should make the CLI more intuitive some time, but the functionality is there.

Sat, Dec 1, 8:48 PM

Thu, Nov 29

dmbaturin closed T1001: show config commands - breaks when using backslashes in values as Resolved.

@arne I think it's a sensible workaround. It's an interesting design question whether we should escape backslashes in config output.

Thu, Nov 29, 12:56 AM · VyOS 1.2.x (VyOS 1.2.0-rc10)

Wed, Nov 28

dmbaturin closed T969: Console device speed has no effect on GRUB configuration as Resolved.
Wed, Nov 28, 11:54 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin added a comment to T969: Console device speed has no effect on GRUB configuration.

I've verified that it writes the grub.cfg correctly now.

Wed, Nov 28, 11:53 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin changed the status of T996: add hyperv-daemons from Open to Needs testing.
Wed, Nov 28, 11:46 PM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc9)
dmbaturin changed the status of T996: add hyperv-daemons, a subtask of T995: Create image for Hyper-V, from Open to Needs testing.
Wed, Nov 28, 11:46 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin added a comment to T996: add hyperv-daemons.

The daemons package is in the rc9. Could anyone test in Hyper-V if it works as expected?

Wed, Nov 28, 11:40 PM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc9)
dmbaturin added a comment to T997: BGP crash.

I'm putting this on hold until we receive a reproducible procedure for testing this.

Wed, Nov 28, 11:36 PM · VyOS-1.2.0-LTS
dmbaturin changed the status of T997: BGP crash from Open to On hold.
Wed, Nov 28, 11:35 PM · VyOS-1.2.0-LTS
dmbaturin added a comment to T1046: Maximum CPU limit should be increased to 256 to accomodate high end servers.

I hope 256 will be enough for everyone. ;)

Wed, Nov 28, 11:32 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin renamed T1046: Maximum CPU limit should be increased to 256 to accomodate high end servers from Dell R940 maximum cpu count limit to Maximum CPU limit should be increased to 256 to accomodate high end servers.
Wed, Nov 28, 11:31 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin closed T1046: Maximum CPU limit should be increased to 256 to accomodate high end servers as Resolved.

Did anything happen to the github integration?

Wed, Nov 28, 11:30 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin added a comment to T1056: Console is slugish.

Will just setting it to =n solve the problem?

Wed, Nov 28, 11:24 PM · VyOS 1.2.x ( VyOS 1.2.0-rc12)
dmbaturin added a comment to T1014: Mellanox cards, problem with interrupts.

@oliko Could you retest it with rc9, which uses a 4.19.4 kernel?

Wed, Nov 28, 11:24 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin changed the status of T1014: Mellanox cards, problem with interrupts from Open to In progress.
Wed, Nov 28, 11:23 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin closed T816: ipaddrcheck / libcidr but on IPv6 network validation as Resolved.

Apparently we do not have phabricator integration setup for the ipaddrcheck repo, since it didn't pick this commit up: https://github.com/vyos/ipaddrcheck/commit/21c0775c51da1ca3d4ef6506fca82bce5b334c79

Wed, Nov 28, 11:21 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)

Mon, Nov 26

dmbaturin closed T1034: OSPF routes not redistributing into BGP as Resolved.
Mon, Nov 26, 8:04 PM · VyOS 1.2.x (VyOS 1.2.0-rc9)

Sun, Nov 25

dmbaturin renamed T956: Incorrect output of "run show vpn ipsec sa" from VPN site-to-site status bug to Incorrect output of "run show vpn ipsec sa".
Sun, Nov 25, 9:11 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin renamed T252: VTI tunnel SA is incorrectly displayed as down when it's in fact up from [Revise] Bug 183 - VTI will not be up automatic when IPsec SA up. to VTI tunnel SA is incorrectly displayed as down when it's in fact up.
Sun, Nov 25, 8:34 PM · VyOS 1.2.x (VyOS 1.2.0-rc8)
dmbaturin closed T252: VTI tunnel SA is incorrectly displayed as down when it's in fact up as Resolved.

This should have been resolved by T956, but if it reappears or the fix turns out incomplete, feel free to reopen.

Sun, Nov 25, 8:34 PM · VyOS 1.2.x (VyOS 1.2.0-rc8)
dmbaturin edited projects for T306: Migration from vyatta-quagga to FRR, added: VyOS 1.2.x (VyOS 1.2.0-rc1); removed VyOS 1.2.x (VyOS 1.2.0-rc9).
Sun, Nov 25, 8:22 PM · VyOS 1.2.x (VyOS 1.2.0-rc1), vyos-frr
dmbaturin closed T306: Migration from vyatta-quagga to FRR as Resolved.

Since most of the work is done and every release candidate of 1.2.0 has been using FRR already, I suppose we should close it. Remaining issues that are causes by FRR incompatibilities should, and are getting their own tasks anyway.

Sun, Nov 25, 8:22 PM · VyOS 1.2.x (VyOS 1.2.0-rc1), vyos-frr
dmbaturin added a comment to T1041: DNS forwarding always requires an upstream recursor - but not needed with PowerDNS Recursor.

Is the root hints file included in the package? I can't find it. Or it has a built-in list of root servers?

Sun, Nov 25, 8:20 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin edited projects for T1041: DNS forwarding always requires an upstream recursor - but not needed with PowerDNS Recursor, added: VyOS 1.2.x (VyOS 1.2.0-rc10); removed VyOS 1.2.x (VyOS 1.2.0-rc9).
Sun, Nov 25, 8:20 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin added a comment to T445: iptables error with policy routing.

Since the fix is far from trivial, a workaround exists, and the entire PBR subsystem is due for a rewrite in the next release, I'm moving this to 1.3.x.

Sun, Nov 25, 8:16 PM · VyOS 1.3.x
dmbaturin lowered the priority of T445: iptables error with policy routing from High to Normal.
Sun, Nov 25, 8:16 PM · VyOS 1.3.x
dmbaturin closed T981: Decimal notation on OSPFv3 passes validation but fails commit. as Resolved.

This issue existed in Quagga as well, so I'm simply disallowing decimal notation.

Sun, Nov 25, 8:13 PM · VyOS 1.2.x (VyOS 1.2.0-rc9)
dmbaturin changed Why the issue appeared? from none to third-party on T956: Incorrect output of "run show vpn ipsec sa".
Sun, Nov 25, 7:50 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin claimed T956: Incorrect output of "run show vpn ipsec sa".
Sun, Nov 25, 7:50 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin added a comment to T956: Incorrect output of "run show vpn ipsec sa".

@Line2 Could you attach the IPsec config and the output of "sudo ipsec statusall"?

Sun, Nov 25, 7:09 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)

Thu, Nov 22

dmbaturin closed T1032: Install awscli package by default on AWS images as Resolved.

Good idea, thanks! I've applied the patch and will push it shortly.

Thu, Nov 22, 9:18 PM · VyOS 1.2.x (VyOS 1.2.0-rc9), AWS Support
dmbaturin edited projects for T1032: Install awscli package by default on AWS images, added: VyOS 1.2.x (VyOS 1.2.0-rc9); removed VyOS 1.2.x.
Thu, Nov 22, 9:04 PM · VyOS 1.2.x (VyOS 1.2.0-rc9), AWS Support

Mon, Nov 19

dmbaturin renamed T969: Console device speed has no effect on GRUB configuration from Console Device Speed not Honored after Grub to Console device speed has no effect on GRUB configuration.
Mon, Nov 19, 9:00 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)

Sun, Nov 18

dmbaturin changed the status of T956: Incorrect output of "run show vpn ipsec sa" from Open to In progress.
Sun, Nov 18, 8:24 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin added a comment to T956: Incorrect output of "run show vpn ipsec sa".

A long standing problem indeed. StrongSWAN changed its output format, I cannot say it was for the better.

Sun, Nov 18, 8:24 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin closed T992: Add an option for enabling layer 4 multipath as Resolved.
Sun, Nov 18, 6:30 PM · VyOS 1.2.x (VyOS 1.2.0-rc8)
dmbaturin closed T573: Update IPv6 firewall rules to support matching of hop-limit as Resolved.

@rps Sorry for late reply. I would prefer a git format patch of course, but I've merged it by hand and it seems to work fine. It will be in tomorrow's release candidate and today's nightly build.

Sun, Nov 18, 6:15 PM · VyOS 1.2.x (VyOS 1.2.0-rc8)
dmbaturin changed the status of T961: Does not seem to work with 4 port XL710 Intel NIC's. I believe needs drivers from Open to In progress.

Looks like this was reported before we released the first version with 4.19 kernel. Please re-test with rc7 and let us know if you still have this issue.

Sun, Nov 18, 6:01 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin changed the status of T1000: Broken 6rd tunnel implementation from Open to In progress.
Sun, Nov 18, 6:00 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin added a comment to T1000: Broken 6rd tunnel implementation.

I think I've fixed it enough to give it meaningful testing.

Sun, Nov 18, 5:59 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin changed the status of T941: BGP neighbours with IPv6 link-local addresses from Open to In progress.
Sun, Nov 18, 2:47 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin closed T1011: FTP connection tracking slightly broken as Resolved.
Sun, Nov 18, 2:46 PM · VyOS 1.2.x (VyOS 1.2.0-rc8)
dmbaturin edited projects for T997: BGP crash, added: VyOS 1.2.x (VyOS 1.2.0-rc9); removed VyOS 1.2.x (VyOS 1.2.0-rc8).
Sun, Nov 18, 2:46 PM · VyOS-1.2.0-LTS
dmbaturin added a comment to T997: BGP crash.

Deleting neighbors, as such, works, so we need an exact reproducing procedure.

Sun, Nov 18, 2:45 PM · VyOS-1.2.0-LTS
dmbaturin edited projects for T375: WAN failover, not to balance the load, added: VyOS 1.2.x (VyOS 1.2.0-rc9); removed VyOS 1.2.x (VyOS 1.2.0-rc8).
Sun, Nov 18, 2:10 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin added a comment to T375: WAN failover, not to balance the load.

Since WAN load balancing/failover is due for complete rewrite, perhaps it's better to move this to 1.3.0

Sun, Nov 18, 2:09 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)
dmbaturin added a comment to T941: BGP neighbours with IPv6 link-local addresses.

It is not possible to use this exact syntax in FRR, and it's not possible to fake it in the current BGP script either. It is possible to add a new "interface" option to match the FRR CLI though.

Sun, Nov 18, 12:20 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11)

Sat, Nov 17

dmbaturin removed a project from T1021: Add "description" node to the next-hop node: VyOS 1.2.x.
Sat, Nov 17, 11:13 AM
dmbaturin closed T1021: Add "description" node to the next-hop node as Invalid.

Good ol' Occam says no. We already have a general mechanism for that, and I think as we rewrite code, we may want to get rid of the description fields that predate that mechanism.

Sat, Nov 17, 11:06 AM

Nov 14 2018

WiXZlo awarded T686: 'run show openvpn client-status' is not displaying local tunnel address a Like token.
Nov 14 2018, 7:12 AM · VyOS 1.2.x ( VyOS 1.2.0-rc11)

Nov 13 2018

dmbaturin triaged T1006: Eliminate unnecessary IP address validation utilities as Normal priority.
Nov 13 2018, 5:38 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)

Nov 12 2018

dmbaturin renamed T999: "strip-private" doesn't strip pre-shared-secret from "strip-private" dont strip pre-shared-secret to "strip-private" doesn't strip pre-shared-secret.
Nov 12 2018, 7:03 PM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin renamed T964: Deprecated FRR command warnings when deleting or modifying community-list, extcommunity-list, or largecommunity-list from Deprecated FRR function to Deprecated FRR command warnings when deleting or modifying community-list, extcommunity-list, or largecommunity-list.
Nov 12 2018, 4:49 PM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin changed the status of T969: Console device speed has no effect on GRUB configuration from Open to In progress.
Nov 12 2018, 4:09 PM · VyOS 1.2.x (VyOS 1.2.0-rc10)
dmbaturin closed T740: User UID not properly set when add/deleting users as Resolved.
Nov 12 2018, 4:08 PM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin renamed T991: Can't delete a route-map "set as-path-exclude" option from Can't delete route-map if using as-path-exclude to Can't delete a route-map "set as-path-exclude" option.
Nov 12 2018, 12:51 AM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin added a comment to T991: Can't delete a route-map "set as-path-exclude" option.

I've also reported the issue to FRR: https://github.com/FRRouting/frr/issues/3309

Nov 12 2018, 12:50 AM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin renamed T994: "monitor bandwidth-test initiate" command fails with an "option requires an argument" error from "monitor bandwidth-test initiate" command fails with a "missing arguments" error to "monitor bandwidth-test initiate" command fails with an "option requires an argument" error.
Nov 12 2018, 12:32 AM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin renamed T994: "monitor bandwidth-test initiate" command fails with an "option requires an argument" error from monitor bandwidth-test initiate - missing arguments to "monitor bandwidth-test initiate" command fails with a "missing arguments" error.
Nov 12 2018, 12:31 AM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin added a comment to T994: "monitor bandwidth-test initiate" command fails with an "option requires an argument" error.

The argument number in the command definition was wrong.

Nov 12 2018, 12:30 AM · VyOS 1.2.x (VyOS 1.2.0-rc7)

Nov 11 2018

dmbaturin renamed T977: Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x from Permission denied error when performing config rollback to Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x.
Nov 11 2018, 11:47 PM · VyOS 1.2.x ( VyOS 1.2.0-rc11), VyOS-1.2.0-LTS
dmbaturin created T992: Add an option for enabling layer 4 multipath.
Nov 11 2018, 4:10 PM · VyOS 1.2.x (VyOS 1.2.0-rc8)
dmbaturin closed T964: Deprecated FRR command warnings when deleting or modifying community-list, extcommunity-list, or largecommunity-list as Resolved.

The last bit is blocked by https://github.com/FRRouting/frr/issues/3308 , but otherwise it's done now.

Nov 11 2018, 3:52 PM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin claimed T964: Deprecated FRR command warnings when deleting or modifying community-list, extcommunity-list, or largecommunity-list.
Nov 11 2018, 3:51 PM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin edited projects for T977: Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x, added: VyOS 1.2.x (VyOS 1.2.0-rc8); removed VyOS 1.2.x (VyOS 1.2.0-rc7).
Nov 11 2018, 10:50 AM · VyOS 1.2.x ( VyOS 1.2.0-rc11), VyOS-1.2.0-LTS
dmbaturin added a comment to T977: Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x.

I couldn't reproduce the issue on my rc6 setup. We'll need exact reproducing steps.

Nov 11 2018, 10:50 AM · VyOS 1.2.x ( VyOS 1.2.0-rc11), VyOS-1.2.0-LTS
dmbaturin edited projects for T695: Address-group commits with duplicate, but fails when adding rule later., added: VyOS 1.3.x; removed VyOS 1.2.x (VyOS 1.2.0-rc7).
Nov 11 2018, 10:49 AM · VyOS 1.3.x
dmbaturin added a comment to T695: Address-group commits with duplicate, but fails when adding rule later..

The range feature is quite problematic since IPset doesn't really support ranges, and "ipset -A foo 192.0.2.10-192.0.2.20" really adds 20 addressed to the group "foo". Thus, if you add a range and then add a single address to that range, and then delete that address (or the range), your IPset setup ends up in an inconsistent state where that address is supposed to be there according to the VyOS config, but actually isn't.

Nov 11 2018, 10:49 AM · VyOS 1.3.x
dmbaturin renamed T171: Unable to delete a firewall fule from Unable to Delete Rule to Unable to delete a firewall fule.
Nov 11 2018, 10:26 AM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin closed T171: Unable to delete a firewall fule as Resolved.

I cannot reproduce it in rc6, either with zone-policy or without. I guess the pull request fixed it.

Nov 11 2018, 10:26 AM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin merged T374: Different default IKE DH Group behaviour between v1.1.7 and v999 Nightlies into T674: IPsec script neither sets a default DH group for IKE nor warns that it should be set.
Nov 11 2018, 10:14 AM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc1)
dmbaturin merged task T374: Different default IKE DH Group behaviour between v1.1.7 and v999 Nightlies into T674: IPsec script neither sets a default DH group for IKE nor warns that it should be set.
Nov 11 2018, 10:14 AM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin closed T968: IPv4 BGP prefix lists not applying correctly as Resolved.

Good catch!

Nov 11 2018, 9:35 AM · VyOS 1.2.x (VyOS 1.2.0-rc7)
dmbaturin closed T982: received-routes returns "Inbound soft reconfiguration not enabled" despite being enabled as Resolved.
Nov 11 2018, 9:03 AM · VyOS 1.2.x (VyOS 1.2.0-rc7)

Nov 5 2018

dmbaturin closed T960: /etc/ha.d/haresources 4096-character line length limit as Resolved.
Nov 5 2018, 9:03 PM · VyOS-1.2.0-LTS, VyOS 1.2.x (VyOS 1.2.0-rc6)