Accidentally committed a crux fix with https://github.com/vyos/vyos-1x/commit/920d87447ca479c311102260e5816ec0f5268a9b
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Jul 26 2020
Jul 26 2020
dmbaturin renamed T1953: DDNS service name validation rejects valid service names from Two custom ddns services to DDNS service name validation rejects valid service names.
dmbaturin moved T2476: Bond member description change leads to network outage from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
dmbaturin moved T2448: `monitor protocol bgp` subcommands fail with 'command incomplete' from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
dmbaturin closed T832: `show monitoring protocols bgp` doesn't work with frr, a subtask of T306: Migration from vyatta-quagga to FRR, as Resolved.
dmbaturin moved T1949: Multihop IPv6 BFD is unconfigurable from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
dmbaturin moved T1974: Allow route-map to set administrative distance from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
dmbaturin changed Version from 1.2+ to 1.2.5 on T1973: Allow route-map to match on BGP local preference value.
dmbaturin added a comment to T1901: Semicolon in values is interpreted as a part of the shell command by validators.
dmbaturin changed the status of T1949: Multihop IPv6 BFD is unconfigurable from Backport candidate to Needs testing.
dmbaturin renamed T2021: OSPFv3 doesn't support decimal area syntax from OSPFv3 allows input of unsupported area notation to OSPFv3 doesn't support decimal area syntax.
dmbaturin renamed T2091: swanctl.conf file is not generated properly if more than one IPsec profile is used from The swanctl.conf file does not generate properly to swanctl.conf file is not generated properly is more than one IPsec profile is used.
dmbaturin removed a project from T2059: Set source-validation on bond vif don't work: Ready for Crux (1.2.x).
dmbaturin closed T2000: strongSwan does not install routes to table 220 in certain cases as Resolved.
dmbaturin removed a project from T1301: bgp peer-groups don't work when "no-ipv4-unicast" is enabled.: Ready for Crux (1.2.x).
dmbaturin closed T1220: Show transceiver information from plugin modules, e.g SFP+, QSFP as Resolved.
Jul 24 2020
Jul 24 2020
https://github.com/FRRouting/frr/issues/6797 Opened an issue with FRR.
Jul 21 2020
Jul 21 2020
Jul 18 2020
Jul 18 2020
dmbaturin added a comment to T2704: connect/disconnect Missing newline in op-mode tab completion helper.
This only happens when there are multiple <path> options.
Jul 15 2020
Jul 15 2020
Jun 28 2020
Jun 28 2020
I suppose "service ids ddos-protection" makes sense indeed.
Jun 25 2020
Jun 25 2020
dmbaturin added a comment to T2651: Generate CLI abstraction for options passed to CURL and SSH client.
I think this is a good idea. Maybe separate the protocols, http-client and ssh-client?
dmbaturin added a comment to T1850: syslog protocol can be set multiple times per facility for the same host.
Or we can make protocol a multi node.
dmbaturin added a comment to T1850: syslog protocol can be set multiple times per facility for the same host.
Since the user can specify both protocols inside, we'll probably have to duplicate the whole things if we detect that.
dmbaturin added a comment to T1928: Is the 'Welcome to VyOS' message when using SSH an information leak?.
Ok, let's switch to an empty banner.
dmbaturin edited projects for T1797: Implement DPDK Fast-Path using FRR's Alternate Forwarding Planes and VPP, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
Apparently the "still in use" check logic really leaves much to be desired. See T1292. I wonder if there's a general fix within the current approach.
dmbaturin edited projects for T1292: Issues while deleting all rules from a firewall, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
That part is rewritten in current already. https://github.com/vyos/vyos-1x/blob/current/op-mode-definitions/show-log.xml#L212
dmbaturin added a project to T2062: Wrong dhcp-server static route subnet bytes: VyOS 1.2 Crux (VyOS 1.2.6).
Turns out it's because the conf mode "allowed: " is escaped and eval'd when it's passed to the shell: https://github.com/vyos/vyatta-cfg/blob/current/src/cstore/cstore.cpp#L756-L762
Could you make a pull request?
I've reviewed the code and it looks good to me.
dmbaturin renamed T1665: prefix-list and prefix-list6 rules incorrectly accept a host address where prefix is required from prefix-list incorrectly accept a host address where prefix is required to prefix-list and prefix-list6 rules incorrectly accept a host address where prefix is required.
dmbaturin renamed T1665: prefix-list and prefix-list6 rules incorrectly accept a host address where prefix is required from Commit failed after delete prefix-list to prefix-list incorrectly accept a host address where prefix is required.
dmbaturin added a comment to T1665: prefix-list and prefix-list6 rules incorrectly accept a host address where prefix is required.
The root cause was insufficient validation.
dmbaturin edited projects for T1467: Loopback interface naming and dummy devices, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
Whichever decision we make, let's not change this in 1.3—there are lots of changes already.
dmbaturin added a project to T1436: Config entries with default values do not correctly show as changed: VyOS 1.4 Sagitta.
This rabbit hole goes deep. It's not just a display issue, but the whole reason we cannot have rollbacks without reboots—there's no way to generate an inverse changeset "thanks" to this.
dmbaturin edited projects for T1429: [DONT FIX] most functions in Interface.pm are broken, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
This task will be resolved by removing Interface.pm altogether.
dmbaturin closed T1221: BGP - Default route injection is not processed by the specific route-map as Resolved.
Glad to hear that!
dmbaturin closed T1219: Redundant active-active configuration, asymmetric routing and conntrack-sync cache as Resolved.
Sorry it took so long! I've cherry-picked it into crux, will be in 1.2.6.
dmbaturin changed Why the issue appeared? from none to implementation-mistake on T2487: VRRP does not display info when group disabled.
Ideally we may want to add an extended "if VRRP configured" check, or make keepalived produce an empty (or special) file when it's running but has no data. For now this fix should do though.
dmbaturin renamed T2455: No support for the IPv6 VTI from Impossible to assign ipv6 address on VTI interface to No support for the IPv6 VTI.
VTI is secretly IPIP, so it doesn't support IPv6. The real issue is that we don't support the IPv6 variant of VTI yet.
The user-data dir actually is preserved on upgrade, it's just the check that is faulty. Need to look into it.
dmbaturin closed T2329: Show remote config openvpn , a subtask of T2322: CLI [op-mode] bugs. Root task, as Resolved.
Added a warning.
dmbaturin added a project to T2155: Cannot set anything on Intel 82599ES 10-Gigabit SFI/SFP+: VyOS 1.3 Equuleus.
dmbaturin renamed T2114: Use unique interface name prefix for each tunnel type from change the syntax for tunnel interfaces to Use unique interface name prefix for each tunnel type.
dmbaturin edited projects for T2114: Use unique interface name prefix for each tunnel type, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
It may be a good idea, but it sure needs a serious and broad discussion. I'm moving it to 1.4 for now, though we may move it back if we have time before the freeze.
dmbaturin closed T2101: Fix VXLAN config option parsing, a subtask of T2057: Generalised Interface configuration, as Resolved.
dmbaturin edited projects for T2038: repository organisation change, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
Since we are heading towards a freeze, I believe it's better to live big changes for later, even though I don't categorically disagree with the idea.
Still reproducible in 1.3-rolling-202006241940
Now that we have an HTTP API, I believe it's time to deprecate vymgmt altogether.
Jun 18 2020
Jun 18 2020
dmbaturin renamed T2311: Statically configured name servers may not take precedence over ones from DHCP from name servers in static configuration can't take effect to Statically configured name servers may not take precedence over ones from DHCP.
dmbaturin changed the status of T1966: segfault of configuration lead to disaster in router from Duplicate to Resolved.
Do not use vyatta-cfg-cmd-wrapper. The script-template takes care of the environment setup and exposes the set/delete/commit command for you to run as if it was an interactive session.
dmbaturin renamed T1089: Segmentation Fault in vyatta-op-cmd-wrapper from Segmentation Fult vyatta-op-cmd-wrapper to Segmentation Fault in vyatta-op-cmd-wrapper.
dmbaturin closed T2026: Make cli-shell-api correctly exit with non-zero code on failures as Resolved.
dmbaturin added a comment to T2026: Make cli-shell-api correctly exit with non-zero code on failures.
dmbaturin added a comment to T1901: Semicolon in values is interpreted as a part of the shell command by validators.
This is a much broader issue in fact, and has nothing to do with VRRP! It's also a possible shell injection, though for values coming from local sources it's irrelevant.
It's updated in current, still needs an update in crux.
Jun 18 2020, 11:18 PM · Restricted Project
dmbaturin edited projects for T2482: Update PowerDNS recursor to 4.3.1 for CVE-2020-10995, added: VyOS 1.2 Crux (VyOS 1.2.6); removed VyOS 1.2 Crux (VyOS 1.2.5).
Jun 18 2020, 11:18 PM · Restricted Project
dmbaturin renamed T1901: Semicolon in values is interpreted as a part of the shell command by validators from Semicolon in values gets past the validator and becomes a part of the value to Semicolon in values is interpreted as a part of the shell command by validators.
dmbaturin renamed T1901: Semicolon in values is interpreted as a part of the shell command by validators from VRRP priority not properly checked to Semicolon in values gets past the validator and becomes a part of the value.
Definitely works fine after the work from T1855
dmbaturin renamed T2303: Unable to delete the image version that came from OVA from Unable to delete system image to Unable to delete the image version that came from OVA.
If more evidence that is valid appears, please reopen.
dmbaturin edited projects for T1577: 'system console powersave' don't work after reboot, added: VyOS 1.2 Crux; removed VyOS 1.2 Crux (VyOS 1.2.6).
dmbaturin edited projects for T1699: Default net.ipv6.route.max_size 32768 is too low, added: VyOS 1.2 Crux (VyOS 1.2.6); removed VyOS 1.2 Crux.
dmbaturin added a project to T1292: Issues while deleting all rules from a firewall: VyOS 1.3 Equuleus.
Sadly, still reproducible. I fear we may want to keep it as a known wart until the firewall rewrite is complete.