Yes, closing this ...
Feed All Stories
Oct 14 2021
Oct 14 2021
c-po added a comment to T3801: containers: do not use podman CLI to create container networks.
Viacheslav added a comment to T3801: containers: do not use podman CLI to create container networks.
@c-po Is it already implemented with commit https://github.com/vyos/vyos-1x/commit/ae2dc55aa68679e828d4bb133fc515172c081d0f ?
Fixed, VyOS 1.4-rolling-202110130217
vyos@r1-roll:~$ show nat source rules Rule Source Translation Outbound Interface ---- ------ ----------- ------------------ 3 192.168.0.0/24 masquerade eth0
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
UnicronNL closed T3908: [CLOUDINIT] if the fqdn has no domain name cloudinit will fail to run as Invalid.
Is a double task, it looks like the package is not update upstream.
jestabro added a comment to T3876: Replace vyos-netplug with a VyOS link state monitor service.
n.fort added a comment to T3907: Firewall - Set log levels.
Maybe, but if the effort is made in order to be able to configure log level, it would be good that it can be set in different levels.
I'm thinking in a mix scenario, where majority of rules may log with info/debug level (for example default accept rules), while other rules may need a warning/error level (some drop rules).
Viacheslav added a comment to T3907: Firewall - Set log levels.
As for me, it should be configured in the global firewall log level, not per rule.
set firewall log-level x
Viacheslav added a comment to T3832: Allow to set DHCP client-id in hexadecimal format.
Viacheslav changed the status of T3832: Allow to set DHCP client-id in hexadecimal format from Open to In progress.
Viacheslav reassigned T3865: loadkey command help text missing escape sequence from Viacheslav to chaya2z.
Viacheslav changed the status of T3865: loadkey command help text missing escape sequence from Open to In progress.
Viacheslav moved T3763: wireguard checks if port already binding from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T3906: [Traffic Control] Invalid Port Configuration Still Commits.
The real bug is it shouldn't allow port-range values as it is not implemented.
Or just add this feature T2798
trae32566 awarded T2798: Allow port range in tc filter a Like token.
SquirePug added a comment to T3896: Extend ocserv support to allow for per-group configs.
For this we create text files as the group-config includes (they contain route and other per group config directives, generally around security).
Oct 13 2021
Oct 13 2021
Georgiy-Tugai awarded T3008: Migrate from ntpd to chronyd a Like token.
Georgiy-Tugai added a comment to T3008: Migrate from ntpd to chronyd.
Does anyone understand the meaning of these performance data? I don’t know the unit of these data
c-po moved T3904: NTP pool associations silently fail from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa2) board.
c-po moved T3904: NTP pool associations silently fail from Need Triage to Finished on the VyOS 1.4 Sagitta board.
FileGo added a comment to T3902: Firewall does not load on boot, address-group not found, even though it exists.
If I change the double-quotes to single-quotes for all the rules in that firewall, I get this (no changes detected):
c-po moved T3277: DNS Forwarding - reverse zones from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa2) board.
c-po moved T3277: DNS Forwarding - reverse zones from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Oct 12 2021
Oct 12 2021
Viacheslav moved T3868: Regex and/or wildcard not accepted with large-community-list from Need Triage to Finished on the VyOS 1.4 Sagitta board.
@foxbox Will be fixed in the next rolling release.
Viacheslav added a comment to T3868: Regex and/or wildcard not accepted with large-community-list.
Hydra166 added a comment to T3891: X550-T2/Possibly other X550/X540 cards no link on VyOS.
Messaged
Viacheslav changed the status of T3868: Regex and/or wildcard not accepted with large-community-list from Open to In progress.
Viacheslav moved T3881: Wrong description for container section restart from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T3478: Radius.
@BiMW Can you re-check it?
Viacheslav closed T3701: ipoe server fails to start when configuring radius dynamic-author on ipoe as Resolved.
Not reproducible, VyOS 1.4-rolling-202109300217
set service ipoe-server authentication radius dynamic-author key 'ssss' set service ipoe-server authentication radius dynamic-author server '192.168.122.11' set service ipoe-server authentication radius nas-ip-address '192.168.122.11' set service ipoe-server authentication radius server 192.168.122.11 key 'ciscoradiuskey' set service ipoe-server interface eth1 client-subnet '192.0.2.0/24'
Viacheslav added a comment to T3902: Firewall does not load on boot, address-group not found, even though it exists.
@FileGo Can you replace double-quotes with single-quotes?
Viacheslav closed T3216: Removal of restricted-shell broke configure mode for RADIUS users, a subtask of T671: Identify and remove dead code, as Resolved.
Viacheslav closed T3216: Removal of restricted-shell broke configure mode for RADIUS users as Resolved.
Fixed
sever@sever:~$ ssh [email protected]
lucasec added a comment to T562: PDNS: Add support for authoritative dns server.
Viacheslav added a project to T3896: Extend ocserv support to allow for per-group configs: VyOS 1.4 Sagitta.
PeppyH added a comment to T3896: Extend ocserv support to allow for per-group configs.
Oct 11 2021
Oct 11 2021
Viacheslav closed T2607: Support for pppoe-server radius mode auth and config radius accouting port as Resolved.
Present in 1.4 and 1.3.0-epa1
set service pppoe-server authentication radius server 192.0.2.1 acct-port Possible completions: <1-65535> Numeric IP port (default: 1813)
Viacheslav added a comment to T3510: RADIUS usersname is not shown on CLI.
@c-po in 1.3.0-epa1 works fine.
c-po added a comment to T3510: RADIUS usersname is not shown on CLI.
What about 1.3.0-epa1?
Viacheslav reopened T3510: RADIUS usersname is not shown on CLI as "Open".
Re-opened, the same bug in VyOS 1.4-rolling-202109300217
sever@sever:~/docker$ ssh [email protected]
Viacheslav added a comment to T3896: Extend ocserv support to allow for per-group configs.
@SquirePug Can you share more details, which templates and parameters did you edit?
Unknown Object (User) updated the task description for T3900: Add support for raw tables to firewall.
Unknown Object (User) created T3900: Add support for raw tables to firewall.
lucasec added a comment to T3885: dhcpv6-pd: randomly generated DUID is not persisted.
Obviously in a perfect world we get "unique" and "stable". I do think giving stability priority makes sense.
Viacheslav added a comment to T3897: Dynamic DNS doesn't work with IPv6 addresses.
c-po added a comment to T3885: dhcpv6-pd: randomly generated DUID is not persisted.
@lucasec the reason for switching to the platform UUID instead of building up out own one was that it was not "unique".
c-po renamed T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Update Linux Kernel to v5.4.150 / 5.10.70 to Update Linux Kernel to v5.4.152 / 5.10.72.
Oct 10 2021
Oct 10 2021
lucasec added a comment to T3885: dhcpv6-pd: randomly generated DUID is not persisted.
I surveyed all the hardware I have to see what kind of UUIDs they report:
c-po closed T3750: pdns-recursor 4.4 issue with dont-query and private DNS servers, a subtask of T3882: Upgrade PowerDNs recursor to 4.5 series, as Resolved.
c-po closed T3899: Add support for hd44780 LCD displays, a subtask of T2564: Extend VyOS to support appliance LCDs, as Resolved.
c-po moved T3899: Add support for hd44780 LCD displays from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa2) board.
c-po moved T3899: Add support for hd44780 LCD displays from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po moved T3885: dhcpv6-pd: randomly generated DUID is not persisted from Backlog to Finished on the VyOS 1.4 Sagitta board.
c-po moved T3885: dhcpv6-pd: randomly generated DUID is not persisted from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa2) board.
c-po added a comment to T3885: dhcpv6-pd: randomly generated DUID is not persisted.
Implemented in
c-po added a comment to T3885: dhcpv6-pd: randomly generated DUID is not persisted.
The DUID is presented in binary inside /var/lib/dhcpv6/dhcp6c_duid to read it back into ASCII use: hexdump -e '"%07.7_ax " 1/2 "%04x" " " 14/1 "%02x:" "\n"' /var/lib/dhcpv6/dhcp6c_duid
Oct 9 2021
Oct 9 2021
c-po added a comment to T3090: Move 'adjust-mss' firewall options to the interface section..
You are right @NikolayP but opening an entire subtree might be a bit of overkill.
c-po added a comment to T3879: GPG key verification fails when upgrading from a 1.3 beta version.
Unfortunately reverting back the public key did not lead to any good results either.
c-po raised the priority of T3879: GPG key verification fails when upgrading from a 1.3 beta version from High to Urgent!.
c-po moved T3894: Tunnel Commit Failed if system does not have `eth0` from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa2) board.
c-po moved T3894: Tunnel Commit Failed if system does not have `eth0` from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po changed Difficulty level from unknown to easy on T3894: Tunnel Commit Failed if system does not have `eth0`.
c-po edited projects for T3894: Tunnel Commit Failed if system does not have `eth0`, added: VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa2); removed VyOS 1.3 Equuleus.
Oct 8 2021
Oct 8 2021
c-po moved T3893: MGRE Tunnel commit crash If sit tunnel available from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa2) board.
c-po moved T3893: MGRE Tunnel commit crash If sit tunnel available from Need Triage to 1.3.0-epa2 on the VyOS 1.3 Equuleus board.
c-po moved T3893: MGRE Tunnel commit crash If sit tunnel available from Need Triage to Finished on the VyOS 1.4 Sagitta board.
fernando added a comment to T3655: NAT Problem with VRF.
not yet , we 've been trying with different CT but it's not solve the main problem . I understand that disabling conntrack is not possible because is used for nat.
Viacheslav changed the subtype of T3897: Dynamic DNS doesn't work with IPv6 addresses from "Bug" to "Feature Request".
Viacheslav renamed T3897: Dynamic DNS doesn't work with IPv6 addresses from Dynamic DNS doesn't work with IPv6 addresses bug. to Dynamic DNS doesn't work with IPv6 addresses.
Unknown Object (User) added a comment to T3090: Move 'adjust-mss' firewall options to the interface section..
Perhaps the command should be changed a bit
MSS is a property of the TCP protocol, not IP: