Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Sep 27 2022

Viacheslav changed the status of T4716: SSH ability to configure RekeyLimit, a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, from Open to In progress.
Sep 27 2022, 4:11 PM · VyOS 1.5 Circinus
Viacheslav changed the status of T4716: SSH ability to configure RekeyLimit from Open to In progress.

PR https://github.com/vyos/vyos-1x/pull/1563

Sep 27 2022, 4:11 PM · VyOS 1.4 Sagitta
acosgrove updated acosgrove.
Sep 27 2022, 3:48 PM
Viacheslav created T4716: SSH ability to configure RekeyLimit.
Sep 27 2022, 3:01 PM · VyOS 1.4 Sagitta
Viacheslav closed T4711: Ability to terminate user TTY and PTS sessions, a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, as Resolved.
Sep 27 2022, 2:16 PM · VyOS 1.5 Circinus
Viacheslav closed T4711: Ability to terminate user TTY and PTS sessions as Resolved.
Sep 27 2022, 2:16 PM · VyOS 1.4 Sagitta
Viacheslav closed T4557: fastnetmon: allow configure limits per protocol (tcp, udp, icmp) as Resolved.
Sep 27 2022, 12:52 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4711: Ability to terminate user TTY and PTS sessions, a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, from Open to In progress.
Sep 27 2022, 12:29 PM · VyOS 1.5 Circinus
Viacheslav changed the status of T4711: Ability to terminate user TTY and PTS sessions from Open to In progress.
Sep 27 2022, 12:29 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4711: Ability to terminate user TTY and PTS sessions.

PR https://github.com/vyos/vyos-1x/pull/1562

Sep 27 2022, 12:28 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4657: op-mode scripts with type hints in `return` do not work from In progress to Needs testing.
Sep 27 2022, 12:05 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4708: 'show nat destination rules' throwing an error.

Should be fixed in the commit https://github.com/vyos/vyos-1x/pull/1552/files#diff-9e98077e1229d7a89e26efdc517896728265a8669e8824aaf92611b113fa3516L47
T4605
Try the latest rolling

Sep 27 2022, 12:04 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4715: Auto logout user after a period of inactivity.

PR https://github.com/vyos/vyos-1x/pull/1561

Sep 27 2022, 11:41 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4715: Auto logout user after a period of inactivity, a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, from Open to In progress.
Sep 27 2022, 10:51 AM · VyOS 1.5 Circinus
Viacheslav changed the status of T4715: Auto logout user after a period of inactivity from Open to In progress.
Sep 27 2022, 10:51 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4715: Auto logout user after a period of inactivity.
Sep 27 2022, 10:40 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4715: Auto logout user after a period of inactivity.
Sep 27 2022, 10:33 AM · VyOS 1.4 Sagitta
Viacheslav created T4715: Auto logout user after a period of inactivity.
Sep 27 2022, 10:32 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4713: vyos@vyos:~$ show nat destination rules | doesn't work.

Should be fixed in the commit https://github.com/vyos/vyos-1x/pull/1552/files#diff-9e98077e1229d7a89e26efdc517896728265a8669e8824aaf92611b113fa3516L47
T4605
Try the latest rolling

Sep 27 2022, 9:34 AM · VyOS 1.4 Sagitta
Viacheslav created T4714: Delete unused ipset from the filecaps.
Sep 27 2022, 9:29 AM · VyOS 1.4 Sagitta
icyfire0573 created T4713: vyos@vyos:~$ show nat destination rules | doesn't work.
Sep 27 2022, 9:28 AM · VyOS 1.4 Sagitta
Viacheslav added a subtask for T4712: Collaborative Protection Profile cPP for Network Devices root task: T4711: Ability to terminate user TTY and PTS sessions.
Sep 27 2022, 9:05 AM · VyOS 1.5 Circinus
Viacheslav added a parent task for T4711: Ability to terminate user TTY and PTS sessions: T4712: Collaborative Protection Profile cPP for Network Devices root task.
Sep 27 2022, 9:05 AM · VyOS 1.4 Sagitta
Viacheslav created T4712: Collaborative Protection Profile cPP for Network Devices root task.
Sep 27 2022, 9:04 AM · VyOS 1.5 Circinus
aalmenar changed Issue type from unspecified to improvement on T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt.
Sep 27 2022, 7:55 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4557: fastnetmon: allow configure limits per protocol (tcp, udp, icmp) from In progress to Needs testing.
Sep 27 2022, 7:31 AM · VyOS 1.4 Sagitta
Viacheslav moved T4693: ISIS segment routing was broken... from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 27 2022, 7:26 AM · VyOS 1.4 Sagitta

Sep 26 2022

Viacheslav created T4711: Ability to terminate user TTY and PTS sessions.
Sep 26 2022, 4:02 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4700: Firewall - Add interface match criteria.

PR: https://github.com/vyos/vyos-1x/pull/1560

Sep 26 2022, 11:51 AM · VyOS 1.4 Sagitta
initramfs added a comment to T4709: TCP MSS clamping broken in equuleus.

It seems like I was wrong about the netfilter rule not working as intended (and in my testing the clamp was broken for some other reason that was an error on my part), the post has been edited to only indicate the remaining issue of an overly strict MSS clamping range.

Sep 26 2022, 3:10 AM · VyOS 1.3 Equuleus (1.3.3)
initramfs updated the task description for T4709: TCP MSS clamping broken in equuleus.
Sep 26 2022, 3:08 AM · VyOS 1.3 Equuleus (1.3.3)

Sep 25 2022

Viacheslav changed the status of T4680: Telegraf prometheus-client listen-address invalid format from In progress to Needs testing.
Sep 25 2022, 6:31 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
ajgnet updated the task description for T4710: show openvpn server occasionally returns IndexError: list index out of range.
Sep 25 2022, 6:30 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4708: 'show nat destination rules' throwing an error.

Send steps to reproduce it or “show conf com | match nat”

Sep 25 2022, 6:29 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4710: show openvpn server occasionally returns IndexError: list index out of range.

Send steps to reproduce it or “show conf com | match openvpn ”

Sep 25 2022, 6:27 PM · VyOS 1.4 Sagitta

Sep 24 2022

ajgnet created T4710: show openvpn server occasionally returns IndexError: list index out of range.
Sep 24 2022, 9:53 PM · VyOS 1.4 Sagitta
initramfs added a comment to T4709: TCP MSS clamping broken in equuleus.

See https://unix.stackexchange.com/questions/672742/why-mss-clamping-in-iptables-nft-seems-to-take-no-effect-in-nftables for additional explanation why the iptables version do not work under iptables-nft.

Sep 24 2022, 8:28 PM · VyOS 1.3 Equuleus (1.3.3)
initramfs added a comment to T4709: TCP MSS clamping broken in equuleus.

Relevant PRs:

Sep 24 2022, 8:15 PM · VyOS 1.3 Equuleus (1.3.3)
initramfs created T4709: TCP MSS clamping broken in equuleus.
Sep 24 2022, 7:43 PM · VyOS 1.3 Equuleus (1.3.3)

Sep 22 2022

n.fort added a comment to T4699: Firewall - Add jump action - Add return action.

PR for Jump: https://github.com/vyos/vyos-1x/pull/1553

Sep 22 2022, 4:20 PM · VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T874: Support for Two Factor Authentication for CLI access via Google Authenticator/OTP.

PR with feature request:
https://github.com/vyos/vyos-1x/pull/1555

Sep 22 2022, 12:26 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
dmbaturin published a new version of 1.3.1.
Sep 22 2022, 12:13 PM
dmbaturin deleted 1.3.3.
Sep 22 2022, 11:55 AM
dmbaturin renamed 1.3.3 from 1.3.1 to 1.3.3.
Sep 22 2022, 10:59 AM
dmbaturin edited the content of 1.3.1.
Sep 22 2022, 10:58 AM
dmbaturin renamed 1.3.3 from 1.3.3 to 1.3.1.
Sep 22 2022, 10:56 AM
v.huti added a comment to T4180: Support for QoS Policy Propagation via BGP (QPPB).

DEMO
===============================================

To demonstrate the feature let's look at the following topology

topo.png (447×900 px, 87 KB)

qppb_artifacts.tar.gz34 MBDownload


qppb_demo_m2.gns3project1 GBDownload

Sep 22 2022, 10:54 AM · VyOS 1.5 Circinus
jack9603301 added a comment to T4706: NAT and NAT66 issues.

@sdev @Netboy3 I'll test if the new implementation is done and if the bug is fixed I'll close this PR, thanks

Sep 22 2022, 10:47 AM · VyOS 1.4 Sagitta
dmbaturin edited the content of 1.3.3.
Sep 22 2022, 10:19 AM
dmbaturin edited the content of 1.3.3.
Sep 22 2022, 10:19 AM
dmbaturin created 1.3.3.
Sep 22 2022, 10:12 AM
Netboy3 added a comment to T4706: NAT and NAT66 issues.

@jack9603301 I've tested your updated PR and it seems to work well now. Thank you for the quick response.
@sdev I've tested your PR and it seems to also fix both issues. I did not test anything beyond DNAT port only in both ip and ip6 families.

Sep 22 2022, 2:51 AM · VyOS 1.4 Sagitta

Sep 21 2022

n.fort renamed T4699: Firewall - Add jump action - Add return action from Firewall - Add jump action to Firewall - Add jump action - Add return action.
Sep 21 2022, 5:45 PM · VyOS 1.4 Sagitta
c-po closed T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node, a subtask of T4678: Rewrite service ipoe-server to get_config_dict, as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po closed T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po updated the task description for T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
c-po closed T4678: Rewrite service ipoe-server to get_config_dict as Resolved.
Sep 21 2022, 4:56 PM · VyOS 1.4 Sagitta
sarthurdev added a comment to T4706: NAT and NAT66 issues.

Included a fix for this in NAT refactor: https://github.com/vyos/vyos-1x/pull/1552

Sep 21 2022, 4:12 PM · VyOS 1.4 Sagitta
sarthurdev added a comment to T4605: Firewall change default table names.

PR for NAT included with refactor: https://github.com/vyos/vyos-1x/pull/1552

Sep 21 2022, 4:12 PM · VyOS 1.4 Sagitta
c-po added a subtask for T4678: Rewrite service ipoe-server to get_config_dict: T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
c-po added a parent task for T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node: T4678: Rewrite service ipoe-server to get_config_dict.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
c-po changed the status of T4678: Rewrite service ipoe-server to get_config_dict from Open to In progress.
Sep 21 2022, 2:35 PM · VyOS 1.4 Sagitta
Netboy3 added a comment to T4706: NAT and NAT66 issues.

@jack9603301, your PR solves the NAT66 issue - thank you. However, the change you made to nat.py to try to solve the NAT44 issue is not complete and seem to also require a template change. I'll post additional details in the PR.

Sep 21 2022, 2:33 PM · VyOS 1.4 Sagitta
c-po claimed T4678: Rewrite service ipoe-server to get_config_dict.
Sep 21 2022, 2:28 PM · VyOS 1.4 Sagitta
narey83 created T4708: 'show nat destination rules' throwing an error.
Sep 21 2022, 12:51 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4699: Firewall - Add jump action - Add return action.

Since jump action was added, It would be good to also add "return" action

Sep 21 2022, 12:39 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

PR: https://github.com/vyos/vyos-1x/pull/1550

Sep 21 2022, 12:39 PM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4707: Enable OSPF segment routing.

Initial PR here, https://github.com/vyos/vyos-1x/pull/1551.

Sep 21 2022, 12:33 AM · VyOS 1.4 Sagitta

Sep 20 2022

Cheeze_It changed the status of T4707: Enable OSPF segment routing from Open to In progress.
Sep 20 2022, 11:42 PM · VyOS 1.4 Sagitta
Cheeze_It created T4707: Enable OSPF segment routing.
Sep 20 2022, 11:42 PM · VyOS 1.4 Sagitta
Cheeze_It closed T4693: ISIS segment routing was broken... as Resolved.
Sep 20 2022, 5:38 PM · VyOS 1.4 Sagitta
Cheeze_It added a comment to T4693: ISIS segment routing was broken....

It seems we have working ISIS segment routing:

Sep 20 2022, 5:32 PM · VyOS 1.4 Sagitta
Cheeze_It triaged T4693: ISIS segment routing was broken... as Normal priority.
Sep 20 2022, 4:25 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

@Netboy3 Let me modify the template to support

Sep 20 2022, 7:26 AM · VyOS 1.4 Sagitta

Sep 19 2022

Viacheslav added a project to T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt: VyOS 1.4 Sagitta.
Sep 19 2022, 10:57 PM · VyOS 1.4 Sagitta
Netboy3 added a comment to T4706: NAT and NAT66 issues.

Why would you enforce an address? It is perfectly OK to have port-only DNAT66 without any destination address such as:
nft add rule ip6 nat PREROUTING iifname eth1 counter tcp dport 443 dnat to :3000
Problem is that the test logic breaks on this and spits out a wrong statement to NFT that barfs on it.

Sep 19 2022, 8:55 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T4706: NAT and NAT66 issues.

Maybe we should add check to NAT66 to enforce the given address

Sep 19 2022, 7:32 PM · VyOS 1.4 Sagitta
n.fort changed the status of T4706: NAT and NAT66 issues from Open to Confirmed.
Sep 19 2022, 6:34 PM · VyOS 1.4 Sagitta
n.fort claimed T4706: NAT and NAT66 issues.
Sep 19 2022, 6:34 PM · VyOS 1.4 Sagitta
n.fort created T4706: NAT and NAT66 issues.
Sep 19 2022, 6:33 PM · VyOS 1.4 Sagitta
n.fort changed the status of T4699: Firewall - Add jump action - Add return action from In progress to Needs testing.
Sep 19 2022, 11:02 AM · VyOS 1.4 Sagitta
mike-pisman created T4705: Add Thunderbolt networking and interfaces supported in the config environment.
Sep 19 2022, 3:30 AM · VyOS 1.5 Circinus

Sep 18 2022

jmarmorato added a comment to T4694: Allow VyOS Firewall to Match Outbound IPSec Traffic.

@n.fort Maybe set firewall name <name> rule <rule> ipsec match-gre? This feels a bit hacky though... Almost like match should be its own block and contain ipsec, none, or gre

Sep 18 2022, 10:06 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
roedie claimed T4639: Crowdsec in VyOS (Blocking only).
Sep 18 2022, 5:57 PM · VyOS 1.5 Circinus
danhusan closed T3155: ospfv3 mtu-ignore not working on ethernet vifs as Resolved.
Sep 18 2022, 4:41 PM · VyOS 1.2 Crux

Sep 17 2022

roedie moved T4526: keepalived-fifo.py unable to load config from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:34 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie moved T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:31 PM · VyOS 1.4 Sagitta
roedie closed T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 as Resolved.

It works for me (tm)

Sep 17 2022, 8:30 PM · VyOS 1.4 Sagitta
c-po closed T4666: EAP-TLS no longer allows TLSv1.0 after T4537, T4584 as Resolved.
Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta, wpa
c-po moved T4702: Wireguard peers configuration is not synchronized with CLI from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.
Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po added a comment to T4702: Wireguard peers configuration is not synchronized with CLI.

PR for VyOS 1.3.3 https://github.com/vyos/vyos-1x/pull/1548

Sep 17 2022, 7:13 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po moved T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node from Need Triage to In Progress on the VyOS 1.4 Sagitta board.
Sep 17 2022, 6:41 PM · VyOS 1.4 Sagitta
c-po moved T4702: Wireguard peers configuration is not synchronized with CLI from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po changed Why the issue appeared? from none to implementation-mistake on T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po changed the status of T4702: Wireguard peers configuration is not synchronized with CLI from Confirmed to Needs testing.
Sep 17 2022, 6:41 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
c-po edited projects for T4702: Wireguard peers configuration is not synchronized with CLI, added: VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus.
Sep 17 2022, 5:53 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
jack9603301 added a comment to T4689: Support RFS(Receive Flow Steering).

PR: https://github.com/vyos/vyos-1x/pull/1542

Sep 17 2022, 12:27 PM · VyOS 1.4 Sagitta
c-po claimed T4702: Wireguard peers configuration is not synchronized with CLI.
Sep 17 2022, 7:41 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Sep 16 2022

aalmenar created T4704: Allow to set metric (MED) to rtt with rtt,+rtt or -rtt.
Sep 16 2022, 8:35 PM · VyOS 1.4 Sagitta
c-po changed the status of T4703: accel-ppp: combine vlan-id and vlan-range into single CLI node from Open to In progress.
Sep 16 2022, 7:31 PM · VyOS 1.4 Sagitta
First
Prev
Next