Page MenuHomeVyOS Platform
Projects VyOS 1.4 Sagitta

VyOS 1.4 SagittaExperimental
ActivePublic
Watch Project

Members (10)

Watchers (3)

Recent Activity
View All

Today

Viacheslav changed the status of T4196: DHCP server client-prefix-length parameter results in non-functional leases from In progress to Needs testing.
Tue, Jan 25, 4:31 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4194: prefix-list no check for duplicate entries.

PR https://github.com/vyos/vyos-1x/pull/1190

set policy prefix-list TST_PRF_LST rule 10 action 'permit'
set policy prefix-list TST_PRF_LST rule 10 prefix '10.5.5.0/24'
set policy prefix-list TST_PRF_LST rule 20 action 'permit'
set policy prefix-list TST_PRF_LST rule 20 prefix '10.6.6.0/24'
set policy prefix-list TST_PRF_LST rule 30 action 'permit'
set policy prefix-list TST_PRF_LST rule 30 prefix '10.6.6.0/24'
Tue, Jan 25, 4:25 PM · VyOS 1.4 Sagitta
Viacheslav assigned T4209: Firewall incorrect handler for recent count and time to sdev.
Tue, Jan 25, 2:07 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4209: Firewall incorrect handler for recent count and time.
Tue, Jan 25, 11:51 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4209: Firewall incorrect handler for recent count and time.
Tue, Jan 25, 11:50 AM · VyOS 1.4 Sagitta
Viacheslav created T4209: Firewall incorrect handler for recent count and time.
Tue, Jan 25, 11:47 AM · VyOS 1.4 Sagitta
Viacheslav closed T4205: Disable Debian Version in SSH (DebianBanner->no) as Resolved.
Tue, Jan 25, 9:14 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4205: Disable Debian Version in SSH (DebianBanner->no).

PR https://github.com/vyos/vyos-1x/pull/1188

Tue, Jan 25, 8:53 AM · VyOS 1.4 Sagitta
Viacheslav closed T4131: Show firewall group incorrect format members as Resolved.

@sdev Thanks

Tue, Jan 25, 8:19 AM · VyOS 1.4 Sagitta

Yesterday

Dmitry closed T4204: Update Accel-PPP to a newer revision as Resolved.
Mon, Jan 24, 10:01 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
drixter created T4205: Disable Debian Version in SSH (DebianBanner->no).
Mon, Jan 24, 8:38 PM · VyOS 1.4 Sagitta
n.fort closed T1795: Commit rollback by timeout as Resolved.

Task already implemented:

Mon, Jan 24, 6:56 PM · VyOS 1.4 Sagitta, Active contributors
Dmitry changed the status of T4204: Update Accel-PPP to a newer revision from In progress to Needs testing.
Mon, Jan 24, 8:30 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Dmitry added a comment to T4204: Update Accel-PPP to a newer revision.

PR current - https://github.com/vyos/vyos-build/pull/214
PR equuleus - https://github.com/vyos/vyos-build/pull/215

Mon, Jan 24, 8:29 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Dmitry changed the status of T4204: Update Accel-PPP to a newer revision from Open to In progress.
Mon, Jan 24, 8:21 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Dmitry created T4204: Update Accel-PPP to a newer revision.
Mon, Jan 24, 8:20 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
NikolayP updated the task description for T4072: Feature Request: Firewall on bridge interfaces.
Mon, Jan 24, 5:29 AM · VyOS 1.3 Equuleus, VyOS 1.4 Sagitta
NikolayP added a comment to T4196: DHCP server client-prefix-length parameter results in non-functional leases.

PR for 1.3:
https://github.com/vyos/vyos-1x/pull/1187

Mon, Jan 24, 1:46 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
n.fort added a comment to T4199: Commit failed when setting icmpv6 type any.

@artooro It still accepts type-name.

Mon, Jan 24, 12:08 AM · VyOS 1.4 Sagitta

Sun, Jan 23

artooro added a comment to T4199: Commit failed when setting icmpv6 type any.

@n.fort I just built a fresh image and tested. The first thing I noticed is that icmpv6 now only accepts integers while previously it accepted names. I'm assuming this is a purposeful design change where users now have to set type-name instead.
The any option has been removed, which I suspect is OK as you'd simply leave it unset if you want to accept all icmp types.
Overall this should eliminate the user confusion so I think it's a good change.

Sun, Jan 23, 8:17 PM · VyOS 1.4 Sagitta
n.fort closed T4181: Firewall ipv6-network-group - incorrect description on helper as Resolved.

Tested on VyOS 1.4-rolling-202201230317

Sun, Jan 23, 2:17 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4199: Commit failed when setting icmpv6 type any.

@artooro , please try again using latest version -> vyos-1.4-rolling-202201230317-amd64.iso
Just tested, and for me, it's working as expected.
PR that solves this issue: https://github.com/vyos/vyos-1x/pull/1184

Sun, Jan 23, 2:12 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4021: Long commit time on bridge interface with 1-4094 allowed VLAN tags.

On VyOS 1.4-rolling-202201230317.
Commands:

Sun, Jan 23, 2:00 PM · VyOS 1.4 Sagitta
n.fort closed T4186: Firewall icmp type - Offered options not supported as Resolved.
Sun, Jan 23, 12:39 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4186: Firewall icmp type - Offered options not supported.

Tested on latest VyOS 1.4-rolling-202201230317

Sun, Jan 23, 12:38 PM · VyOS 1.4 Sagitta

Sat, Jan 22

n.fort added a comment to T4138: NAT configuration allows to set incorrect port range and invalid port.

Error still present on VyOS 1.4-rolling-202201180317

Sat, Jan 22, 2:37 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4153: Monitor bandwidth-test initiate not working.

PR: https://github.com/vyos/vyos-1x/pull/1186

Sat, Jan 22, 2:14 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
n.fort claimed T4153: Monitor bandwidth-test initiate not working.
Sat, Jan 22, 1:09 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
n.fort closed T4173: Wan Load Balancing - Error on firewall NAT rules as Resolved.
Sat, Jan 22, 12:49 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4115: reboot in <x> not working as expected.
Sat, Jan 22, 12:26 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus
n.fort added a comment to T4202: NFT: Zone policies fail to apply when "l2tp+" is in the interface list.

Wildcard + should be replaces with *, according to nft man page:

Sat, Jan 22, 11:20 AM · VyOS 1.4 Sagitta
c-po changed the status of T4203: Reconfigure DHCP client interface causes brief outages from Open to Confirmed.
Sat, Jan 22, 9:08 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus
c-po created T4203: Reconfigure DHCP client interface causes brief outages.
Sat, Jan 22, 9:07 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus
jack9603301 added a comment to T2898: Support NDP proxy.

@hensur See PR, I implemented a merge script and provided three solutions.

Sat, Jan 22, 6:36 AM · VyOS 1.4 Sagitta
kroy created T4202: NFT: Zone policies fail to apply when "l2tp+" is in the interface list.
Sat, Jan 22, 4:53 AM · VyOS 1.4 Sagitta

Fri, Jan 21

artooro closed T4200: Assigning ipv6-name to interface is not generating nftables rules as Resolved.
Fri, Jan 21, 10:35 PM · VyOS 1.4 Sagitta
artooro added a comment to T4200: Assigning ipv6-name to interface is not generating nftables rules.

Confirmed, I just built a new image using 1.4-rolling-202201212148 and I can no longer reproduce the issue.

Fri, Jan 21, 10:34 PM · VyOS 1.4 Sagitta
sdev added a comment to T4186: Firewall icmp type - Offered options not supported.

PR + migration: https://github.com/vyos/vyos-1x/pull/1184

Fri, Jan 21, 10:08 PM · VyOS 1.4 Sagitta
artooro added a comment to T4199: Commit failed when setting icmpv6 type any.
In T4199#117215, @n.fort wrote:
Fri, Jan 21, 9:42 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4131: Show firewall group incorrect format members.

Loading address group described in task and then printing, works OK.

Fri, Jan 21, 6:52 PM · VyOS 1.4 Sagitta
n.fort closed T4144: Firewall address-group - Improve error messages as Resolved.
Fri, Jan 21, 6:44 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4144: Firewall address-group - Improve error messages.

Tested on VyOS 1.4-rolling-202201180317 and working as expected.

Fri, Jan 21, 6:44 PM · VyOS 1.4 Sagitta
n.fort closed T4133: Firewall network group error with zone-based firewall rules as Resolved.
Fri, Jan 21, 6:35 PM · VyOS 1.4 Sagitta, VyConf
n.fort added a comment to T4133: Firewall network group error with zone-based firewall rules.

Seems solved, Not reproducible on VyOS 1.4-rolling-202201180317

Fri, Jan 21, 6:35 PM · VyOS 1.4 Sagitta, VyConf
n.fort changed the status of T4199: Commit failed when setting icmpv6 type any from In progress to Confirmed.
Fri, Jan 21, 6:20 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4199: Commit failed when setting icmpv6 type any.

Did did work as expeced

vyos@vyos# run show config comm | grep fire
set firewall ipv6-name FOO rule 10 action 'accept'
set firewall ipv6-name FOO rule 10 icmpv6 type 'echo-request'
set firewall ipv6-name FOO rule 10 protocol 'ipv6-icmp'
Fri, Jan 21, 6:03 PM · VyOS 1.4 Sagitta
n.fort added a comment to T4199: Commit failed when setting icmpv6 type any.

Also, while matching parameters valid in nftables, such as echo-reply, commit fails too:

Fri, Jan 21, 4:29 PM · VyOS 1.4 Sagitta
Viacheslav closed T4137: Firewall group configuration allows to set incorrect port range and invalid port as Resolved.
Fri, Jan 21, 4:22 PM · VyOS 1.4 Sagitta
hensur added a comment to T4151: IPV6 local PBR Support.

Should be fixed with https://github.com/vyos/vyos-1x/pull/1183

Fri, Jan 21, 12:29 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
n.fort added a comment to T4199: Commit failed when setting icmpv6 type any.

Bug related: https://phabricator.vyos.net/T4186

Fri, Jan 21, 12:27 PM · VyOS 1.4 Sagitta