Page MenuHomeVyOS Platform

VyOS 1.3 Equuleus (1.3.0)Milestone
ActivePublic

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity

Today

nikeshhajari created T4192: OpenVPN custom option for "--client-to-client" causes configuration error.
Tue, Jan 18, 4:11 AM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a project to T2762: VRF: when SSHd is VRF bound all commands are executed in VRF context: VyOS 1.4 Sagitta.
Tue, Jan 18, 2:28 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)

Yesterday

Viacheslav added a comment to T2762: VRF: when SSHd is VRF bound all commands are executed in VRF context.

PR for ping https://github.com/vyos/vyos-1x/pull/1175

Mon, Jan 17, 11:47 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
Viacheslav closed T891: Current multi-table usage with VRF-netns tables in FRR is partially broken for PBR. as Resolved N/A.

Close the task
@Watcher7 Re-test it or describe steps hot to reproduce, as since 1.2-rc2 was implemented a lot of changes regarding vrf + frr.
You can set both vrf + next-hop address

Mon, Jan 17, 6:05 PM · VyOS 1.3 Equuleus (1.3.0)

Fri, Jan 14

Viacheslav added a subtask for T2199: Rewrite firewall in new XML/Python style: T3762: Support network and address groups for policy ipv6-route.
Fri, Jan 14, 8:18 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses.

Some detail here T1280

Fri, Jan 14, 2:25 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
johannrichard added a comment to T2199: Rewrite firewall in new XML/Python style.

@sdev: in your original commit for this task, recent rules are somehow semi-discarded (the time/counter condition will not be written out; however, the action will be written out) because of an apparent problem with nftables in this area.

Fri, Jan 14, 10:10 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
NikolayP updated the task description for T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses.
Fri, Jan 14, 10:01 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
NikolayP renamed T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses from NTP allow-clients address requires a reboot to NTP allow-clients address doesn't work.
Fri, Jan 14, 9:55 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
NikolayP updated the task description for T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses.
Fri, Jan 14, 4:42 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
NikolayP created T4184: NTP allow-clients address doesn't work it allows to use ntp server for all addresses.
Fri, Jan 14, 4:35 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Wed, Jan 12

sdev changed the status of T2199: Rewrite firewall in new XML/Python style from Open to Needs testing.
Wed, Jan 12, 5:11 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T4174: Validation fails when entering port range with upper port 65535, a subtask of T2199: Rewrite firewall in new XML/Python style, as Resolved.
Wed, Jan 12, 11:29 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Tue, Jan 11

bjw-s claimed T4174: Validation fails when entering port range with upper port 65535.

PR: https://github.com/vyos/vyos-1x/pull/1160

Tue, Jan 11, 7:47 PM · VyOS 1.4 Sagitta
bjw-s updated the task description for T4174: Validation fails when entering port range with upper port 65535.
Tue, Jan 11, 7:46 PM · VyOS 1.4 Sagitta
bjw-s created T4174: Validation fails when entering port range with upper port 65535.
Tue, Jan 11, 7:35 PM · VyOS 1.4 Sagitta
sdev changed the status of T4159: Empty firewall group (address, network & port) generates invalid nftables config, commit fails, a subtask of T2199: Rewrite firewall in new XML/Python style, from Open to Needs testing.
Tue, Jan 11, 2:48 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
erkin closed T3950: CLI backtrace on update if DNS not defined , a subtask of T3356: Script for remote file transfers, as Resolved.
Tue, Jan 11, 9:59 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
erkin reopened T3950: CLI backtrace on update if DNS not defined , a subtask of T3356: Script for remote file transfers, as In progress.
Tue, Jan 11, 8:58 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Mon, Jan 10

sdev changed the status of T4155: PBR: `set table main` fails in `firewall.py` with newer rolling releases , a subtask of T2199: Rewrite firewall in new XML/Python style, from Open to Needs testing.
Mon, Jan 10, 6:40 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
n.fort closed T3115: Add support for firewall on L3 VIF bridge interface as Resolved.
Mon, Jan 10, 3:36 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
n.fort added a comment to T3115: Add support for firewall on L3 VIF bridge interface.

Previous example was expanded, in order to test filtering between native bridge interface and vlans interface on bridge.
Filtering rules:

  • Filter traffic from vlan br0.55 to br0.66
  • Filter traffic from vlan1 to br0.55
  • Allow all
Mon, Jan 10, 3:32 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
nikeshhajari closed T4158: Add support for "ip nhrp registration no-unique" from FRR as Invalid.
Mon, Jan 10, 6:23 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
nikeshhajari added a comment to T4158: Add support for "ip nhrp registration no-unique" from FRR.

Ah! ok, I will close this. Looking at the man pages, seems like open nhrp doesn't have a no-unique registration feature?

Mon, Jan 10, 6:23 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T4158: Add support for "ip nhrp registration no-unique" from FRR.

We don’t use frr nhrpd, more details T2326
We use opennhrp

Mon, Jan 10, 6:17 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
johannrichard added a subtask for T2199: Rewrite firewall in new XML/Python style: T4159: Empty firewall group (address, network & port) generates invalid nftables config, commit fails.
Mon, Jan 10, 2:12 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Sun, Jan 9

nikeshhajari created T4158: Add support for "ip nhrp registration no-unique" from FRR.
Sun, Jan 9, 11:57 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
johannrichard added a subtask for T2199: Rewrite firewall in new XML/Python style: T4155: PBR: `set table main` fails in `firewall.py` with newer rolling releases .
Sun, Jan 9, 7:59 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
n.fort added a comment to T3115: Add support for firewall on L3 VIF bridge interface.

Filtering tested on version 1.4-rolling-202201060842

Sun, Jan 9, 7:20 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T3706: Add properly priorities for systemd daemons.

A simple check works fine:
Set 20% quota for snmpd
And check it with script:

#!/usr/bin/env bash
Sun, Jan 9, 5:12 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T3706: Add properly priorities for systemd daemons.

https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html

Sun, Jan 9, 4:53 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav changed the status of T3774: atop logs are not limited in size from In progress to Needs testing.
Sun, Jan 9, 4:39 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T3822: OpenVPN processes do not have permission to read key files generated with `run generate openvpn key` as Resolved.

It was fixed in above commits, wrong testing form my site.

Sun, Jan 9, 4:28 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T3299: Webproxy is prohibited from listening on all IP addresses.

Cherry-pick PR https://github.com/vyos/vyos-1x/pull/1146

Sun, Jan 9, 2:56 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4153: Monitor bandwidth-test initiate not working.

It seems -V option:

Sun, Jan 9, 2:24 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
n.fort created T4153: Monitor bandwidth-test initiate not working.
Sun, Jan 9, 2:06 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)

Sat, Jan 8

Viacheslav added a comment to T840: VRRP V3 backup router sending ND RA.

Is it an actual task? If yes, can someone explain which configuration you expect from keepalived.conf or radvd.conf?
As I see PR 9aad6f was merged.

Sat, Jan 8, 6:42 PM · VyOS 1.3 Equuleus (1.3.0), test

Thu, Jan 6

jestabro added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

@rps this did not make it into 1.3.0, but was discussed recently and will be addressed; it is, as you point out, a regrettable omission in functionality

Thu, Jan 6, 6:56 PM · VyOS 1.3 Equuleus (1.3.0)
rps added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

Do we know if this made it into the 1.3.0 release or is this now a 1.4 issue?

Thu, Jan 6, 5:39 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav assigned T3914: vrrp rfc3768-compatibility doesn't work with unicast peers to c-po.

Fixed for 1.4 in T4128 with update "keepalived".
In 1.3 we don't update this pkg.

Thu, Jan 6, 11:32 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Mon, Jan 3

Viacheslav closed T4065: IPSEC configuration error: connection to unix:///var/run/charon.ctl failed: No such file or directory as Resolved.

Fixed in https://github.com/vyos/vyatta-cfg-vpn/pull/56

Mon, Jan 3, 9:09 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T3914: vrrp rfc3768-compatibility doesn't work with unicast peers.

Maybe fixed in T4128

Mon, Jan 3, 9:05 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4052: Validator return traceback on VRRP configuration with the script path not in config dir as Resolved.
Mon, Jan 3, 5:17 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Fri, Dec 31

Viacheslav closed T4081: VRRP health-check script stops working when setting up a sync group as Resolved.
Fri, Dec 31, 11:04 AM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
c-po added a comment to T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID.

This sounds like a "peer-link" or "heartbeat-link" between two VyOS boxes. I have yet no idea how the CLI could look like, maybe you have one?

Fri, Dec 31, 7:59 AM · VyOS 1.4 Sagitta

Thu, Dec 30

zsdc changed the status of T4113: Incorrect GRUB configuration parsing from Open to In progress.

Suggested fix: https://github.com/vyos/vyatta-op/pull/52

Thu, Dec 30, 5:21 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)

Wed, Dec 29

jestabro closed T4086: system login banner is not removed on deletion. as Resolved.
Wed, Dec 29, 8:13 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
jestabro moved T4086: system login banner is not removed on deletion. from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Wed, Dec 29, 8:08 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
jestabro added a comment to T4086: system login banner is not removed on deletion..

This is a mutability issue: since under vyos-configd the script is loaded as module, global variables persist, however:

Wed, Dec 29, 7:37 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
n.fort renamed T2498: Expected error when deleting vif that has dhcp-server configured from Cannot remove interface vif used by dhcpd to Expected error when deleting vif that has dhcp-server configured.
Wed, Dec 29, 6:15 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)