Page MenuHomePhabricator

VyOS-1.2.0-GAGoal
ActivePublic

Members

  • This project does not have any members.

Details

Description

Crux Release

Recent Activity

Yesterday

c-po renamed T828: Specify RADIUS source ip for PPP and L2TP connections from Specify RADIUS source ip to Specify RADIUS source ip for PPP and L2TP connections.
Thu, Apr 18, 3:18 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc7)

Tue, Apr 9

syncer reopened T1131: open-vm-tools causing 100% CPU load as "Open".

This requires fix, since workaround not fully acceptable

Tue, Apr 9, 10:08 AM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus

Mon, Apr 8

csalcedo added a comment to T1131: open-vm-tools causing 100% CPU load.

Hi all,

Mon, Apr 8, 9:09 AM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus

Sun, Apr 7

c-po closed T1296: Image install can't install to SD cards (mmcblk...), a subtask of T967: Installer selection of available disks is too restrictive, as Resolved.
Sun, Apr 7, 9:49 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc7)

Wed, Mar 27

c-po added a subtask for T967: Installer selection of available disks is too restrictive: T1296: Image install can't install to SD cards (mmcblk...).
Wed, Mar 27, 6:51 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc7)

Tue, Mar 26

dmbaturin merged T1235: "show | commands" don't work from config mode into T1193: libvyosconfig parser cannot handle top level leaf and tag nodes.
Tue, Mar 26, 12:39 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)

Sat, Mar 23

m.cremers removed a watcher for VyOS-1.2.0-GA: m.cremers.
Sat, Mar 23, 12:30 PM

Fri, Mar 22

c-po placed T1070: SWANCTL: DMVPN: ALL peers are deleted in swan when opennhrp tries to delete ONE peer up for grabs.
Fri, Mar 22, 8:37 PM · VyOS-1.2.0-GA
zh99998 added a comment to T573: Update IPv6 firewall rules to support matching of hop-limit.

IPv4 ttl matching is missing too.
could this be copied to IPv4?
it's exactly same except the iptables module name called ttl

Fri, Mar 22, 3:09 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc8)

Mar 17 2019

c-po closed T171: Unable to delete a firewall fule as Resolved.
Mar 17 2019, 3:37 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc7)
c-po changed the status of T171: Unable to delete a firewall fule from Needs testing to Open by committing Restricted Diffusion Commit.
Mar 17 2019, 3:23 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc7)

Mar 12 2019

hagbard added a comment to T1051: Update openvpn to support TLS 1.2.

Sorry I can't replicate your issue, tested it with VyOS 1.2.0-rolling+201903110337.

Mar 12 2019, 6:20 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA
thinkl33t added a comment to T1051: Update openvpn to support TLS 1.2.

I've finally managed to test this (apologies, we've had a super busy couple of months) and don't appear to be able to connect to the VPN anymore :(

Mar 12 2019, 12:11 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA

Feb 25 2019

gadams added a comment to T1059: Support receiving IPv6 router advertisements.

I'm a little confused about the status of this task.

Feb 25 2019, 5:29 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)

Feb 19 2019

hagbard closed T1051: Update openvpn to support TLS 1.2 as Resolved.

Tested it myself and can't find any issues.

Feb 19 2019, 7:02 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA

Feb 14 2019

hagbard claimed T258: Can not configure wan load-balancing on vyos-1.2.
Feb 14 2019, 5:51 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Feb 13 2019

zsdc added a comment to T258: Can not configure wan load-balancing on vyos-1.2.

Need to reopen this task.
Version: 1.2.0-LTS.
Running configuration:

vyos@test-01# show 
 interfaces {
     ethernet eth0 {
         address 192.168.55.18/30
         duplex auto
         hw-id 08:00:27:95:bb:f6
         smp-affinity auto
         speed auto
     }
     ethernet eth1 {
         address 192.168.56.3/24
         duplex auto
         hw-id 08:00:27:8e:d6:fb
         smp-affinity auto
         speed auto
     }
     ethernet eth2 {
         duplex auto
         hw-id 08:00:27:8c:27:04
         smp-affinity auto
         speed auto
     }
     loopback lo {
     }
 }
 service {
     ssh {
     }
 }
 system {
     config-management {
         commit-revisions 100
     }
     console {
         device ttyS0 {
             speed 9600
         }
     }
     host-name test-01
     login {
         user vyos {
             authentication {
                 encrypted-password $6$7X4XbQJ2xVMZ8$NmISPmyC1f88cIfcKig01pkjePNTVeeWwULrHgich6wB0A1TH/b31Jywpsde8Mv4/B8Qa5CxFM.rlXmfOQT0Z0
                 plaintext-password ""
             }
             level admin
         }
     }
     name-server 1.1.1.1
     ntp {
         server 0.pool.ntp.org {
         }
         server 1.pool.ntp.org {
         }
         server 2.pool.ntp.org {
         }
     }
     syslog {
         global {
             facility all {
                 level info
             }
             facility protocols {
                 level debug
             }
         }
     }
     time-zone UTC
 }
Feb 13 2019, 6:02 PM · VyOS 1.2 Crux (VyOS 1.2.1)
hagbard added a comment to T1051: Update openvpn to support TLS 1.2.

@thinkl33t Please test the latest rolling which has openvpn2.4 installed.

Feb 13 2019, 4:20 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA

Feb 11 2019

yun added a comment to T1001: show config commands - breaks when using backslashes in values.

Just to add extra info to this ticket, I had a openvpn-option that i wanted to add but it contained a single quote. I was not able to do this (in version 1.8.x this worked).

Feb 11 2019, 12:32 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc10)
yun added a comment to T894: DHCP not renewed after switching network.

I was not able to test sooner. But i confirmed it works properly with rolling release vyos-1.2.0-rolling+201902060337-amd64.

Feb 11 2019, 12:20 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)

Feb 8 2019

c-po changed the status of T171: Unable to delete a firewall fule from Open to Needs testing.
Feb 8 2019, 6:37 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc7)
c-po added a comment to T171: Unable to delete a firewall fule.

Handled in/with T484, hopefully

Feb 8 2019, 6:36 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc7)
c-po reopened T171: Unable to delete a firewall fule as Open by committing Restricted Diffusion Commit.
Feb 8 2019, 6:27 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc7)
syncer closed T739: flow-accounting stops as Resolved.
Feb 8 2019, 12:07 AM · VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA, pmacct
syncer edited projects for T739: flow-accounting stops, added: VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA); removed VyOS 1.2 Crux (VyOS 1.2.0-EPA3).
Feb 8 2019, 12:06 AM · VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA, pmacct
syncer changed the status of T685: Python environment lacks definition of vyos_libexec_dir when calling os.system(), a subtask of T652: Rewrite service snmp in new style XML interface definition, from Open to In progress.
Feb 8 2019, 12:03 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)

Feb 7 2019

hagbard added a comment to T1051: Update openvpn to support TLS 1.2.

@thinkl33t Can you please test?

Feb 7 2019, 11:46 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA
syncer closed T961: Does not seem to work with 4 port XL710 Intel NIC's. I believe needs drivers as Resolved.
Feb 7 2019, 11:29 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)
syncer edited projects for T961: Does not seem to work with 4 port XL710 Intel NIC's. I believe needs drivers, added: VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA; removed VyOS 1.2 Crux (VyOS 1.2.0-EPA3).
Feb 7 2019, 11:29 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)
syncer moved T977: Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-GA) board.
Feb 7 2019, 11:26 PM · VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA
syncer edited projects for T977: Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x, added: VyOS 1.2 Crux (VyOS 1.2.0-GA); removed VyOS 1.2 Crux (VyOS 1.2.0-EPA3).
Feb 7 2019, 11:26 PM · VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA
syncer moved T977: Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-EPA3) board.
Feb 7 2019, 11:26 PM · VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA
syncer closed T977: Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x as Resolved.
Feb 7 2019, 11:26 PM · VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA
syncer edited projects for T1169: LLDP potentially broken, added: VyOS 1.2 Crux (VyOS 1.2.2); removed VyOS 1.2 Crux (VyOS 1.2.0-GA).
Feb 7 2019, 11:20 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus

Feb 5 2019

syncer closed T567: support for Nutanix AHV as Resolved.
Feb 5 2019, 2:31 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA), Nutanix
syncer closed T1077: show: vpn ike sa & vpn debug don't show all tunnels setup as Resolved.
Feb 5 2019, 2:26 PM · VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA
syncer closed T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups as Resolved.
Feb 5 2019, 2:14 PM · VyOS 1.3 Equuleus
syncer edited projects for T1051: Update openvpn to support TLS 1.2, added: VyOS 1.2 Crux (VyOS 1.2.2); removed VyOS 1.2 Crux (VyOS 1.2.0-GA).
Feb 5 2019, 2:13 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA

Feb 4 2019

rps added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

My fault for not having the time to test this as one of the users who has a need for RFC compliant VRRP. The use of + for interface matching is less than ideal but if we do so we should take care to recommend that use of 802.1Q VLAN sub-interfaces not make use of the parent (untagged) interface else traffic matching will not be obvious.

Feb 4 2019, 8:35 PM · VyOS 1.3 Equuleus

Feb 2 2019

dsummers added a comment to T1051: Update openvpn to support TLS 1.2.

Does this mean it can now listen on "outer" transport IPv6 addresses now that it is using 2.4.0 (even if it is just a special "option" and not yet in the VyOS CLI)?

Feb 2 2019, 5:54 AM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA

Feb 1 2019

dmbaturin added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

@jmlccdmd Ok, I'll re-test with in/out then.

Feb 1 2019, 2:13 AM · VyOS 1.3 Equuleus

Jan 31 2019

hagbard changed the status of T1051: Update openvpn to support TLS 1.2 from Open to Needs testing.

@thinkl33t Would you mind testing your use case with https://downloads.vyos.io/rolling/current/amd64/vyos-1.2.0-rolling%2B201901312041-amd64.iso or later? This iso is using the bpo package of openvpn (2.4.0).

Jan 31 2019, 8:14 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA
hagbard added a comment to T1051: Update openvpn to support TLS 1.2.

@thinkl33t http://dev.packages.vyos.net/repositories/current/vyos/pool/main/o/openvpn/openvpn_2.4.0-6+deb9u1~bpo8+1_amd64.deb

Jan 31 2019, 7:41 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA

Jan 30 2019

hagbard added a comment to T1051: Update openvpn to support TLS 1.2.

@c-po imported and test against latest rolling, I couldn't find any issue with 2.4.

Jan 30 2019, 8:15 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA
hagbard added a comment to T1051: Update openvpn to support TLS 1.2.

@c-po it only affects clients which enforce tls 1.0 or 1.1, at least what I have tested. The perl code needs quite some rework, so I think I split the task into getting a newer release of openvpn into the build. Newer versions have tls 1.0 and 1.1 disabled per default from what I have read, so I think it might be more a changelog announcement that with the new version only tls 1.2 is automatically supported and you have the option to enable weak ciphers via opt .... or so. I'm not too sure yet, I think I have to wait a little on the response once the newer version is in rolling and the feedback I receive.

Jan 30 2019, 6:06 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA
jmlccdmd added a comment to T1193: libvyosconfig parser cannot handle top level leaf and tag nodes.

I confirm that in yesterday's rolling image, the problem is corrected.

Jan 30 2019, 2:18 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)
jmlccdmd reopened T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups as "Open".

I reopen this bug.

Jan 30 2019, 1:24 PM · VyOS 1.3 Equuleus
c-po added a comment to T1051: Update openvpn to support TLS 1.2.

Sounds more reasonable (enable than disable). Will this affect backwards compatibility or will there be a migrator?

Jan 30 2019, 5:18 AM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA

Jan 29 2019

hagbard added a comment to T1051: Update openvpn to support TLS 1.2.
In T1051#27092, @c-po wrote:

set interfaces openvpn vtun0 disable-weak-tls-ciphers

Jan 29 2019, 6:32 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS-1.2.0-GA
jmlccdmd changed the status of T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups from Resolved to Wontfix.

On my systems, the problem persist with today's rolling release.

Jan 29 2019, 5:21 PM · VyOS 1.3 Equuleus