summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Göhler <github@ghlr.de>2024-03-18 22:35:13 +0100
committerGitHub <noreply@github.com>2024-03-18 22:35:13 +0100
commitc4728f717b37f9d291a50dc7ea21f26cd5af2ffb (patch)
tree35a8a0f6c50c54fc3ab6c5afa33691a84aa0f3bc
parent6eca94082b4cc0b4306890a1855daeaaf503d2ec (diff)
parenta10ae6117f559595881c4d187e780fdf6587fec6 (diff)
downloadvyos-documentation-c4728f717b37f9d291a50dc7ea21f26cd5af2ffb.tar.gz
vyos-documentation-c4728f717b37f9d291a50dc7ea21f26cd5af2ffb.zip
Merge pull request #1334 from vyos/update-dependencies-sagitta
Github: update sagitta branch
m---------docs/_include/vyos-1x0
-rw-r--r--docs/changelog/1.3.rst318
-rw-r--r--docs/changelog/1.4.rst458
3 files changed, 765 insertions, 11 deletions
diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x
-Subproject f1fe8df14abef2add43d8422160322d31d7e286
+Subproject 20e08490e0a2c84c4925400c51fa9eb05f96f5b
diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst
index 52b7d2f3..9eff1c52 100644
--- a/docs/changelog/1.3.rst
+++ b/docs/changelog/1.3.rst
@@ -8,6 +8,308 @@
_ext/releasenotes.py
+2024-03-11
+==========
+
+* :vytask:`T2998` ``(bug): SNMP v3 oid "exclude" option doesn't work``
+* :vytask:`T6096` ``(bug): Config commits are not synced properly because 00vyos-sync is deleted by vyos-router``
+* :vytask:`T6057` ``(feature): Add ability to disable syslog for conntrackd``
+* :vytask:`T5504` ``(feature): Keepalived VRRP ability to set more than one peer-address``
+
+
+2024-03-07
+==========
+
+* :vytask:`T3992` ``(bug): Traceback on adding interface to bridge with configured ip address``
+
+
+2024-03-06
+==========
+
+* :vytask:`T6088` ``(bug): Configuration corrupted after saving and powercut or force reboot``
+
+
+2024-02-16
+==========
+
+* :vytask:`T2113` ``(bug): OpenVPN Options error: you cannot use --verify-x509-name with --compat-names or --no-name-remapping``
+* :vytask:`T5418` ``(bug): PPPoE-Server Client IP pool Subnet``
+
+
+2024-02-15
+==========
+
+* :vytask:`T2612` ``(bug): HTTPS API, changing API key fails but goes through``
+* :vytask:`T656` ``(enhancment): Rewrite wirelessmodem in new style XML interface definition``
+
+
+2024-02-14
+==========
+
+* :vytask:`T2044` ``(bug): RPKI doesn't boot properly``
+
+
+2024-02-08
+==========
+
+* :vytask:`T6014` ``(feature): Bump keepalived version``
+
+
+2024-02-07
+==========
+
+* :vytask:`T6017` ``(bug): Update vyos-http-api-tools for security advisory``
+
+
+2024-02-02
+==========
+
+* :vytask:`T5914` ``(bug): CVE-2023-48795 - Terrapin vulnerability``
+* :vytask:`T5739` ``(bug): Password recovery does not work if public keys are configured``
+
+
+2024-02-01
+==========
+
+* :vytask:`T5967` ``(bug): Multi-hop BFD connections can't be established; please add minimum-ttl option.``
+
+
+2024-01-22
+==========
+
+* :vytask:`T4721` ``(feature): Static IPv6 Route Tags Missing``
+
+
+2024-01-20
+==========
+
+* :vytask:`T5187` ``(bug): Update Realtek r8152 driver``
+* :vytask:`T5182` ``(bug): Update Intel ice driver``
+* :vytask:`T5180` ``(bug): initramfs-tools ignores firmware from updates directory``
+* :vytask:`T4990` ``(bug): Commit results may not be properly saved if power is cut immediately after a successful commit``
+* :vytask:`T4039` ``(feature): Rsyslog to use 'protocol23format' for protocol UDP``
+* :vytask:`T3813` ``(bug): Some custom sysctl parameters can't be applied bug``
+* :vytask:`T2579` ``(feature): The root task for VRF features``
+* :vytask:`T2546` ``(feature): The root task for rewriting [op-mode] to XML``
+* :vytask:`T2452` ``(default): Serial console related issues``
+
+
+2024-01-19
+==========
+
+* :vytask:`T5543` ``(bug): Fix source address handling in static joins``
+
+
+2024-01-14
+==========
+
+* :vytask:`T5715` ``(bug): IPSec VPN: restart vpn is not working``
+
+
+2024-01-13
+==========
+
+* :vytask:`T5924` ``(bug): Build cannot pass the smoketest dialup-router-medium-vpn``
+
+
+2024-01-11
+==========
+
+* :vytask:`T5275` ``(default): Add op mode commands for exporting certificates to PEM files with correct headers``
+* :vytask:`T5274` ``(default): Add a deprecation warning for OpenVPN site-to-site with pre-shared secret``
+* :vytask:`T3191` ``(bug): PAM RADIUS freezing when accounting does not configured on RADIUS server``
+
+
+2024-01-10
+==========
+
+* :vytask:`T4646` ``(bug): USB serial output console does not work``
+* :vytask:`T4466` ``(bug): intel i225-v nic does not detect link after boot``
+* :vytask:`T4222` ``(feature): Support for TWAMP as round-trip metric``
+* :vytask:`T1369` ``(bug): GCP Networking Failure``
+
+
+2024-01-09
+==========
+
+* :vytask:`T3242` ``(bug): PPPoE Server overhead on virtual interfaces creation``
+* :vytask:`T2755` ``(default): Requirements for partial interface setup``
+* :vytask:`T2494` ``(bug): systemd dependencies issues``
+* :vytask:`T2343` ``(feature): Disable memory ballooning in VM templates``
+* :vytask:`T2254` ``(default): Provide more information on the build branch in the version data``
+* :vytask:`T2223` ``(feature): convert operational show interfaces to python/XML``
+* :vytask:`T1925` ``(bug): DMVPN is always listed as down in "show vpn ipsec sa"``
+* :vytask:`T1297` ``(feature): Add GARP settings to VRRP/keepalived``
+
+
+2024-01-08
+==========
+
+* :vytask:`T5318` ``(bug): Security Vulnerabilities for VyOS 1.3.3``
+* :vytask:`T3980` ``(bug): vrrp transition-script validator makes warning fatal and also causes a python NameError exception``
+* :vytask:`T2799` ``(feature): VyOS Certificates Manager``
+
+
+2023-12-29
+==========
+
+* :vytask:`T5852` ``(bug): Reboots fail with eapol WAN interface``
+
+
+2023-12-22
+==========
+
+* :vytask:`T4760` ``(bug): VyOS does not support running multiple instances of DHCPv6 clients``
+
+
+2023-12-21
+==========
+
+* :vytask:`T5714` ``(bug): IPSec VPN: op-mode: "show log vpn" does not show results``
+* :vytask:`T3039` ``(feature): Resize a root partition and filesystem automatically during deployment in virtual environments``
+* :vytask:`T2404` ``(bug): Cannot change MTU``
+* :vytask:`T2353` ``(bug): Interface [conf_mode] errors parent task``
+* :vytask:`T5796` ``(bug): Openconnect - HTTPS security headers are missing``
+
+
+2023-12-19
+==========
+
+* :vytask:`T2116` ``(feature): Processing configuration via Cloud-init User-Data``
+
+
+2023-12-18
+==========
+
+* :vytask:`T2191` ``(feature): Using tallow to block sshd probes``
+
+
+2023-12-15
+==========
+
+* :vytask:`T5824` ``(bug): busybox cannot connect some websites from initramfs``
+
+
+2023-12-12
+==========
+
+* :vytask:`T5817` ``(bug): Show openvpn server fails in some cases``
+* :vytask:`T5413` ``(default): Deny the opportunity to use one public/private key pair on both wireguard peers.``
+
+
+2023-11-30
+==========
+
+* :vytask:`T4601` ``(bug): dhcp : relay agent IP address issue.``
+
+
+2023-11-28
+==========
+
+* :vytask:`T5777` ``(bug): frr: backport and upstream recent bgpd daemon crashes``
+
+
+2023-11-27
+==========
+
+* :vytask:`T5763` ``(bug): Fix imprecise check for remote file name in vyos-load-config.py``
+
+
+2023-11-25
+==========
+
+* :vytask:`T5655` ``(bug): commit-archive: Ctrl+C should not eror out with stack trace, signal should be cought``
+
+
+2023-11-24
+==========
+
+* :vytask:`T5402` ``(bug): VRRP router with rfc3768-compatibility sends multiple ARP replies``
+
+
+2023-11-22
+==========
+
+* :vytask:`T5578` ``(bug): "ikev2-reauth" description contains outdated information``
+
+
+2023-11-15
+==========
+
+* :vytask:`T5661` ``(enhancment): Add show show ssh dynamic-protection attacker and show log ssh dynamic-protection``
+* :vytask:`T1276` ``(bug): dhcp relay + VLAN fails``
+
+
+2023-11-07
+==========
+
+* :vytask:`T5586` ``(feature): Disable by default SNMP for Keepalived VRRP``
+
+
+2023-11-06
+==========
+
+* :vytask:`T4269` ``(feature): node.def generator should automatically add default values``
+
+
+2023-10-26
+==========
+
+* :vytask:`T5684` ``(bug): services using VRF generates the error "Failed to load BPF prog: 'Operation not permitted'" when the system boots.``
+* :vytask:`T5594` ``(bug): VRRP - Error if using IPv6 Link Local as hello source address``
+
+
+2023-10-21
+==========
+
+* :vytask:`T5670` ``(bug): bridge: missing member interface validator``
+* :vytask:`T5191` ``(default): Replace underscores with hyphens in command-line options generated by vyos.opmode``
+* :vytask:`T4402` ``(bug): OpenVPN client-ip-pool option is broken``
+* :vytask:`T2719` ``(feature): Standardized op mode script structure``
+
+
+2023-10-19
+==========
+
+* :vytask:`T5669` ``(bug): VXLAN interface changing port does not work``
+
+
+2023-10-17
+==========
+
+* :vytask:`T5235` ``(bug): SSH keys with special characters cannot be applied via Cloud-init``
+
+
+2023-10-08
+==========
+
+* :vytask:`T5630` ``(feature): pppoe: allow to specify MRU in addition to already configurable MTU``
+
+
+2023-10-06
+==========
+
+* :vytask:`T5576` ``(feature): Add bgp remove-private-as all option``
+
+
+2023-10-04
+==========
+
+* :vytask:`T5632` ``(feature): Add jq package to parse JSON files``
+
+
+2023-09-25
+==========
+
+* :vytask:`T5533` ``(bug): Keepalived VRRP IPv6 group enters in FAULT state``
+
+
+2023-09-20
+==========
+
+* :vytask:`T5271` ``(default): Add support for peer-fingerprint to OpenVPN``
+
+
2023-09-11
==========
@@ -51,7 +353,7 @@
* :vytask:`T4874` ``(default): Add Warning message to Equuleus``
* :vytask:`T4855` ``(bug): Trying to create more than one tunnel of the same type to the same address causes unhandled exception``
* :vytask:`T4776` ``(bug): NVME storage is not detected properly during installation``
-* :vytask:`T3546` ``(feature): Add pppoe-server CLI custom script feature``
+* :vytask:`T3546` ``(feature): Add support for running scripts on PPPoE server session events``
* :vytask:`T738` ``(feature): Add local-port and resolver port options for powerdns in CLI configuration tree``
@@ -77,7 +379,6 @@
* :vytask:`T3940` ``(bug): DHCP client does not remove IP address when stopped by the 02-vyos-stopdhclient hook``
* :vytask:`T3713` ``(default): Create a meta-package for user utilities``
* :vytask:`T3339` ``(bug): Cloud-Init domain search setting not applied``
-* :vytask:`T3144` ``(feature): Support op-mode command to release DHCP leases``
* :vytask:`T2640` ``(feature): Running VyOS inside Docker containers``
* :vytask:`T3577` ``(bug): Generating vpn x509 key pair fails with command not found``
@@ -200,12 +501,6 @@
* :vytask:`T5313` ``(bug): UDP broadcast relay - missing verify() that relay interfaces have an IP address assigned``
-2023-06-28
-==========
-
-* :vytask:`T1237` ``(feature): Static Route Path Monitoring, failover``
-
-
2023-06-26
==========
@@ -225,6 +520,12 @@
* :vytask:`T5280` ``(bug): Update Expired keys (2023-06-08) for PowerDNS``
+2023-06-13
+==========
+
+* :vytask:`T5213` ``(feature): Accel-ppp sending accounting interim updates acct-interim-interval option``
+
+
2023-05-29
==========
@@ -1830,7 +2131,6 @@
==========
* :vytask:`T3682` ``(bug): Remove running dhclient from ether-resume.py``
-* :vytask:`T3681` ``(default): The VMware Tools resume script did not run successfully in this virtual machine.``
2021-08-20
diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst
index 1b9b09a0..f688d251 100644
--- a/docs/changelog/1.4.rst
+++ b/docs/changelog/1.4.rst
@@ -8,6 +8,462 @@
_ext/releasenotes.py
+2024-03-15
+==========
+
+* :vytask:`T6118` ``(feature): radvd: RFC8781: add nat64prefix support``
+
+
+2024-03-12
+==========
+
+* :vytask:`T6020` ``(bug): VRRP health-check script is not applied correctly in keepalived.conf``
+* :vytask:`T5646` ``(bug): QoS policy limiter broken if class without match``
+* :vytask:`T2433` ``(feature): Improve CLI value validator performance``
+* :vytask:`T1436` ``(bug): Config entries with default values do not correctly show as changed``
+
+
+2024-03-11
+==========
+
+* :vytask:`T6098` ``(bug): Description doesnt seem to allow for non international characters``
+* :vytask:`T6070` ``(bug): bnx2x NIC causes a commit error due to incorrect implementation of EEE status reading``
+* :vytask:`T2998` ``(bug): SNMP v3 oid "exclude" option doesn't work``
+* :vytask:`T6107` ``(bug): Nginx does not allow big config queries for configure endpoint API``
+* :vytask:`T6096` ``(bug): Config commits are not synced properly because 00vyos-sync is deleted by vyos-router``
+* :vytask:`T6093` ``(bug): Incorrect dhcp-options vendor-class-id regex``
+* :vytask:`T6083` ``(feature): ethtool: move string parsing to JSON parsing``
+* :vytask:`T6069` ``(bug): HTTP API segfault during concurrent configuration requests``
+* :vytask:`T6057` ``(feature): Add ability to disable syslog for conntrackd``
+* :vytask:`T5504` ``(feature): Keepalived VRRP ability to set more than one peer-address``
+* :vytask:`T5717` ``(feature): ospfv3 - add allow to set metric-type to ospf redistribution while frr docs says its possible.``
+* :vytask:`T6071` ``(bug): firewall: CLI description limit of 256 characters cause config upgrade issues``
+
+
+2024-03-08
+==========
+
+* :vytask:`T6086` ``(bug): NAT does not work with network-groups``
+* :vytask:`T6094` ``(bug): Destination Nat not Making Firewall Rules``
+* :vytask:`T6061` ``(bug): connection-status nat destination firewall filter not working in 1.4.0-epa1``
+* :vytask:`T6075` ``(bug): Applying firewall rules with a non-existent interface group``
+
+
+2024-03-07
+==========
+
+* :vytask:`T6104` ``(bug): Regression in commit-archive for non-interactive configuration``
+* :vytask:`T6084` ``(bug): OpenNHRP DMVPN configuration file clean after reboot if we have any IPSec configuration``
+* :vytask:`T5348` ``(bug): Service config-sync can freeze the secondary router if it has commit-archive location``
+* :vytask:`T6073` ``(bug): Conntrack/NAT not being disabled when VRFs are defined``
+* :vytask:`T6095` ``(default): Tab completion for "set interfaces wireless wlan0 country-code" incorrect country "uk"``
+
+
+2024-03-06
+==========
+
+* :vytask:`T6079` ``(bug): dhcp: migration fails for duplicate static-mapping``
+
+
+2024-03-05
+==========
+
+* :vytask:`T5903` ``(bug): NHRP don´t start on reboot from version 1.5-rolling-202401010026``
+* :vytask:`T2447` ``(feature): Additional Boot Argument Configuration to limit CPU C-States``
+
+
+2024-03-04
+==========
+
+* :vytask:`T6054` ``(bug): load-balancing wan - doesn't configure a list of ports``
+* :vytask:`T6087` ``(feature): ospfv3: add support to redistribute IS-IS routes``
+
+
+2024-03-02
+==========
+
+* :vytask:`T6081` ``(bug): QoS policy shaper target and interval wrong calcuations``
+
+
+2024-02-29
+==========
+
+* :vytask:`T6078` ``(feature): Update ethtool to 6.6``
+* :vytask:`T6077` ``(feature): banner: implement ASCII contest winner default logo``
+* :vytask:`T6074` ``(feature): container: do not allow deleting images which have a container running``
+
+
+2024-02-28
+==========
+
+* :vytask:`T6055` ``(bug): PKI error: "failed to install x value" when executed the command from conf mode``
+* :vytask:`T4270` ``(bug): dns forwarding - When "ignore-hosts-file" is unset, local hostname of router resolves to 127.0.1.1``
+
+
+2024-02-27
+==========
+
+* :vytask:`T6065` ``(bug): Duplicate lines in build-vyos-image script cause sagitta build to fail``
+* :vytask:`T5080` ``(bug): Conntrack enabled by default``
+
+
+2024-02-26
+==========
+
+* :vytask:`T6064` ``(bug): Can not build VyOS if repository it not cloned to a branch``
+* :vytask:`T5754` ``(default): Update to StrongSwan 5.9.11``
+
+
+2024-02-25
+==========
+
+* :vytask:`T6060` ``(feature): op-mode: container: support removing all container images at once``
+
+
+2024-02-24
+==========
+
+* :vytask:`T5909` ``(bug): Container registry with authentication prevents config load (section container) after reboot``
+
+
+2024-02-23
+==========
+
+* :vytask:`T5376` ``(bug): Conntrack FTP helper does not work properly``
+* :vytask:`T970` ``(feature): Hostname Support in NAT and Firewall Rules``
+* :vytask:`T4940` ``(feature): Interface debugging``
+
+
+2024-02-22
+==========
+
+* :vytask:`T6048` ``(bug): Exception in event handler script``
+* :vytask:`T3902` ``(bug): Firewall does not load on boot, address-group not found, even though it exists``
+
+
+2024-02-21
+==========
+
+* :vytask:`T6050` ``(bug): Wrong scripting commands descriptions in accel-ppp services``
+
+
+2024-02-19
+==========
+
+* :vytask:`T5971` ``(default): Create the same view of ppp section for all accel-ppp services``
+* :vytask:`T6029` ``(default): Rewrite Accel-PPP services to an identical feature set``
+* :vytask:`T3722` ``(bug): op-mode IPSec show vpn ike sa always shows L-TIME 0``
+
+
+2024-02-18
+==========
+
+* :vytask:`T6043` ``(bug): VxLAN and bridge error bug``
+* :vytask:`T6041` ``(bug): image-tools: install fails from PXE boot into live iso due to restrictive logic``
+
+
+2024-02-17
+==========
+
+* :vytask:`T5972` ``(feature): login: add possibility to disable individual local user accounts``
+
+
+2024-02-16
+==========
+
+* :vytask:`T6009` ``(bug): Firewall - Time not working properly when not using UTC``
+* :vytask:`T6005` ``(bug): Error on adding a wireguard interface to OSPFv3``
+* :vytask:`T2113` ``(bug): OpenVPN Options error: you cannot use --verify-x509-name with --compat-names or --no-name-remapping``
+* :vytask:`T6019` ``(feature): Bump nftables and libnftnl version``
+* :vytask:`T3471` ``(bug): DHCP hook is not able to detect all running DHCP instances``
+* :vytask:`T6015` ``(default): "journalctl_charon" file does not contain data in the generated "ipsec debug-archive" file``
+* :vytask:`T6001` ``(default): Add option to enable resolve-via-default``
+* :vytask:`T5965` ``(bug): WWAN modems using raw-ip do not work with dhclient/dhcp6c``
+* :vytask:`T5418` ``(bug): PPPoE-Server Client IP pool Subnet``
+* :vytask:`T5245` ``(bug): Wireless interfaces do not get IPv6 link-local address assigned``
+
+
+2024-02-15
+==========
+
+* :vytask:`T5977` ``(bug): nftables: Operation not supported when using match-ipsec in outbound firewall``
+* :vytask:`T2612` ``(bug): HTTPS API, changing API key fails but goes through``
+* :vytask:`T5989` ``(bug): IP subnets not usable in UPnP ACLs``
+* :vytask:`T5890` ``(default): OTP key generation is broken``
+* :vytask:`T5719` ``(default): mdns repeater: Add op-mode commands``
+* :vytask:`T4839` ``(feature): Dynamic Firewall groups``
+* :vytask:`T4801` ``(feature): Support for building AWS-ready ISO``
+* :vytask:`T3993` ``(enhancment): Extend HTTP API GraphQL support``
+* :vytask:`T3991` ``(bug): PKI operational command return traceback``
+* :vytask:`T3780` ``(bug): VTI not being brought down when tunnel is down``
+* :vytask:`T3001` ``(feature): Disable spectre mitigation patches from CLI``
+* :vytask:`T562` ``(feature): PDNS: Add support for authoritative dns server``
+* :vytask:`T71` ``(feature): Add virtual IP and route installation policy options for IPsec``
+* :vytask:`T5496` ``(default): `show firewall` error``
+* :vytask:`T4038` ``(default): Rewrite `vyatta-image-tools.pl` in Python``
+* :vytask:`T4997` ``(default): Add DHCP client user hooks dir``
+* :vytask:`T775` ``(feature): Config Sync between two VyOS routers``
+* :vytask:`T381` ``(feature): config nodes for EasyRSA CAs``
+* :vytask:`T118` ``(feature): Native Zabbix Support``
+
+
+2024-02-14
+==========
+
+* :vytask:`T6034` ``(feature): rpki: move file based SSH keys for authentication to PKI subsystem``
+* :vytask:`T5981` ``(bug): IPsec site-to-site migrated PKI ca certificates are created with an '@'``
+* :vytask:`T5930` ``(bug): vrf - route-leak not work using route-target both command.``
+* :vytask:`T5709` ``(bug): IPoE-server fails if next pool mentioned but not defined``
+* :vytask:`T4119` ``(bug): Issue with l2tp remote-access ipv6 configuration``
+* :vytask:`T2044` ``(bug): RPKI doesn't boot properly``
+* :vytask:`T6032` ``(feature): bgp: add EVPN MAC-VRF Site-of-Origin support``
+* :vytask:`T5960` ``(default): Rewriting authentication section in accel-ppp services``
+
+
+2024-02-13
+==========
+
+* :vytask:`T5928` ``(bug): Configuration fails to load on boot if offloading has VLAN interfaces defined``
+* :vytask:`T5482` ``(bug): Chrony NTP Server Fails To Sync Time``
+* :vytask:`T5064` ``(bug): Value validation for domain-groups seems to be broken``
+
+
+2024-02-12
+==========
+
+* :vytask:`T6010` ``(bug): Support setting multiple values in BGP path-attribute``
+* :vytask:`T6004` ``(bug): RPKI is not configured``
+* :vytask:`T5952` ``(default): DHCP allow same MAC Address on same subnet``
+* :vytask:`T5849` ``(feature): Add SRv6 route commands``
+
+
+2024-02-10
+==========
+
+* :vytask:`T6023` ``(bug): rpki: add support for CLI knobs expire-interval and retry-interval``
+* :vytask:`T1090` ``(default): Webproxy overhaul``
+
+
+2024-02-09
+==========
+
+* :vytask:`T6028` ``(bug): QoS policy shaper wrong class_id_max and default_minor_id``
+* :vytask:`T6026` ``(bug): QoS hide attempts to delete qdisc from devices``
+* :vytask:`T5788` ``(feature): frr: update to 9.1 release``
+* :vytask:`T5703` ``(bug): QoS config on pppoe interface resets back to fq_codel after tunnel reboots``
+* :vytask:`T5685` ``(feature): Keepalived VRRP prefix is not necessary for the virtual address``
+
+
+2024-02-08
+==========
+
+* :vytask:`T6014` ``(feature): Bump keepalived version``
+* :vytask:`T5910` ``(bug): Grub problem(?) Serial Console no longer working``
+* :vytask:`T6021` ``(bug): QoS r2q wrong calculation``
+
+
+2024-02-07
+==========
+
+* :vytask:`T6017` ``(bug): Update vyos-http-api-tools for security advisory``
+* :vytask:`T6016` ``(bug): Resolve intermittent failures in cleanup function after failed image install``
+* :vytask:`T6024` ``(feature): bgp: add additional missing FRR features``
+* :vytask:`T6011` ``(feature): rpki: known-hosts-file is no longer supported by FRR CLI - remove VyOS CLI node``
+* :vytask:`T5998` ``(feature): replay_window setting under vpn in config``
+
+
+2024-02-06
+==========
+
+* :vytask:`T6018` ``(default): smoketest: updating http-api framework requires a pause before test``
+* :vytask:`T5921` ``(bug): Trying to commit an OpenConnect configuration without any local users results in an exception``
+* :vytask:`T5687` ``(feature): Implement ECS settings for PowerDNS recursor``
+
+
+2024-02-05
+==========
+
+* :vytask:`T5974` ``(bug): QoS policy shaper is currently miscalculating bandwidth and ceil values for the default class``
+* :vytask:`T5865` ``(feature): Rewrite ipv6 pool section to ipv6 named pools in Accel-ppp services``
+
+
+2024-02-02
+==========
+
+* :vytask:`T5739` ``(bug): Password recovery does not work if public keys are configured``
+* :vytask:`T5955` ``(feature): Rootless containers/set uid/gid for container``
+* :vytask:`T5941` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] Orphaned Configuration Nodes Cause Issues``
+* :vytask:`T6003` ``(feature): Add 'show rpki as-number' and 'show rpki prefix'``
+* :vytask:`T5848` ``(feature): Add triple-isolate flow isolation option to CAKE QoS policy``
+
+
+2024-02-01
+==========
+
+* :vytask:`T5995` ``(bug): Kernel NIC-drivers for Huawei NICs are not properly enabled``
+* :vytask:`T5978` ``(bug): ethernet: hw-tc-offload does not actually get enabled on the NIC``
+* :vytask:`T5979` ``(enhancment): Add configurable kernel boot parameters``
+* :vytask:`T5973` ``(bug): vrf: RTNETLINK answers: File exists``
+* :vytask:`T5967` ``(bug): Multi-hop BFD connections can't be established; please add minimum-ttl option.``
+* :vytask:`T5619` ``(default): Update the Intel ixgbe driver due to issues with Intel X533``
+
+
+2024-01-31
+==========
+
+* :vytask:`T6000` ``(bug): [1.3.x -> 1.5.x] migrating threw exception in /opt/vyatta/etc/config-migrate/migrate/https/5-to-6, performed workaround``
+* :vytask:`T5999` ``(bug): load-balancing reverse-proxy can't configure root as a redirect``
+
+
+2024-01-30
+==========
+
+* :vytask:`T5980` ``(feature): Add image-tools support for configurable kernel boot options``
+
+
+2024-01-29
+==========
+
+* :vytask:`T5988` ``(bug): image-tools: a check of valid image name is missing from 'add image'``
+* :vytask:`T5994` ``(bug): Fix typo in 'remote' module preventing 'add system image' via ftp``
+
+
+2024-01-26
+==========
+
+* :vytask:`T5957` ``(bug): Firewall fails to delete inbound-interface name``
+* :vytask:`T5779` ``(bug): custom conntrack timeout rule not applicable``
+* :vytask:`T5984` ``(feature): Add user util numactl``
+
+
+2024-01-25
+==========
+
+* :vytask:`T5983` ``(bug): image-tools: minor regression in pruning version files in compatibility mode``
+* :vytask:`T5927` ``(bug): QoS policy shaper-hfsc class does not have a `bandwidth` node but requires one in the check``
+* :vytask:`T5834` ``(bug): Rename 'enable-default-log' to 'default-log'``
+
+
+2024-01-22
+==========
+
+* :vytask:`T5968` ``(feature): hsflowd: add VRF support``
+* :vytask:`T5975` ``(bug): GraphQL expects script otp.py that does not exists in 1.4``
+* :vytask:`T5961` ``(bug): QoS policy shaper vif with ceiling fails on commit``
+* :vytask:`T5958` ``(bug): QoS policy shaper-hfsc is not implemented``
+* :vytask:`T5160` ``(feature): Firewall refactor``
+* :vytask:`T5969` ``(feature): op-mode: list multicast group membership``
+
+
+2024-01-21
+==========
+
+* :vytask:`T5799` ``(bug): vyos unbootable after 1.4-rolling-202308240020 to 1.5-rolling-202312010026 upgrade``
+* :vytask:`T5787` ``(bug): dhcp-server allows duplicate static-mapping for the same IP address``
+* :vytask:`T5692` ``(enhancment): NTP leap smear``
+* :vytask:`T5954` ``(feature): Enable nvme_hwmon and drivetemp in KERNEL``
+
+
+2024-01-20
+==========
+
+* :vytask:`T5915` ``(bug): Firewall zone - Re add op-mode commands``
+* :vytask:`T5805` ``(bug): Missed per-interface statistic in telegraf``
+* :vytask:`T5724` ``(feature): About dhcp client hooks``
+* :vytask:`T5577` ``(bug): Optimize PAM configs for RADIUS/TACACS+``
+* :vytask:`T5550` ``(bug): Source validation on interface does not work properly``
+* :vytask:`T5267` ``(bug): Another corruption on upgrade``
+* :vytask:`T5239` ``(bug): frr 'hostname' missing or incorrect, and domain-name missing totally``
+* :vytask:`T5219` ``(bug): ddclient: Cloudflare doesn't require login``
+* :vytask:`T5217` ``(feature): Add firewall SYNPROXY``
+* :vytask:`T5203` ``(feature): load-balancing wan add systemd unit instead of old vyatta-wanloadbalance.init``
+* :vytask:`T5199` ``(bug): Salt-minion cannot connect to server in python 3.10 and up``
+* :vytask:`T5138` ``(feature): Add patch to accel-ppp build L2TP LNS use Calling-Number as RADIUS Calling-Station-ID``
+* :vytask:`T5054` ``(bug): ipsec: "show vpn ipsec remote-access" does not list active connections``
+* :vytask:`T5053` ``(bug): Vyatta-cfg Post-Removal Hook Tries to Disable Deleted Service``
+* :vytask:`T5035` ``(feature): Add more actions to policy route rule``
+* :vytask:`T4990` ``(bug): Commit results may not be properly saved if power is cut immediately after a successful commit``
+* :vytask:`T4988` ``(default): Expose time and size conversion functions as Jinja2 filters``
+* :vytask:`T4986` ``(feature): Ability to filter traffic originating from the router itself via firewall``
+* :vytask:`T4963` ``(default): vyos.ethtool: improve/fix driver name detection``
+* :vytask:`T4935` ``(bug): ospfv3: "not-advertise" and "advertise" conflict``
+* :vytask:`T4897` ``(bug): Setting 'source-address' or `source-interface` on existing vxlan interface doesn't work``
+* :vytask:`T4888` ``(default): Rewrite the conntrack sync script using vyos.opmode``
+* :vytask:`T4863` ``(feature): need an option for route policy to apply to dynamic interfaces l2tp*/ipoe*/pppoe* (for TCP MSS setting)``
+* :vytask:`T4817` ``(feature): Please add support for RFC 9234``
+* :vytask:`T4765` ``(default): Normalize field names in op mode JSON outputs``
+* :vytask:`T4751` ``(enhancment): Feature Request: system login: 2FA OTP key generator in VyOS CLI``
+* :vytask:`T4726` ``(default): Add completion and validation for the accel-ppp RADIUS vendor option``
+* :vytask:`T4722` ``(default): Improve abbreviation/acronym consistency``
+* :vytask:`T4172` ``(feature): Patch ndppd to not read route table if there are no auto prefixes``
+* :vytask:`T4085` ``(feature): Rewrite L2TP/PPTP/SSTP/PPPoE services to get_config_dict``
+* :vytask:`T4031` ``(feature): Ability to configure DMVPN in vrf``
+* :vytask:`T4030` ``(bug): SR-IOV and interface renaming bug``
+* :vytask:`T4014` ``(feature): Add “command” and “arg” configuration options for containers``
+* :vytask:`T3965` ``(default): arm: Extend configure scripts to allow for arm builds``
+* :vytask:`T3813` ``(bug): Some custom sysctl parameters can't be applied bug``
+* :vytask:`T3778` ``(bug): Abnormal network communication and settings``
+* :vytask:`T3591` ``(bug): OpenVPN with/without VRF not working (NordVPN)``
+* :vytask:`T3372` ``(feature): Support public HTTPS repos in live-build``
+* :vytask:`T5963` ``(bug): QoS policy shaper rate calculations could be wrong for some ethernet devices``
+* :vytask:`T5962` ``(feature): QoS policy set default speed to 100mbit or 1gbit instead of 10mbit``
+* :vytask:`T5697` ``(bug): event-handler keep failing``
+* :vytask:`T4779` ``(default): Make raw op mode command outputs use bytes for data amount values``
+
+
+2024-01-19
+==========
+
+* :vytask:`T5897` ``(bug): VyOS with Cloud-init and VRF stucks at reboot/shutdown process``
+* :vytask:`T5554` ``(bug): Disable sudo for PAM RADIUS``
+* :vytask:`T4754` ``(default): Improvement: system login: show configured 2FA OTP key``
+* :vytask:`T5857` ``(bug): show interfaces wireless info``
+* :vytask:`T5841` ``(default): Remove old ssh-session-cleanup.service``
+* :vytask:`T5543` ``(bug): Fix source address handling in static joins``
+* :vytask:`T5884` ``(default): Minor description fix (op-mode: generate wireguard)``
+* :vytask:`T5781` ``(default): Add ability to add additional minisign keys``
+
+
+2024-01-18
+==========
+
+* :vytask:`T5863` ``(bug): Failure to Load Config on Recent 1.5 Versions``
+* :vytask:`T4638` ``(bug): Deleting a parent interface does not delete its underlying VLAN interfaces``
+* :vytask:`T5953` ``(default): Rename 'close_action' value from `hold` to `trap` in IPSEC IKE``
+* :vytask:`T905` ``(bug): The command show remote-config does not work for remote-platform openvpn``
+
+
+2024-01-17
+==========
+
+* :vytask:`T5923` ``(bug): Config mode system_console.py is not aware of revised GRUB file structure``
+* :vytask:`T4658` ``(feature): Rename DPD action `hold` to `trap```
+* :vytask:`T5932` ``(bug): 1.4-rolling-202304120317 to 1.4.0-rc1: dynamic dns migration fail``
+
+
+2024-01-16
+==========
+
+* :vytask:`T5951` ``(bug): [1.4.0-RC2] show hardware dmi Operational Mode Command Broken``
+* :vytask:`T5937` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] IPv6 BGP Neighbor Peer Groups Missing / Not Migrated``
+* :vytask:`T5889` ``(bug): Migration NAT 5-to-6 bug``
+* :vytask:`T5859` ``(bug): Invalid format of pool range in accel-ppp services``
+* :vytask:`T5842` ``(feature): Rewrite PPTP service to get_config_dict``
+* :vytask:`T5801` ``(feature): Rewrite L2TP service to get_config_dict``
+* :vytask:`T5688` ``(default): Create the same view of pool configuration for all accel-ppp services``
+
+
+2024-01-15
+==========
+
+* :vytask:`T5944` ``(bug): "reboot in 1" not working``
+* :vytask:`T5936` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] OSPF Passive Interface Configuration Not Working Correctly``
+* :vytask:`T5247` ``(bug): the bug of the command "show interfaces system"``
+* :vytask:`T5901` ``(bug): Cloud-init and DHCP exit hook errors``
+* :vytask:`T4856` ``(bug): DHCP-client exit hook for IPsec is incorrect``
+* :vytask:`T2556` ``(bug): "show interfaces vrrp" does not return any interface``
+
+
2024-01-14
==========
@@ -74,7 +530,6 @@
* :vytask:`T5012` ``(feature): Control network configuration from Cloud-Init config``
* :vytask:`T3116` ``(feature): Support back-end L4 level load balancing``
* :vytask:`T5614` ``(default): Add conntrack helper matching on firewall``
-* :vytask:`T5080` ``(bug): Conntrack enabled by default``
* :vytask:`T4782` ``(enhancment): Allow multiple CA certificates (on e.g. EAPoL)``
* :vytask:`T2199` ``(default): Rewrite firewall in new XML/Python style``
@@ -216,7 +671,6 @@
2023-12-22
==========
-* :vytask:`T5811` ``(bug): static dhcp-interface routes not installed``
* :vytask:`T5804` ``(bug): SNAT "any" interface error``
* :vytask:`T4760` ``(bug): VyOS does not support running multiple instances of DHCPv6 clients``