diff options
author | Robert Göhler <github@ghlr.de> | 2024-03-18 22:35:13 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-03-18 22:35:13 +0100 |
commit | c4728f717b37f9d291a50dc7ea21f26cd5af2ffb (patch) | |
tree | 35a8a0f6c50c54fc3ab6c5afa33691a84aa0f3bc | |
parent | 6eca94082b4cc0b4306890a1855daeaaf503d2ec (diff) | |
parent | a10ae6117f559595881c4d187e780fdf6587fec6 (diff) | |
download | vyos-documentation-c4728f717b37f9d291a50dc7ea21f26cd5af2ffb.tar.gz vyos-documentation-c4728f717b37f9d291a50dc7ea21f26cd5af2ffb.zip |
Merge pull request #1334 from vyos/update-dependencies-sagitta
Github: update sagitta branch
m--------- | docs/_include/vyos-1x | 0 | ||||
-rw-r--r-- | docs/changelog/1.3.rst | 318 | ||||
-rw-r--r-- | docs/changelog/1.4.rst | 458 |
3 files changed, 765 insertions, 11 deletions
diff --git a/docs/_include/vyos-1x b/docs/_include/vyos-1x -Subproject f1fe8df14abef2add43d8422160322d31d7e286 +Subproject 20e08490e0a2c84c4925400c51fa9eb05f96f5b diff --git a/docs/changelog/1.3.rst b/docs/changelog/1.3.rst index 52b7d2f3..9eff1c52 100644 --- a/docs/changelog/1.3.rst +++ b/docs/changelog/1.3.rst @@ -8,6 +8,308 @@ _ext/releasenotes.py +2024-03-11 +========== + +* :vytask:`T2998` ``(bug): SNMP v3 oid "exclude" option doesn't work`` +* :vytask:`T6096` ``(bug): Config commits are not synced properly because 00vyos-sync is deleted by vyos-router`` +* :vytask:`T6057` ``(feature): Add ability to disable syslog for conntrackd`` +* :vytask:`T5504` ``(feature): Keepalived VRRP ability to set more than one peer-address`` + + +2024-03-07 +========== + +* :vytask:`T3992` ``(bug): Traceback on adding interface to bridge with configured ip address`` + + +2024-03-06 +========== + +* :vytask:`T6088` ``(bug): Configuration corrupted after saving and powercut or force reboot`` + + +2024-02-16 +========== + +* :vytask:`T2113` ``(bug): OpenVPN Options error: you cannot use --verify-x509-name with --compat-names or --no-name-remapping`` +* :vytask:`T5418` ``(bug): PPPoE-Server Client IP pool Subnet`` + + +2024-02-15 +========== + +* :vytask:`T2612` ``(bug): HTTPS API, changing API key fails but goes through`` +* :vytask:`T656` ``(enhancment): Rewrite wirelessmodem in new style XML interface definition`` + + +2024-02-14 +========== + +* :vytask:`T2044` ``(bug): RPKI doesn't boot properly`` + + +2024-02-08 +========== + +* :vytask:`T6014` ``(feature): Bump keepalived version`` + + +2024-02-07 +========== + +* :vytask:`T6017` ``(bug): Update vyos-http-api-tools for security advisory`` + + +2024-02-02 +========== + +* :vytask:`T5914` ``(bug): CVE-2023-48795 - Terrapin vulnerability`` +* :vytask:`T5739` ``(bug): Password recovery does not work if public keys are configured`` + + +2024-02-01 +========== + +* :vytask:`T5967` ``(bug): Multi-hop BFD connections can't be established; please add minimum-ttl option.`` + + +2024-01-22 +========== + +* :vytask:`T4721` ``(feature): Static IPv6 Route Tags Missing`` + + +2024-01-20 +========== + +* :vytask:`T5187` ``(bug): Update Realtek r8152 driver`` +* :vytask:`T5182` ``(bug): Update Intel ice driver`` +* :vytask:`T5180` ``(bug): initramfs-tools ignores firmware from updates directory`` +* :vytask:`T4990` ``(bug): Commit results may not be properly saved if power is cut immediately after a successful commit`` +* :vytask:`T4039` ``(feature): Rsyslog to use 'protocol23format' for protocol UDP`` +* :vytask:`T3813` ``(bug): Some custom sysctl parameters can't be applied bug`` +* :vytask:`T2579` ``(feature): The root task for VRF features`` +* :vytask:`T2546` ``(feature): The root task for rewriting [op-mode] to XML`` +* :vytask:`T2452` ``(default): Serial console related issues`` + + +2024-01-19 +========== + +* :vytask:`T5543` ``(bug): Fix source address handling in static joins`` + + +2024-01-14 +========== + +* :vytask:`T5715` ``(bug): IPSec VPN: restart vpn is not working`` + + +2024-01-13 +========== + +* :vytask:`T5924` ``(bug): Build cannot pass the smoketest dialup-router-medium-vpn`` + + +2024-01-11 +========== + +* :vytask:`T5275` ``(default): Add op mode commands for exporting certificates to PEM files with correct headers`` +* :vytask:`T5274` ``(default): Add a deprecation warning for OpenVPN site-to-site with pre-shared secret`` +* :vytask:`T3191` ``(bug): PAM RADIUS freezing when accounting does not configured on RADIUS server`` + + +2024-01-10 +========== + +* :vytask:`T4646` ``(bug): USB serial output console does not work`` +* :vytask:`T4466` ``(bug): intel i225-v nic does not detect link after boot`` +* :vytask:`T4222` ``(feature): Support for TWAMP as round-trip metric`` +* :vytask:`T1369` ``(bug): GCP Networking Failure`` + + +2024-01-09 +========== + +* :vytask:`T3242` ``(bug): PPPoE Server overhead on virtual interfaces creation`` +* :vytask:`T2755` ``(default): Requirements for partial interface setup`` +* :vytask:`T2494` ``(bug): systemd dependencies issues`` +* :vytask:`T2343` ``(feature): Disable memory ballooning in VM templates`` +* :vytask:`T2254` ``(default): Provide more information on the build branch in the version data`` +* :vytask:`T2223` ``(feature): convert operational show interfaces to python/XML`` +* :vytask:`T1925` ``(bug): DMVPN is always listed as down in "show vpn ipsec sa"`` +* :vytask:`T1297` ``(feature): Add GARP settings to VRRP/keepalived`` + + +2024-01-08 +========== + +* :vytask:`T5318` ``(bug): Security Vulnerabilities for VyOS 1.3.3`` +* :vytask:`T3980` ``(bug): vrrp transition-script validator makes warning fatal and also causes a python NameError exception`` +* :vytask:`T2799` ``(feature): VyOS Certificates Manager`` + + +2023-12-29 +========== + +* :vytask:`T5852` ``(bug): Reboots fail with eapol WAN interface`` + + +2023-12-22 +========== + +* :vytask:`T4760` ``(bug): VyOS does not support running multiple instances of DHCPv6 clients`` + + +2023-12-21 +========== + +* :vytask:`T5714` ``(bug): IPSec VPN: op-mode: "show log vpn" does not show results`` +* :vytask:`T3039` ``(feature): Resize a root partition and filesystem automatically during deployment in virtual environments`` +* :vytask:`T2404` ``(bug): Cannot change MTU`` +* :vytask:`T2353` ``(bug): Interface [conf_mode] errors parent task`` +* :vytask:`T5796` ``(bug): Openconnect - HTTPS security headers are missing`` + + +2023-12-19 +========== + +* :vytask:`T2116` ``(feature): Processing configuration via Cloud-init User-Data`` + + +2023-12-18 +========== + +* :vytask:`T2191` ``(feature): Using tallow to block sshd probes`` + + +2023-12-15 +========== + +* :vytask:`T5824` ``(bug): busybox cannot connect some websites from initramfs`` + + +2023-12-12 +========== + +* :vytask:`T5817` ``(bug): Show openvpn server fails in some cases`` +* :vytask:`T5413` ``(default): Deny the opportunity to use one public/private key pair on both wireguard peers.`` + + +2023-11-30 +========== + +* :vytask:`T4601` ``(bug): dhcp : relay agent IP address issue.`` + + +2023-11-28 +========== + +* :vytask:`T5777` ``(bug): frr: backport and upstream recent bgpd daemon crashes`` + + +2023-11-27 +========== + +* :vytask:`T5763` ``(bug): Fix imprecise check for remote file name in vyos-load-config.py`` + + +2023-11-25 +========== + +* :vytask:`T5655` ``(bug): commit-archive: Ctrl+C should not eror out with stack trace, signal should be cought`` + + +2023-11-24 +========== + +* :vytask:`T5402` ``(bug): VRRP router with rfc3768-compatibility sends multiple ARP replies`` + + +2023-11-22 +========== + +* :vytask:`T5578` ``(bug): "ikev2-reauth" description contains outdated information`` + + +2023-11-15 +========== + +* :vytask:`T5661` ``(enhancment): Add show show ssh dynamic-protection attacker and show log ssh dynamic-protection`` +* :vytask:`T1276` ``(bug): dhcp relay + VLAN fails`` + + +2023-11-07 +========== + +* :vytask:`T5586` ``(feature): Disable by default SNMP for Keepalived VRRP`` + + +2023-11-06 +========== + +* :vytask:`T4269` ``(feature): node.def generator should automatically add default values`` + + +2023-10-26 +========== + +* :vytask:`T5684` ``(bug): services using VRF generates the error "Failed to load BPF prog: 'Operation not permitted'" when the system boots.`` +* :vytask:`T5594` ``(bug): VRRP - Error if using IPv6 Link Local as hello source address`` + + +2023-10-21 +========== + +* :vytask:`T5670` ``(bug): bridge: missing member interface validator`` +* :vytask:`T5191` ``(default): Replace underscores with hyphens in command-line options generated by vyos.opmode`` +* :vytask:`T4402` ``(bug): OpenVPN client-ip-pool option is broken`` +* :vytask:`T2719` ``(feature): Standardized op mode script structure`` + + +2023-10-19 +========== + +* :vytask:`T5669` ``(bug): VXLAN interface changing port does not work`` + + +2023-10-17 +========== + +* :vytask:`T5235` ``(bug): SSH keys with special characters cannot be applied via Cloud-init`` + + +2023-10-08 +========== + +* :vytask:`T5630` ``(feature): pppoe: allow to specify MRU in addition to already configurable MTU`` + + +2023-10-06 +========== + +* :vytask:`T5576` ``(feature): Add bgp remove-private-as all option`` + + +2023-10-04 +========== + +* :vytask:`T5632` ``(feature): Add jq package to parse JSON files`` + + +2023-09-25 +========== + +* :vytask:`T5533` ``(bug): Keepalived VRRP IPv6 group enters in FAULT state`` + + +2023-09-20 +========== + +* :vytask:`T5271` ``(default): Add support for peer-fingerprint to OpenVPN`` + + 2023-09-11 ========== @@ -51,7 +353,7 @@ * :vytask:`T4874` ``(default): Add Warning message to Equuleus`` * :vytask:`T4855` ``(bug): Trying to create more than one tunnel of the same type to the same address causes unhandled exception`` * :vytask:`T4776` ``(bug): NVME storage is not detected properly during installation`` -* :vytask:`T3546` ``(feature): Add pppoe-server CLI custom script feature`` +* :vytask:`T3546` ``(feature): Add support for running scripts on PPPoE server session events`` * :vytask:`T738` ``(feature): Add local-port and resolver port options for powerdns in CLI configuration tree`` @@ -77,7 +379,6 @@ * :vytask:`T3940` ``(bug): DHCP client does not remove IP address when stopped by the 02-vyos-stopdhclient hook`` * :vytask:`T3713` ``(default): Create a meta-package for user utilities`` * :vytask:`T3339` ``(bug): Cloud-Init domain search setting not applied`` -* :vytask:`T3144` ``(feature): Support op-mode command to release DHCP leases`` * :vytask:`T2640` ``(feature): Running VyOS inside Docker containers`` * :vytask:`T3577` ``(bug): Generating vpn x509 key pair fails with command not found`` @@ -200,12 +501,6 @@ * :vytask:`T5313` ``(bug): UDP broadcast relay - missing verify() that relay interfaces have an IP address assigned`` -2023-06-28 -========== - -* :vytask:`T1237` ``(feature): Static Route Path Monitoring, failover`` - - 2023-06-26 ========== @@ -225,6 +520,12 @@ * :vytask:`T5280` ``(bug): Update Expired keys (2023-06-08) for PowerDNS`` +2023-06-13 +========== + +* :vytask:`T5213` ``(feature): Accel-ppp sending accounting interim updates acct-interim-interval option`` + + 2023-05-29 ========== @@ -1830,7 +2131,6 @@ ========== * :vytask:`T3682` ``(bug): Remove running dhclient from ether-resume.py`` -* :vytask:`T3681` ``(default): The VMware Tools resume script did not run successfully in this virtual machine.`` 2021-08-20 diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst index 1b9b09a0..f688d251 100644 --- a/docs/changelog/1.4.rst +++ b/docs/changelog/1.4.rst @@ -8,6 +8,462 @@ _ext/releasenotes.py +2024-03-15 +========== + +* :vytask:`T6118` ``(feature): radvd: RFC8781: add nat64prefix support`` + + +2024-03-12 +========== + +* :vytask:`T6020` ``(bug): VRRP health-check script is not applied correctly in keepalived.conf`` +* :vytask:`T5646` ``(bug): QoS policy limiter broken if class without match`` +* :vytask:`T2433` ``(feature): Improve CLI value validator performance`` +* :vytask:`T1436` ``(bug): Config entries with default values do not correctly show as changed`` + + +2024-03-11 +========== + +* :vytask:`T6098` ``(bug): Description doesnt seem to allow for non international characters`` +* :vytask:`T6070` ``(bug): bnx2x NIC causes a commit error due to incorrect implementation of EEE status reading`` +* :vytask:`T2998` ``(bug): SNMP v3 oid "exclude" option doesn't work`` +* :vytask:`T6107` ``(bug): Nginx does not allow big config queries for configure endpoint API`` +* :vytask:`T6096` ``(bug): Config commits are not synced properly because 00vyos-sync is deleted by vyos-router`` +* :vytask:`T6093` ``(bug): Incorrect dhcp-options vendor-class-id regex`` +* :vytask:`T6083` ``(feature): ethtool: move string parsing to JSON parsing`` +* :vytask:`T6069` ``(bug): HTTP API segfault during concurrent configuration requests`` +* :vytask:`T6057` ``(feature): Add ability to disable syslog for conntrackd`` +* :vytask:`T5504` ``(feature): Keepalived VRRP ability to set more than one peer-address`` +* :vytask:`T5717` ``(feature): ospfv3 - add allow to set metric-type to ospf redistribution while frr docs says its possible.`` +* :vytask:`T6071` ``(bug): firewall: CLI description limit of 256 characters cause config upgrade issues`` + + +2024-03-08 +========== + +* :vytask:`T6086` ``(bug): NAT does not work with network-groups`` +* :vytask:`T6094` ``(bug): Destination Nat not Making Firewall Rules`` +* :vytask:`T6061` ``(bug): connection-status nat destination firewall filter not working in 1.4.0-epa1`` +* :vytask:`T6075` ``(bug): Applying firewall rules with a non-existent interface group`` + + +2024-03-07 +========== + +* :vytask:`T6104` ``(bug): Regression in commit-archive for non-interactive configuration`` +* :vytask:`T6084` ``(bug): OpenNHRP DMVPN configuration file clean after reboot if we have any IPSec configuration`` +* :vytask:`T5348` ``(bug): Service config-sync can freeze the secondary router if it has commit-archive location`` +* :vytask:`T6073` ``(bug): Conntrack/NAT not being disabled when VRFs are defined`` +* :vytask:`T6095` ``(default): Tab completion for "set interfaces wireless wlan0 country-code" incorrect country "uk"`` + + +2024-03-06 +========== + +* :vytask:`T6079` ``(bug): dhcp: migration fails for duplicate static-mapping`` + + +2024-03-05 +========== + +* :vytask:`T5903` ``(bug): NHRP don´t start on reboot from version 1.5-rolling-202401010026`` +* :vytask:`T2447` ``(feature): Additional Boot Argument Configuration to limit CPU C-States`` + + +2024-03-04 +========== + +* :vytask:`T6054` ``(bug): load-balancing wan - doesn't configure a list of ports`` +* :vytask:`T6087` ``(feature): ospfv3: add support to redistribute IS-IS routes`` + + +2024-03-02 +========== + +* :vytask:`T6081` ``(bug): QoS policy shaper target and interval wrong calcuations`` + + +2024-02-29 +========== + +* :vytask:`T6078` ``(feature): Update ethtool to 6.6`` +* :vytask:`T6077` ``(feature): banner: implement ASCII contest winner default logo`` +* :vytask:`T6074` ``(feature): container: do not allow deleting images which have a container running`` + + +2024-02-28 +========== + +* :vytask:`T6055` ``(bug): PKI error: "failed to install x value" when executed the command from conf mode`` +* :vytask:`T4270` ``(bug): dns forwarding - When "ignore-hosts-file" is unset, local hostname of router resolves to 127.0.1.1`` + + +2024-02-27 +========== + +* :vytask:`T6065` ``(bug): Duplicate lines in build-vyos-image script cause sagitta build to fail`` +* :vytask:`T5080` ``(bug): Conntrack enabled by default`` + + +2024-02-26 +========== + +* :vytask:`T6064` ``(bug): Can not build VyOS if repository it not cloned to a branch`` +* :vytask:`T5754` ``(default): Update to StrongSwan 5.9.11`` + + +2024-02-25 +========== + +* :vytask:`T6060` ``(feature): op-mode: container: support removing all container images at once`` + + +2024-02-24 +========== + +* :vytask:`T5909` ``(bug): Container registry with authentication prevents config load (section container) after reboot`` + + +2024-02-23 +========== + +* :vytask:`T5376` ``(bug): Conntrack FTP helper does not work properly`` +* :vytask:`T970` ``(feature): Hostname Support in NAT and Firewall Rules`` +* :vytask:`T4940` ``(feature): Interface debugging`` + + +2024-02-22 +========== + +* :vytask:`T6048` ``(bug): Exception in event handler script`` +* :vytask:`T3902` ``(bug): Firewall does not load on boot, address-group not found, even though it exists`` + + +2024-02-21 +========== + +* :vytask:`T6050` ``(bug): Wrong scripting commands descriptions in accel-ppp services`` + + +2024-02-19 +========== + +* :vytask:`T5971` ``(default): Create the same view of ppp section for all accel-ppp services`` +* :vytask:`T6029` ``(default): Rewrite Accel-PPP services to an identical feature set`` +* :vytask:`T3722` ``(bug): op-mode IPSec show vpn ike sa always shows L-TIME 0`` + + +2024-02-18 +========== + +* :vytask:`T6043` ``(bug): VxLAN and bridge error bug`` +* :vytask:`T6041` ``(bug): image-tools: install fails from PXE boot into live iso due to restrictive logic`` + + +2024-02-17 +========== + +* :vytask:`T5972` ``(feature): login: add possibility to disable individual local user accounts`` + + +2024-02-16 +========== + +* :vytask:`T6009` ``(bug): Firewall - Time not working properly when not using UTC`` +* :vytask:`T6005` ``(bug): Error on adding a wireguard interface to OSPFv3`` +* :vytask:`T2113` ``(bug): OpenVPN Options error: you cannot use --verify-x509-name with --compat-names or --no-name-remapping`` +* :vytask:`T6019` ``(feature): Bump nftables and libnftnl version`` +* :vytask:`T3471` ``(bug): DHCP hook is not able to detect all running DHCP instances`` +* :vytask:`T6015` ``(default): "journalctl_charon" file does not contain data in the generated "ipsec debug-archive" file`` +* :vytask:`T6001` ``(default): Add option to enable resolve-via-default`` +* :vytask:`T5965` ``(bug): WWAN modems using raw-ip do not work with dhclient/dhcp6c`` +* :vytask:`T5418` ``(bug): PPPoE-Server Client IP pool Subnet`` +* :vytask:`T5245` ``(bug): Wireless interfaces do not get IPv6 link-local address assigned`` + + +2024-02-15 +========== + +* :vytask:`T5977` ``(bug): nftables: Operation not supported when using match-ipsec in outbound firewall`` +* :vytask:`T2612` ``(bug): HTTPS API, changing API key fails but goes through`` +* :vytask:`T5989` ``(bug): IP subnets not usable in UPnP ACLs`` +* :vytask:`T5890` ``(default): OTP key generation is broken`` +* :vytask:`T5719` ``(default): mdns repeater: Add op-mode commands`` +* :vytask:`T4839` ``(feature): Dynamic Firewall groups`` +* :vytask:`T4801` ``(feature): Support for building AWS-ready ISO`` +* :vytask:`T3993` ``(enhancment): Extend HTTP API GraphQL support`` +* :vytask:`T3991` ``(bug): PKI operational command return traceback`` +* :vytask:`T3780` ``(bug): VTI not being brought down when tunnel is down`` +* :vytask:`T3001` ``(feature): Disable spectre mitigation patches from CLI`` +* :vytask:`T562` ``(feature): PDNS: Add support for authoritative dns server`` +* :vytask:`T71` ``(feature): Add virtual IP and route installation policy options for IPsec`` +* :vytask:`T5496` ``(default): `show firewall` error`` +* :vytask:`T4038` ``(default): Rewrite `vyatta-image-tools.pl` in Python`` +* :vytask:`T4997` ``(default): Add DHCP client user hooks dir`` +* :vytask:`T775` ``(feature): Config Sync between two VyOS routers`` +* :vytask:`T381` ``(feature): config nodes for EasyRSA CAs`` +* :vytask:`T118` ``(feature): Native Zabbix Support`` + + +2024-02-14 +========== + +* :vytask:`T6034` ``(feature): rpki: move file based SSH keys for authentication to PKI subsystem`` +* :vytask:`T5981` ``(bug): IPsec site-to-site migrated PKI ca certificates are created with an '@'`` +* :vytask:`T5930` ``(bug): vrf - route-leak not work using route-target both command.`` +* :vytask:`T5709` ``(bug): IPoE-server fails if next pool mentioned but not defined`` +* :vytask:`T4119` ``(bug): Issue with l2tp remote-access ipv6 configuration`` +* :vytask:`T2044` ``(bug): RPKI doesn't boot properly`` +* :vytask:`T6032` ``(feature): bgp: add EVPN MAC-VRF Site-of-Origin support`` +* :vytask:`T5960` ``(default): Rewriting authentication section in accel-ppp services`` + + +2024-02-13 +========== + +* :vytask:`T5928` ``(bug): Configuration fails to load on boot if offloading has VLAN interfaces defined`` +* :vytask:`T5482` ``(bug): Chrony NTP Server Fails To Sync Time`` +* :vytask:`T5064` ``(bug): Value validation for domain-groups seems to be broken`` + + +2024-02-12 +========== + +* :vytask:`T6010` ``(bug): Support setting multiple values in BGP path-attribute`` +* :vytask:`T6004` ``(bug): RPKI is not configured`` +* :vytask:`T5952` ``(default): DHCP allow same MAC Address on same subnet`` +* :vytask:`T5849` ``(feature): Add SRv6 route commands`` + + +2024-02-10 +========== + +* :vytask:`T6023` ``(bug): rpki: add support for CLI knobs expire-interval and retry-interval`` +* :vytask:`T1090` ``(default): Webproxy overhaul`` + + +2024-02-09 +========== + +* :vytask:`T6028` ``(bug): QoS policy shaper wrong class_id_max and default_minor_id`` +* :vytask:`T6026` ``(bug): QoS hide attempts to delete qdisc from devices`` +* :vytask:`T5788` ``(feature): frr: update to 9.1 release`` +* :vytask:`T5703` ``(bug): QoS config on pppoe interface resets back to fq_codel after tunnel reboots`` +* :vytask:`T5685` ``(feature): Keepalived VRRP prefix is not necessary for the virtual address`` + + +2024-02-08 +========== + +* :vytask:`T6014` ``(feature): Bump keepalived version`` +* :vytask:`T5910` ``(bug): Grub problem(?) Serial Console no longer working`` +* :vytask:`T6021` ``(bug): QoS r2q wrong calculation`` + + +2024-02-07 +========== + +* :vytask:`T6017` ``(bug): Update vyos-http-api-tools for security advisory`` +* :vytask:`T6016` ``(bug): Resolve intermittent failures in cleanup function after failed image install`` +* :vytask:`T6024` ``(feature): bgp: add additional missing FRR features`` +* :vytask:`T6011` ``(feature): rpki: known-hosts-file is no longer supported by FRR CLI - remove VyOS CLI node`` +* :vytask:`T5998` ``(feature): replay_window setting under vpn in config`` + + +2024-02-06 +========== + +* :vytask:`T6018` ``(default): smoketest: updating http-api framework requires a pause before test`` +* :vytask:`T5921` ``(bug): Trying to commit an OpenConnect configuration without any local users results in an exception`` +* :vytask:`T5687` ``(feature): Implement ECS settings for PowerDNS recursor`` + + +2024-02-05 +========== + +* :vytask:`T5974` ``(bug): QoS policy shaper is currently miscalculating bandwidth and ceil values for the default class`` +* :vytask:`T5865` ``(feature): Rewrite ipv6 pool section to ipv6 named pools in Accel-ppp services`` + + +2024-02-02 +========== + +* :vytask:`T5739` ``(bug): Password recovery does not work if public keys are configured`` +* :vytask:`T5955` ``(feature): Rootless containers/set uid/gid for container`` +* :vytask:`T5941` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] Orphaned Configuration Nodes Cause Issues`` +* :vytask:`T6003` ``(feature): Add 'show rpki as-number' and 'show rpki prefix'`` +* :vytask:`T5848` ``(feature): Add triple-isolate flow isolation option to CAKE QoS policy`` + + +2024-02-01 +========== + +* :vytask:`T5995` ``(bug): Kernel NIC-drivers for Huawei NICs are not properly enabled`` +* :vytask:`T5978` ``(bug): ethernet: hw-tc-offload does not actually get enabled on the NIC`` +* :vytask:`T5979` ``(enhancment): Add configurable kernel boot parameters`` +* :vytask:`T5973` ``(bug): vrf: RTNETLINK answers: File exists`` +* :vytask:`T5967` ``(bug): Multi-hop BFD connections can't be established; please add minimum-ttl option.`` +* :vytask:`T5619` ``(default): Update the Intel ixgbe driver due to issues with Intel X533`` + + +2024-01-31 +========== + +* :vytask:`T6000` ``(bug): [1.3.x -> 1.5.x] migrating threw exception in /opt/vyatta/etc/config-migrate/migrate/https/5-to-6, performed workaround`` +* :vytask:`T5999` ``(bug): load-balancing reverse-proxy can't configure root as a redirect`` + + +2024-01-30 +========== + +* :vytask:`T5980` ``(feature): Add image-tools support for configurable kernel boot options`` + + +2024-01-29 +========== + +* :vytask:`T5988` ``(bug): image-tools: a check of valid image name is missing from 'add image'`` +* :vytask:`T5994` ``(bug): Fix typo in 'remote' module preventing 'add system image' via ftp`` + + +2024-01-26 +========== + +* :vytask:`T5957` ``(bug): Firewall fails to delete inbound-interface name`` +* :vytask:`T5779` ``(bug): custom conntrack timeout rule not applicable`` +* :vytask:`T5984` ``(feature): Add user util numactl`` + + +2024-01-25 +========== + +* :vytask:`T5983` ``(bug): image-tools: minor regression in pruning version files in compatibility mode`` +* :vytask:`T5927` ``(bug): QoS policy shaper-hfsc class does not have a `bandwidth` node but requires one in the check`` +* :vytask:`T5834` ``(bug): Rename 'enable-default-log' to 'default-log'`` + + +2024-01-22 +========== + +* :vytask:`T5968` ``(feature): hsflowd: add VRF support`` +* :vytask:`T5975` ``(bug): GraphQL expects script otp.py that does not exists in 1.4`` +* :vytask:`T5961` ``(bug): QoS policy shaper vif with ceiling fails on commit`` +* :vytask:`T5958` ``(bug): QoS policy shaper-hfsc is not implemented`` +* :vytask:`T5160` ``(feature): Firewall refactor`` +* :vytask:`T5969` ``(feature): op-mode: list multicast group membership`` + + +2024-01-21 +========== + +* :vytask:`T5799` ``(bug): vyos unbootable after 1.4-rolling-202308240020 to 1.5-rolling-202312010026 upgrade`` +* :vytask:`T5787` ``(bug): dhcp-server allows duplicate static-mapping for the same IP address`` +* :vytask:`T5692` ``(enhancment): NTP leap smear`` +* :vytask:`T5954` ``(feature): Enable nvme_hwmon and drivetemp in KERNEL`` + + +2024-01-20 +========== + +* :vytask:`T5915` ``(bug): Firewall zone - Re add op-mode commands`` +* :vytask:`T5805` ``(bug): Missed per-interface statistic in telegraf`` +* :vytask:`T5724` ``(feature): About dhcp client hooks`` +* :vytask:`T5577` ``(bug): Optimize PAM configs for RADIUS/TACACS+`` +* :vytask:`T5550` ``(bug): Source validation on interface does not work properly`` +* :vytask:`T5267` ``(bug): Another corruption on upgrade`` +* :vytask:`T5239` ``(bug): frr 'hostname' missing or incorrect, and domain-name missing totally`` +* :vytask:`T5219` ``(bug): ddclient: Cloudflare doesn't require login`` +* :vytask:`T5217` ``(feature): Add firewall SYNPROXY`` +* :vytask:`T5203` ``(feature): load-balancing wan add systemd unit instead of old vyatta-wanloadbalance.init`` +* :vytask:`T5199` ``(bug): Salt-minion cannot connect to server in python 3.10 and up`` +* :vytask:`T5138` ``(feature): Add patch to accel-ppp build L2TP LNS use Calling-Number as RADIUS Calling-Station-ID`` +* :vytask:`T5054` ``(bug): ipsec: "show vpn ipsec remote-access" does not list active connections`` +* :vytask:`T5053` ``(bug): Vyatta-cfg Post-Removal Hook Tries to Disable Deleted Service`` +* :vytask:`T5035` ``(feature): Add more actions to policy route rule`` +* :vytask:`T4990` ``(bug): Commit results may not be properly saved if power is cut immediately after a successful commit`` +* :vytask:`T4988` ``(default): Expose time and size conversion functions as Jinja2 filters`` +* :vytask:`T4986` ``(feature): Ability to filter traffic originating from the router itself via firewall`` +* :vytask:`T4963` ``(default): vyos.ethtool: improve/fix driver name detection`` +* :vytask:`T4935` ``(bug): ospfv3: "not-advertise" and "advertise" conflict`` +* :vytask:`T4897` ``(bug): Setting 'source-address' or `source-interface` on existing vxlan interface doesn't work`` +* :vytask:`T4888` ``(default): Rewrite the conntrack sync script using vyos.opmode`` +* :vytask:`T4863` ``(feature): need an option for route policy to apply to dynamic interfaces l2tp*/ipoe*/pppoe* (for TCP MSS setting)`` +* :vytask:`T4817` ``(feature): Please add support for RFC 9234`` +* :vytask:`T4765` ``(default): Normalize field names in op mode JSON outputs`` +* :vytask:`T4751` ``(enhancment): Feature Request: system login: 2FA OTP key generator in VyOS CLI`` +* :vytask:`T4726` ``(default): Add completion and validation for the accel-ppp RADIUS vendor option`` +* :vytask:`T4722` ``(default): Improve abbreviation/acronym consistency`` +* :vytask:`T4172` ``(feature): Patch ndppd to not read route table if there are no auto prefixes`` +* :vytask:`T4085` ``(feature): Rewrite L2TP/PPTP/SSTP/PPPoE services to get_config_dict`` +* :vytask:`T4031` ``(feature): Ability to configure DMVPN in vrf`` +* :vytask:`T4030` ``(bug): SR-IOV and interface renaming bug`` +* :vytask:`T4014` ``(feature): Add “command” and “arg” configuration options for containers`` +* :vytask:`T3965` ``(default): arm: Extend configure scripts to allow for arm builds`` +* :vytask:`T3813` ``(bug): Some custom sysctl parameters can't be applied bug`` +* :vytask:`T3778` ``(bug): Abnormal network communication and settings`` +* :vytask:`T3591` ``(bug): OpenVPN with/without VRF not working (NordVPN)`` +* :vytask:`T3372` ``(feature): Support public HTTPS repos in live-build`` +* :vytask:`T5963` ``(bug): QoS policy shaper rate calculations could be wrong for some ethernet devices`` +* :vytask:`T5962` ``(feature): QoS policy set default speed to 100mbit or 1gbit instead of 10mbit`` +* :vytask:`T5697` ``(bug): event-handler keep failing`` +* :vytask:`T4779` ``(default): Make raw op mode command outputs use bytes for data amount values`` + + +2024-01-19 +========== + +* :vytask:`T5897` ``(bug): VyOS with Cloud-init and VRF stucks at reboot/shutdown process`` +* :vytask:`T5554` ``(bug): Disable sudo for PAM RADIUS`` +* :vytask:`T4754` ``(default): Improvement: system login: show configured 2FA OTP key`` +* :vytask:`T5857` ``(bug): show interfaces wireless info`` +* :vytask:`T5841` ``(default): Remove old ssh-session-cleanup.service`` +* :vytask:`T5543` ``(bug): Fix source address handling in static joins`` +* :vytask:`T5884` ``(default): Minor description fix (op-mode: generate wireguard)`` +* :vytask:`T5781` ``(default): Add ability to add additional minisign keys`` + + +2024-01-18 +========== + +* :vytask:`T5863` ``(bug): Failure to Load Config on Recent 1.5 Versions`` +* :vytask:`T4638` ``(bug): Deleting a parent interface does not delete its underlying VLAN interfaces`` +* :vytask:`T5953` ``(default): Rename 'close_action' value from `hold` to `trap` in IPSEC IKE`` +* :vytask:`T905` ``(bug): The command show remote-config does not work for remote-platform openvpn`` + + +2024-01-17 +========== + +* :vytask:`T5923` ``(bug): Config mode system_console.py is not aware of revised GRUB file structure`` +* :vytask:`T4658` ``(feature): Rename DPD action `hold` to `trap``` +* :vytask:`T5932` ``(bug): 1.4-rolling-202304120317 to 1.4.0-rc1: dynamic dns migration fail`` + + +2024-01-16 +========== + +* :vytask:`T5951` ``(bug): [1.4.0-RC2] show hardware dmi Operational Mode Command Broken`` +* :vytask:`T5937` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] IPv6 BGP Neighbor Peer Groups Missing / Not Migrated`` +* :vytask:`T5889` ``(bug): Migration NAT 5-to-6 bug`` +* :vytask:`T5859` ``(bug): Invalid format of pool range in accel-ppp services`` +* :vytask:`T5842` ``(feature): Rewrite PPTP service to get_config_dict`` +* :vytask:`T5801` ``(feature): Rewrite L2TP service to get_config_dict`` +* :vytask:`T5688` ``(default): Create the same view of pool configuration for all accel-ppp services`` + + +2024-01-15 +========== + +* :vytask:`T5944` ``(bug): "reboot in 1" not working`` +* :vytask:`T5936` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] OSPF Passive Interface Configuration Not Working Correctly`` +* :vytask:`T5247` ``(bug): the bug of the command "show interfaces system"`` +* :vytask:`T5901` ``(bug): Cloud-init and DHCP exit hook errors`` +* :vytask:`T4856` ``(bug): DHCP-client exit hook for IPsec is incorrect`` +* :vytask:`T2556` ``(bug): "show interfaces vrrp" does not return any interface`` + + 2024-01-14 ========== @@ -74,7 +530,6 @@ * :vytask:`T5012` ``(feature): Control network configuration from Cloud-Init config`` * :vytask:`T3116` ``(feature): Support back-end L4 level load balancing`` * :vytask:`T5614` ``(default): Add conntrack helper matching on firewall`` -* :vytask:`T5080` ``(bug): Conntrack enabled by default`` * :vytask:`T4782` ``(enhancment): Allow multiple CA certificates (on e.g. EAPoL)`` * :vytask:`T2199` ``(default): Rewrite firewall in new XML/Python style`` @@ -216,7 +671,6 @@ 2023-12-22 ========== -* :vytask:`T5811` ``(bug): static dhcp-interface routes not installed`` * :vytask:`T5804` ``(bug): SNAT "any" interface error`` * :vytask:`T4760` ``(bug): VyOS does not support running multiple instances of DHCPv6 clients`` |