diff options
Diffstat (limited to 'docs/changelog/1.4.rst')
-rw-r--r-- | docs/changelog/1.4.rst | 772 |
1 files changed, 769 insertions, 3 deletions
diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst index 1b9b09a0..0ad129e1 100644 --- a/docs/changelog/1.4.rst +++ b/docs/changelog/1.4.rst @@ -8,6 +8,775 @@ _ext/releasenotes.py +2024-04-25 +========== + +* :vytask:`T6263` ``(bug): Multicast: Could not commit multicast config with multicast join group using source-address`` +* :vytask:`T5833` ``(bug): Not all AFIs compatible with VRF`` + + +2024-04-24 +========== + +* :vytask:`T6255` ``(bug): Static table description should not contain white-space`` +* :vytask:`T6226` ``(feature): add HAPROXY `tcp-request content accept` related block to load-balancing reverse proxy config`` +* :vytask:`T6109` ``(bug): remote syslog do not get all the logs`` +* :vytask:`T6217` ``(feature): VRRP contrack-sync script change name of the logger`` +* :vytask:`T6244` ``(feature): Spacing of "Show System Uptime" hard to parse`` + + +2024-04-23 +========== + +* :vytask:`T6260` ``(bug): image-tools: remove failed image directory if 'No space left on device' error`` +* :vytask:`T6261` ``(default): Typo in op_mode connect_disconnect print statement for check_ppp_running`` +* :vytask:`T6237` ``(feature): IPSec remote access VPN: ability to set EAP ID of clients`` + + +2024-04-22 +========== + +* :vytask:`T5996` ``(bug): unescape backslashes for config save, compare commands`` +* :vytask:`T6103` ``(bug): DHCP-server bootfile-name double slash syntax weird behaviour`` +* :vytask:`T6080` ``(default): Default NTP server settings`` +* :vytask:`T5986` ``(bug): Container: Error on commit when environment variable value contains \n line break`` + + +2024-04-21 +========== + +* :vytask:`T6191` ``(bug): Policy Route TCP-MSS Behavior Different from 1.3.x`` +* :vytask:`T5535` ``(feature): disable-directed-broadcast should be moved to firewall global-options`` + + +2024-04-20 +========== + +* :vytask:`T6252` ``(bug): gre tunnel - doesn't allow configure jumbo frame more than 8024`` + + +2024-04-19 +========== + +* :vytask:`T6221` ``(bug): Enabling VRF breaks connectivity`` +* :vytask:`T6035` ``(bug): QoS policy shaper queue-type random-detect requires limit avpkt`` +* :vytask:`T6246` ``(feature): Enable basic haproxy http-check configuration options`` +* :vytask:`T6242` ``(feature): Loadbalancer reverse-proxy: SSL backend skip CA certificate verification`` + + +2024-04-17 +========== + +* :vytask:`T6168` ``(bug): add system image does not set default boot to current console type in compatibility mode`` +* :vytask:`T6243` ``(bug): Update vyos-http-api-tools for package idna security advisory`` +* :vytask:`T6154` ``(enhancment): Installer should ask for password twice`` +* :vytask:`T5966` ``(default): Adjust dynamic dns configuration address subpath to be more intuitive and other op-mode adjustments`` +* :vytask:`T5723` ``(default): mdns repeater: Always reload systemd daemon before applying changes`` +* :vytask:`T5722` ``(bug): Failing to add route in failover if gateway not in the same interface network`` +* :vytask:`T5612` ``(default): Miscellaneous improvements and fixes for dynamic DNS configuration`` +* :vytask:`T5574` ``(default): Support per-service cache management for dynamic dns providers`` +* :vytask:`T5360` ``(bug): ddclient generating abuse`` + + +2024-04-15 +========== + +* :vytask:`T6100` ``(bug): NAT config migration error in 1.4.0-epa1 if invalid address/network defined in 1.3.6 version`` +* :vytask:`T5734` ``(bug): OpenVPN server dh-params that are not in PKI error`` + + +2024-04-14 +========== + +* :vytask:`T6210` ``(feature): Add container ability to configure capability sys-nice`` + + +2024-04-13 +========== + +* :vytask:`T6173` ``(bug): Build Causes Errors When "--version" Contains Slashes ("/")`` +* :vytask:`T2518` ``(feature): Support NAT for ipv6(NPT)`` +* :vytask:`T6238` ``(default): vyos-build Check pull request title requires the python script`` +* :vytask:`T6235` ``(default): Git check PR status: conflicts and resolution`` + + +2024-04-12 +========== + +* :vytask:`T5872` ``(default): ipsec remote access VPN: support dhcp-interface`` +* :vytask:`T6216` ``(bug): Upgrade error from 1.3 to 1.4 - Firewall using character '+'`` +* :vytask:`T6214` ``(bug): Error when using some constraints`` +* :vytask:`T6213` ``(bug): Firewall group constraints`` +* :vytask:`T6148` ``(bug): Reset vpn ipsec command breaks tunnel and does not reset SAs that are down`` +* :vytask:`T1487` ``(default): DNS (pdns_recursor) stats logs not saved to disk`` +* :vytask:`T6222` ``(bug): VRRP rfc3768-compatibility not working correctly when resulting interface name is over 15 characters`` +* :vytask:`T6218` ``(bug): Container network interface in VRF fails to generate IPv6 link-local address`` +* :vytask:`T5959` ``(default): Streamline dns forwarding service`` +* :vytask:`T5846` ``(default): Refactor and simplify DUID definition in conf-mode`` +* :vytask:`T5631` ``(feature): Ability to export the current configuration in JSON format`` +* :vytask:`T5615` ``(default): Narrow down spurious name conflict with mdns`` +* :vytask:`T5530` ``(default): Add LFA to IS-IS`` +* :vytask:`T5195` ``(default): Break up the vyos.util module`` +* :vytask:`T5124` ``(bug): Python3 deprecation distutils.version import LooseVersion`` +* :vytask:`T1871` ``(feature): add MTU option when configure limiter traffic-policy`` +* :vytask:`T874` ``(feature): Support for Two Factor Authentication for CLI access via Google Authenticator/OTP`` +* :vytask:`T6204` ``(default): Remove shebang lines from Python modules`` +* :vytask:`T6166` ``(bug): Tech support generation error for custom output location`` +* :vytask:`T6062` ``(feature): container: add support for image manipulation based on tag name`` +* :vytask:`T5877` ``(default): Reduce unnecessary nesting in system domain-search path and improve smoketest`` +* :vytask:`T5871` ``(default): ipsec remote access VPN: specify "cacerts" to disambiguate mulitple remote access configurations`` +* :vytask:`T5870` ``(default): ipsec remote access VPN: add x509 ("pubkey") authentication`` +* :vytask:`T5772` ``(default): Require HTTPS API server configurations to include at least one key if key-based auth is used`` +* :vytask:`T5447` ``(feature): Allow static MACsec keys with peers`` +* :vytask:`T4221` ``(default): Add a template filter for converting scalars to single-item lists`` +* :vytask:`T3766` ``(feature): containers: Expanding options for networking and building containers`` + + +2024-04-11 +========== + +* :vytask:`T4516` ``(feature): Rewrite system image manipulation tools in Python`` +* :vytask:`T4548` ``(feature): GRUB loader configuration rework`` +* :vytask:`T3774` ``(bug): atop logs are not limited in size`` +* :vytask:`T3574` ``(default): Add constraintGroup for combining validators with logical AND`` +* :vytask:`T3474` ``(default): Revisit storing syntax version of interface definitions in XML file`` +* :vytask:`T160` ``(feature): Support NAT64`` +* :vytask:`T6228` ``(bug): Cleanup of not existing units`` + + +2024-04-10 +========== + +* :vytask:`T6207` ``(bug): image-tools: restore ability to copy config.boot.default on image install`` +* :vytask:`T5750` ``(bug): Upgrade from 1.3.4 to 1.4 Rolling fails QoS`` +* :vytask:`T5858` ``(bug): Show conntrack statistics formatting is all over the place`` +* :vytask:`T4734` ``(feature): Feature Request: openvpn: add OTP 2FA support`` + + +2024-04-09 +========== + +* :vytask:`T3409` ``(feature): Add back TCP-MSS Clamp to PMTU`` +* :vytask:`T6121` ``(feature): Extend service config-sync for sections vpn, policy, vrf`` + + +2024-04-08 +========== + +* :vytask:`T6197` ``(bug): IPoE-server interface client-subnet looks broken or works with the wrong logic`` +* :vytask:`T6196` ``(bug): Route-map and summary-only do not work in BGP aggregation at the same time`` +* :vytask:`T6068` ``(feature): dhcp server: allow switching between load-balanced and hotspare mode`` + + +2024-04-07 +========== + +* :vytask:`T6205` ``(bug): ipoe: error in migration script logic while renaming mac-address to mac node`` +* :vytask:`T6039` ``(bug): cloud-init DNS search-domain causes configuration migration/validation error`` +* :vytask:`T5862` ``(bug): Default MTU is not acceptable in some environments`` +* :vytask:`T6208` ``(feature): container: rename "cap-add" CLI node to "capability"`` +* :vytask:`T6188` ``(feature): Add Firewall Rule Description to "show firewall" commands`` +* :vytask:`T1244` ``(default): Support for StartupResync in conntrackd`` + + +2024-04-06 +========== + +* :vytask:`T6203` ``(enhancment): Remove obsoleted xml lib`` +* :vytask:`T6202` ``(bug): Multi-Protocol BGP is broken by 6PE patch in upstream FRR 9.1`` + + +2024-04-05 +========== + +* :vytask:`T6089` ``(bug): [1.3.6->1.4.0-epa1 Migration] "ospf passive-interface default" incorrectly added`` +* :vytask:`T2590` ``(bug): DHCPv6 not updating nameservers and search domains since replacing isc-dhcp-client with WIDE dhcp6c`` +* :vytask:`T6199` ``(feature): spring cleaning - drop unused Python imports`` + + +2024-04-04 +========== + +* :vytask:`T6119` ``(default): Use a compliant TOML parser`` +* :vytask:`T6171` ``(feature): dhcp server fail-over - Rename fail-over node`` +* :vytask:`T6115` ``(bug): Build from Git tags fail`` +* :vytask:`T5122` ``(feature): Move "archive-areas" to defaults.toml to support "non-free-firmware" repository`` +* :vytask:`T5121` ``(bug): Incorrect "architecture" config loaded`` +* :vytask:`T4951` ``(default): Add an op mode exception for cases when operations fail due to insufficient system resources`` +* :vytask:`T4883` ``(default): Add a description field for routing tables`` +* :vytask:`T4796` ``(bug): build-vyos-image ignores multiple options`` +* :vytask:`T4795` ``(feature): Cleanup custom python validators`` +* :vytask:`T4761` ``(default): Add a generic URL validator`` +* :vytask:`T3843` ``(bug): l2tp configuration not cleared after delete`` +* :vytask:`T3681` ``(default): The VMware Tools resume script did not run successfully in this virtual machine.`` +* :vytask:`T1991` ``(feature): Rework time services`` +* :vytask:`T5711` ``(default): Put the version data file inside the ISO image`` +* :vytask:`T5672` ``(default): Remove the old-style command definition importer`` +* :vytask:`T5639` ``(default): Group vyos-1x dependencies by their VyOS components and specify their purpose`` +* :vytask:`T5638` ``(default): Add support for requiring numeric values to be ranges rather than single numbers`` +* :vytask:`T5634` ``(default): Remove support for Blowfish and DES from OpenVPN`` +* :vytask:`T5605` ``(default): Do not generate keysize option in OpenVPN configs`` +* :vytask:`T5582` ``(default): Add a command to force NTP sync`` +* :vytask:`T5449` ``(default): Add options for TCP MSS probing`` +* :vytask:`T4440` ``(default): Add OCI compliant image labels to vyos-build and vyos containers`` +* :vytask:`T671` ``(enhancment): Identify and remove dead code`` +* :vytask:`T5109` ``(feature): Improve OCaml XML validator`` +* :vytask:`T1449` ``(feature): Add opportunity to include custom default configs (few) at building`` + + +2024-04-03 +========== + +* :vytask:`T6198` ``(feature): configverify: add common helper for PKI certificate validation`` +* :vytask:`T6192` ``(feature): Multi VRF support for SSH`` + + +2024-04-02 +========== + +* :vytask:`T6167` ``(bug): VNI not set on VRF after reboot`` +* :vytask:`T6151` ``(default): BGP VRF - Route-leaking not work when the next-hop is a recursive route.`` +* :vytask:`T6033` ``(bug): hsflowd fails to start when using a tunnel interface`` + + +2024-04-01 +========== + +* :vytask:`T6195` ``(feature): dropbear: package upgrade 2022.83-1 -> 2022.83-1+deb12u1`` +* :vytask:`T6193` ``(bug): dhcp-client: invalid warning "is not a DHCP interface but uses DHCP name-server option" for VLAN interfaces`` +* :vytask:`T6178` ``(bug): Reverse-proxy should check that certificate exists during commit`` + + +2024-03-31 +========== + +* :vytask:`T6186` ``(bug): Fix regression in 'set system image default-boot'`` +* :vytask:`T5832` ``(feature): Keepalived: Allow using the 'dev' statement on excluded-addresses`` + + +2024-03-28 +========== + +* :vytask:`T6147` ``(bug): Conntrack not working as expected with global state-policy`` +* :vytask:`T6175` ``(bug): op-mode: "renew dhcp interface <name>" does not check if it's an actual DHCP interface`` + + +2024-03-26 +========== + +* :vytask:`T6066` ``(bug): Setting same network in different ospf area will raise exception`` + + +2024-03-25 +========== + +* :vytask:`T6145` ``(bug): Service config-sync does not rely on priorities but must`` + + +2024-03-24 +========== + +* :vytask:`T6161` ``(feature): Output container images as JSON`` +* :vytask:`T6165` ``(bug): grub: vyos-grub-update failed to start on "slow" systems`` +* :vytask:`T6085` ``(bug): VTI interfaces are in UP state by default`` +* :vytask:`T6152` ``(bug): Kernel panic for ZimaBoard 232`` + + +2024-03-23 +========== + +* :vytask:`T6160` ``(bug): isis: NameError: name 'process' is not defined`` +* :vytask:`T6131` ``(bug): Disabling openvpn interface(s) causes OSPF to fail to load on reboot`` +* :vytask:`T4022` ``(feature): Add package nat-rtsp-dkms`` + + +2024-03-22 +========== + +* :vytask:`T6136` ``(bug): Configuring a dynamic address group, config script did not check whether the group was created`` +* :vytask:`T6130` ``(bug): [1.3.6->1.4.0-epa2 Migration] BGP "set community" missing`` +* :vytask:`T6090` ``(bug): [1.3.6->1.4.0-epa1 Migration] policy route fails due tcp flag case sensitivity`` +* :vytask:`T6155` ``(default): ixgbe: failed to initialize because an unsupported SFP+ module type was detected.`` +* :vytask:`T6125` ``(feature): Support 802.1ad (0x88a8) vlan filtering for bridge`` +* :vytask:`T5624` ``(default): Remove /etc/debian_version from the image`` + + +2024-03-21 +========== + +* :vytask:`T6143` ``(feature): Increase configuration timeout range for service config-sync`` + + +2024-03-20 +========== + +* :vytask:`T6133` ``(feature): Add domain-name to commit-archive`` +* :vytask:`T6129` ``(feature): bgp: add route-map option "as-path exclude all"`` + + +2024-03-19 +========== + +* :vytask:`T6127` ``(bug): Ability to view logs for rules with Offload not functional`` +* :vytask:`T6138` ``(bug): Conntrack table op-mode fails with flowtable offload entries`` + + +2024-03-15 +========== + +* :vytask:`T6118` ``(feature): radvd: RFC8781: add nat64prefix support`` + + +2024-03-12 +========== + +* :vytask:`T6020` ``(bug): VRRP health-check script is not applied correctly in keepalived.conf`` +* :vytask:`T5646` ``(bug): QoS policy limiter broken if class without match`` +* :vytask:`T2433` ``(feature): Improve CLI value validator performance`` +* :vytask:`T1436` ``(bug): Config entries with default values do not correctly show as changed`` + + +2024-03-11 +========== + +* :vytask:`T6098` ``(bug): Description doesnt seem to allow for non international characters`` +* :vytask:`T6070` ``(bug): bnx2x NIC causes a commit error due to incorrect implementation of EEE status reading`` +* :vytask:`T2998` ``(bug): SNMP v3 oid "exclude" option doesn't work`` +* :vytask:`T6107` ``(bug): Nginx does not allow big config queries for configure endpoint API`` +* :vytask:`T6096` ``(bug): Config commits are not synced properly because 00vyos-sync is deleted by vyos-router`` +* :vytask:`T6093` ``(bug): Incorrect dhcp-options vendor-class-id regex`` +* :vytask:`T6083` ``(feature): ethtool: move string parsing to JSON parsing`` +* :vytask:`T6069` ``(bug): HTTP API segfault during concurrent configuration requests`` +* :vytask:`T6057` ``(feature): Add ability to disable syslog for conntrackd`` +* :vytask:`T5504` ``(feature): Keepalived VRRP ability to set more than one peer-address`` +* :vytask:`T5717` ``(feature): ospfv3 - add allow to set metric-type to ospf redistribution while frr docs says its possible.`` +* :vytask:`T6071` ``(bug): firewall: CLI description limit of 256 characters cause config upgrade issues`` + + +2024-03-08 +========== + +* :vytask:`T6086` ``(bug): NAT does not work with network-groups`` +* :vytask:`T6094` ``(bug): Destination Nat not Making Firewall Rules`` +* :vytask:`T6061` ``(bug): connection-status nat destination firewall filter not working in 1.4.0-epa1`` +* :vytask:`T6075` ``(bug): Applying firewall rules with a non-existent interface group`` + + +2024-03-07 +========== + +* :vytask:`T6104` ``(bug): Regression in commit-archive for non-interactive configuration`` +* :vytask:`T6084` ``(bug): OpenNHRP DMVPN configuration file clean after reboot if we have any IPSec configuration`` +* :vytask:`T5348` ``(bug): Service config-sync can freeze the secondary router if it has commit-archive location`` +* :vytask:`T6073` ``(bug): Conntrack/NAT not being disabled when VRFs are defined`` +* :vytask:`T6095` ``(default): Tab completion for "set interfaces wireless wlan0 country-code" incorrect country "uk"`` + + +2024-03-06 +========== + +* :vytask:`T6079` ``(bug): dhcp: migration fails for duplicate static-mapping`` + + +2024-03-05 +========== + +* :vytask:`T5903` ``(bug): NHRP don´t start on reboot from version 1.5-rolling-202401010026`` +* :vytask:`T2447` ``(feature): Additional Boot Argument Configuration to limit CPU C-States`` + + +2024-03-04 +========== + +* :vytask:`T6054` ``(bug): load-balancing wan - doesn't configure a list of ports`` +* :vytask:`T6087` ``(feature): ospfv3: add support to redistribute IS-IS routes`` + + +2024-03-02 +========== + +* :vytask:`T6081` ``(bug): QoS policy shaper target and interval wrong calcuations`` + + +2024-02-29 +========== + +* :vytask:`T6078` ``(feature): Update ethtool to 6.6`` +* :vytask:`T6077` ``(feature): banner: implement ASCII contest winner default logo`` +* :vytask:`T6074` ``(feature): container: do not allow deleting images which have a container running`` + + +2024-02-28 +========== + +* :vytask:`T6055` ``(bug): PKI error: "failed to install x value" when executed the command from conf mode`` +* :vytask:`T4270` ``(bug): dns forwarding - When "ignore-hosts-file" is unset, local hostname of router resolves to 127.0.1.1`` + + +2024-02-27 +========== + +* :vytask:`T6065` ``(bug): Duplicate lines in build-vyos-image script cause sagitta build to fail`` +* :vytask:`T5080` ``(bug): Conntrack enabled by default`` + + +2024-02-26 +========== + +* :vytask:`T6064` ``(bug): Can not build VyOS if repository it not cloned to a branch`` +* :vytask:`T5754` ``(default): Update to StrongSwan 5.9.11`` + + +2024-02-25 +========== + +* :vytask:`T6060` ``(feature): op-mode: container: support removing all container images at once`` + + +2024-02-24 +========== + +* :vytask:`T5909` ``(bug): Container registry with authentication prevents config load (section container) after reboot`` + + +2024-02-23 +========== + +* :vytask:`T5376` ``(bug): Conntrack FTP helper does not work properly`` +* :vytask:`T970` ``(feature): Hostname Support in NAT and Firewall Rules`` +* :vytask:`T4940` ``(feature): Interface debugging`` + + +2024-02-22 +========== + +* :vytask:`T6048` ``(bug): Exception in event handler script`` +* :vytask:`T3902` ``(bug): Firewall does not load on boot, address-group not found, even though it exists`` + + +2024-02-21 +========== + +* :vytask:`T6050` ``(bug): Wrong scripting commands descriptions in accel-ppp services`` + + +2024-02-19 +========== + +* :vytask:`T5971` ``(default): Create the same view of ppp section for all accel-ppp services`` +* :vytask:`T6029` ``(default): Rewrite Accel-PPP services to an identical feature set`` +* :vytask:`T3722` ``(bug): op-mode IPSec show vpn ike sa always shows L-TIME 0`` + + +2024-02-18 +========== + +* :vytask:`T6043` ``(bug): VxLAN and bridge error bug`` +* :vytask:`T6041` ``(bug): image-tools: install fails from PXE boot into live iso due to restrictive logic`` + + +2024-02-17 +========== + +* :vytask:`T5972` ``(feature): login: add possibility to disable individual local user accounts`` + + +2024-02-16 +========== + +* :vytask:`T6009` ``(bug): Firewall - Time not working properly when not using UTC`` +* :vytask:`T6005` ``(bug): Error on adding a wireguard interface to OSPFv3`` +* :vytask:`T2113` ``(bug): OpenVPN Options error: you cannot use --verify-x509-name with --compat-names or --no-name-remapping`` +* :vytask:`T6019` ``(feature): Bump nftables and libnftnl version`` +* :vytask:`T3471` ``(bug): DHCP hook is not able to detect all running DHCP instances`` +* :vytask:`T6015` ``(default): "journalctl_charon" file does not contain data in the generated "ipsec debug-archive" file`` +* :vytask:`T6001` ``(default): Add option to enable resolve-via-default`` +* :vytask:`T5965` ``(bug): WWAN modems using raw-ip do not work with dhclient/dhcp6c`` +* :vytask:`T5418` ``(bug): PPPoE-Server Client IP pool Subnet`` +* :vytask:`T5245` ``(bug): Wireless interfaces do not get IPv6 link-local address assigned`` + + +2024-02-15 +========== + +* :vytask:`T5977` ``(bug): nftables: Operation not supported when using match-ipsec in outbound firewall`` +* :vytask:`T2612` ``(bug): HTTPS API, changing API key fails but goes through`` +* :vytask:`T5989` ``(bug): IP subnets not usable in UPnP ACLs`` +* :vytask:`T5890` ``(default): OTP key generation is broken`` +* :vytask:`T5719` ``(default): mdns repeater: Add op-mode commands`` +* :vytask:`T4839` ``(feature): Dynamic Firewall groups`` +* :vytask:`T4801` ``(feature): Support for building AWS-ready ISO`` +* :vytask:`T3993` ``(enhancment): Extend HTTP API GraphQL support`` +* :vytask:`T3991` ``(bug): PKI operational command return traceback`` +* :vytask:`T3780` ``(bug): VTI not being brought down when tunnel is down`` +* :vytask:`T3001` ``(feature): Disable spectre mitigation patches from CLI`` +* :vytask:`T562` ``(feature): PDNS: Add support for authoritative dns server`` +* :vytask:`T71` ``(feature): Add virtual IP and route installation policy options for IPsec`` +* :vytask:`T5496` ``(default): `show firewall` error`` +* :vytask:`T4038` ``(default): Rewrite `vyatta-image-tools.pl` in Python`` +* :vytask:`T4997` ``(default): Add DHCP client user hooks dir`` +* :vytask:`T775` ``(feature): Config Sync between two VyOS routers`` +* :vytask:`T381` ``(feature): config nodes for EasyRSA CAs`` +* :vytask:`T118` ``(feature): Native Zabbix Support`` + + +2024-02-14 +========== + +* :vytask:`T6034` ``(feature): rpki: move file based SSH keys for authentication to PKI subsystem`` +* :vytask:`T5981` ``(bug): IPsec site-to-site migrated PKI ca certificates are created with an '@'`` +* :vytask:`T5930` ``(bug): vrf - route-leak not work using route-target both command.`` +* :vytask:`T5709` ``(bug): IPoE-server fails if next pool mentioned but not defined`` +* :vytask:`T4119` ``(bug): Issue with l2tp remote-access ipv6 configuration`` +* :vytask:`T2044` ``(bug): RPKI doesn't boot properly`` +* :vytask:`T6032` ``(feature): bgp: add EVPN MAC-VRF Site-of-Origin support`` +* :vytask:`T5960` ``(default): Rewriting authentication section in accel-ppp services`` + + +2024-02-13 +========== + +* :vytask:`T5928` ``(bug): Configuration fails to load on boot if offloading has VLAN interfaces defined`` +* :vytask:`T5482` ``(bug): Chrony NTP Server Fails To Sync Time`` +* :vytask:`T5064` ``(bug): Value validation for domain-groups seems to be broken`` + + +2024-02-12 +========== + +* :vytask:`T6010` ``(bug): Support setting multiple values in BGP path-attribute`` +* :vytask:`T6004` ``(bug): RPKI is not configured`` +* :vytask:`T5952` ``(default): DHCP allow same MAC Address on same subnet`` +* :vytask:`T5849` ``(feature): Add SRv6 route commands`` + + +2024-02-10 +========== + +* :vytask:`T6023` ``(bug): rpki: add support for CLI knobs expire-interval and retry-interval`` +* :vytask:`T1090` ``(default): Webproxy overhaul`` + + +2024-02-09 +========== + +* :vytask:`T6028` ``(bug): QoS policy shaper wrong class_id_max and default_minor_id`` +* :vytask:`T6026` ``(bug): QoS hide attempts to delete qdisc from devices`` +* :vytask:`T5788` ``(feature): frr: update to 9.1 release`` +* :vytask:`T5703` ``(bug): QoS config on pppoe interface resets back to fq_codel after tunnel reboots`` +* :vytask:`T5685` ``(feature): Keepalived VRRP prefix is not necessary for the virtual address`` + + +2024-02-08 +========== + +* :vytask:`T6014` ``(feature): Bump keepalived version`` +* :vytask:`T5910` ``(bug): Grub problem(?) Serial Console no longer working`` +* :vytask:`T6021` ``(bug): QoS r2q wrong calculation`` + + +2024-02-07 +========== + +* :vytask:`T6017` ``(bug): Update vyos-http-api-tools for security advisory`` +* :vytask:`T6016` ``(bug): Resolve intermittent failures in cleanup function after failed image install`` +* :vytask:`T6024` ``(feature): bgp: add additional missing FRR features`` +* :vytask:`T6011` ``(feature): rpki: known-hosts-file is no longer supported by FRR CLI - remove VyOS CLI node`` +* :vytask:`T5998` ``(feature): replay_window setting under vpn in config`` + + +2024-02-06 +========== + +* :vytask:`T6018` ``(default): smoketest: updating http-api framework requires a pause before test`` +* :vytask:`T5921` ``(bug): Trying to commit an OpenConnect configuration without any local users results in an exception`` +* :vytask:`T5687` ``(feature): Implement ECS settings for PowerDNS recursor`` + + +2024-02-05 +========== + +* :vytask:`T5974` ``(bug): QoS policy shaper is currently miscalculating bandwidth and ceil values for the default class`` +* :vytask:`T5865` ``(feature): Rewrite ipv6 pool section to ipv6 named pools in Accel-ppp services`` + + +2024-02-02 +========== + +* :vytask:`T5739` ``(bug): Password recovery does not work if public keys are configured`` +* :vytask:`T5955` ``(feature): Rootless containers/set uid/gid for container`` +* :vytask:`T5941` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] Orphaned Configuration Nodes Cause Issues`` +* :vytask:`T6003` ``(feature): Add 'show rpki as-number' and 'show rpki prefix'`` +* :vytask:`T5848` ``(feature): Add triple-isolate flow isolation option to CAKE QoS policy`` + + +2024-02-01 +========== + +* :vytask:`T5995` ``(bug): Kernel NIC-drivers for Huawei NICs are not properly enabled`` +* :vytask:`T5978` ``(bug): ethernet: hw-tc-offload does not actually get enabled on the NIC`` +* :vytask:`T5979` ``(enhancment): Add configurable kernel boot parameters`` +* :vytask:`T5973` ``(bug): vrf: RTNETLINK answers: File exists`` +* :vytask:`T5967` ``(bug): Multi-hop BFD connections can't be established; please add minimum-ttl option.`` +* :vytask:`T5619` ``(default): Update the Intel ixgbe driver due to issues with Intel X533`` + + +2024-01-31 +========== + +* :vytask:`T6000` ``(bug): [1.3.x -> 1.5.x] migrating threw exception in /opt/vyatta/etc/config-migrate/migrate/https/5-to-6, performed workaround`` +* :vytask:`T5999` ``(bug): load-balancing reverse-proxy can't configure root as a redirect`` + + +2024-01-30 +========== + +* :vytask:`T5980` ``(feature): Add image-tools support for configurable kernel boot options`` + + +2024-01-29 +========== + +* :vytask:`T5988` ``(bug): image-tools: a check of valid image name is missing from 'add image'`` +* :vytask:`T5994` ``(bug): Fix typo in 'remote' module preventing 'add system image' via ftp`` + + +2024-01-26 +========== + +* :vytask:`T5957` ``(bug): Firewall fails to delete inbound-interface name`` +* :vytask:`T5779` ``(bug): custom conntrack timeout rule not applicable`` +* :vytask:`T5984` ``(feature): Add user util numactl`` + + +2024-01-25 +========== + +* :vytask:`T5983` ``(bug): image-tools: minor regression in pruning version files in compatibility mode`` +* :vytask:`T5927` ``(bug): QoS policy shaper-hfsc class does not have a `bandwidth` node but requires one in the check`` +* :vytask:`T5834` ``(bug): Rename 'enable-default-log' to 'default-log'`` + + +2024-01-22 +========== + +* :vytask:`T5968` ``(feature): hsflowd: add VRF support`` +* :vytask:`T5975` ``(bug): GraphQL expects script otp.py that does not exists in 1.4`` +* :vytask:`T5961` ``(bug): QoS policy shaper vif with ceiling fails on commit`` +* :vytask:`T5958` ``(bug): QoS policy shaper-hfsc is not implemented`` +* :vytask:`T5160` ``(feature): Firewall refactor`` +* :vytask:`T5969` ``(feature): op-mode: list multicast group membership`` + + +2024-01-21 +========== + +* :vytask:`T5799` ``(bug): vyos unbootable after 1.4-rolling-202308240020 to 1.5-rolling-202312010026 upgrade`` +* :vytask:`T5787` ``(bug): dhcp-server allows duplicate static-mapping for the same IP address`` +* :vytask:`T5692` ``(enhancment): NTP leap smear`` +* :vytask:`T5954` ``(feature): Enable nvme_hwmon and drivetemp in KERNEL`` + + +2024-01-20 +========== + +* :vytask:`T5915` ``(bug): Firewall zone - Re add op-mode commands`` +* :vytask:`T5805` ``(bug): Missed per-interface statistic in telegraf`` +* :vytask:`T5724` ``(feature): About dhcp client hooks`` +* :vytask:`T5577` ``(bug): Optimize PAM configs for RADIUS/TACACS+`` +* :vytask:`T5550` ``(bug): Source validation on interface does not work properly`` +* :vytask:`T5267` ``(bug): Another corruption on upgrade`` +* :vytask:`T5239` ``(bug): frr 'hostname' missing or incorrect, and domain-name missing totally`` +* :vytask:`T5219` ``(bug): ddclient: Cloudflare doesn't require login`` +* :vytask:`T5217` ``(feature): Add firewall SYNPROXY`` +* :vytask:`T5203` ``(feature): load-balancing wan add systemd unit instead of old vyatta-wanloadbalance.init`` +* :vytask:`T5199` ``(bug): Salt-minion cannot connect to server in python 3.10 and up`` +* :vytask:`T5138` ``(feature): Add patch to accel-ppp build L2TP LNS use Calling-Number as RADIUS Calling-Station-ID`` +* :vytask:`T5054` ``(bug): ipsec: "show vpn ipsec remote-access" does not list active connections`` +* :vytask:`T5053` ``(bug): Vyatta-cfg Post-Removal Hook Tries to Disable Deleted Service`` +* :vytask:`T5035` ``(feature): Add more actions to policy route rule`` +* :vytask:`T4990` ``(bug): Commit results may not be properly saved if power is cut immediately after a successful commit`` +* :vytask:`T4988` ``(default): Expose time and size conversion functions as Jinja2 filters`` +* :vytask:`T4986` ``(feature): Ability to filter traffic originating from the router itself via firewall`` +* :vytask:`T4963` ``(default): vyos.ethtool: improve/fix driver name detection`` +* :vytask:`T4935` ``(bug): ospfv3: "not-advertise" and "advertise" conflict`` +* :vytask:`T4897` ``(bug): Setting 'source-address' or `source-interface` on existing vxlan interface doesn't work`` +* :vytask:`T4888` ``(default): Rewrite the conntrack sync script using vyos.opmode`` +* :vytask:`T4863` ``(feature): need an option for route policy to apply to dynamic interfaces l2tp*/ipoe*/pppoe* (for TCP MSS setting)`` +* :vytask:`T4817` ``(feature): Please add support for RFC 9234`` +* :vytask:`T4765` ``(default): Normalize field names in op mode JSON outputs`` +* :vytask:`T4751` ``(enhancment): Feature Request: system login: 2FA OTP key generator in VyOS CLI`` +* :vytask:`T4726` ``(default): Add completion and validation for the accel-ppp RADIUS vendor option`` +* :vytask:`T4722` ``(default): Improve abbreviation/acronym consistency`` +* :vytask:`T4172` ``(feature): Patch ndppd to not read route table if there are no auto prefixes`` +* :vytask:`T4085` ``(feature): Rewrite L2TP/PPTP/SSTP/PPPoE services to get_config_dict`` +* :vytask:`T4031` ``(feature): Ability to configure DMVPN in vrf`` +* :vytask:`T4030` ``(bug): SR-IOV and interface renaming bug`` +* :vytask:`T4014` ``(feature): Add “command” and “arg” configuration options for containers`` +* :vytask:`T3965` ``(default): arm: Extend configure scripts to allow for arm builds`` +* :vytask:`T3813` ``(bug): Some custom sysctl parameters can't be applied bug`` +* :vytask:`T3778` ``(bug): Abnormal network communication and settings`` +* :vytask:`T3591` ``(bug): OpenVPN with/without VRF not working (NordVPN)`` +* :vytask:`T3372` ``(feature): Support public HTTPS repos in live-build`` +* :vytask:`T5963` ``(bug): QoS policy shaper rate calculations could be wrong for some ethernet devices`` +* :vytask:`T5962` ``(feature): QoS policy set default speed to 100mbit or 1gbit instead of 10mbit`` +* :vytask:`T5697` ``(bug): event-handler keep failing`` +* :vytask:`T4779` ``(default): Make raw op mode command outputs use bytes for data amount values`` + + +2024-01-19 +========== + +* :vytask:`T5897` ``(bug): VyOS with Cloud-init and VRF stucks at reboot/shutdown process`` +* :vytask:`T5554` ``(bug): Disable sudo for PAM RADIUS`` +* :vytask:`T4754` ``(default): Improvement: system login: show configured 2FA OTP key`` +* :vytask:`T5857` ``(bug): show interfaces wireless info`` +* :vytask:`T5841` ``(default): Remove old ssh-session-cleanup.service`` +* :vytask:`T5543` ``(bug): Fix source address handling in static joins`` +* :vytask:`T5884` ``(default): Minor description fix (op-mode: generate wireguard)`` +* :vytask:`T5781` ``(default): Add ability to add additional minisign keys`` + + +2024-01-18 +========== + +* :vytask:`T5863` ``(bug): Failure to Load Config on Recent 1.5 Versions`` +* :vytask:`T4638` ``(bug): Deleting a parent interface does not delete its underlying VLAN interfaces`` +* :vytask:`T5953` ``(default): Rename 'close_action' value from `hold` to `trap` in IPSEC IKE`` +* :vytask:`T905` ``(bug): The command show remote-config does not work for remote-platform openvpn`` + + +2024-01-17 +========== + +* :vytask:`T5923` ``(bug): Config mode system_console.py is not aware of revised GRUB file structure`` +* :vytask:`T4658` ``(feature): Rename DPD action `hold` to `trap``` +* :vytask:`T5932` ``(bug): 1.4-rolling-202304120317 to 1.4.0-rc1: dynamic dns migration fail`` + + +2024-01-16 +========== + +* :vytask:`T5951` ``(bug): [1.4.0-RC2] show hardware dmi Operational Mode Command Broken`` +* :vytask:`T5937` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] IPv6 BGP Neighbor Peer Groups Missing / Not Migrated`` +* :vytask:`T5889` ``(bug): Migration NAT 5-to-6 bug`` +* :vytask:`T5859` ``(bug): Invalid format of pool range in accel-ppp services`` +* :vytask:`T5842` ``(feature): Rewrite PPTP service to get_config_dict`` +* :vytask:`T5801` ``(feature): Rewrite L2TP service to get_config_dict`` +* :vytask:`T5688` ``(default): Create the same view of pool configuration for all accel-ppp services`` + + +2024-01-15 +========== + +* :vytask:`T5944` ``(bug): "reboot in 1" not working`` +* :vytask:`T5936` ``(bug): [1.3.5 -> 1.4.0-RC1 Migration] OSPF Passive Interface Configuration Not Working Correctly`` +* :vytask:`T5247` ``(bug): the bug of the command "show interfaces system"`` +* :vytask:`T5901` ``(bug): Cloud-init and DHCP exit hook errors`` +* :vytask:`T4856` ``(bug): DHCP-client exit hook for IPsec is incorrect`` +* :vytask:`T2556` ``(bug): "show interfaces vrrp" does not return any interface`` + + 2024-01-14 ========== @@ -74,7 +843,6 @@ * :vytask:`T5012` ``(feature): Control network configuration from Cloud-Init config`` * :vytask:`T3116` ``(feature): Support back-end L4 level load balancing`` * :vytask:`T5614` ``(default): Add conntrack helper matching on firewall`` -* :vytask:`T5080` ``(bug): Conntrack enabled by default`` * :vytask:`T4782` ``(enhancment): Allow multiple CA certificates (on e.g. EAPoL)`` * :vytask:`T2199` ``(default): Rewrite firewall in new XML/Python style`` @@ -195,7 +963,6 @@ * :vytask:`T5866` ``(feature): Add op-mode command to restart IPv6 RA daemon`` * :vytask:`T5861` ``(bug): Flavor build system fails with third-party packages`` * :vytask:`T5854` ``(feature): Extend override-default script to allow embedded defaultValue settings`` -* :vytask:`T5566` ``(feature): Be able to disable 802.3az/EEE (energy efficient ethernet) for a particular interface`` * :vytask:`T5792` ``(default): Upgrade ddclient 3.11.2 release`` @@ -216,7 +983,6 @@ 2023-12-22 ========== -* :vytask:`T5811` ``(bug): static dhcp-interface routes not installed`` * :vytask:`T5804` ``(bug): SNAT "any" interface error`` * :vytask:`T4760` ``(bug): VyOS does not support running multiple instances of DHCPv6 clients`` |