########### 1.4 Sagitta ########### .. Please don't add anything by hand. This file is managed by the script: _ext/releasenotes.py 2023-05-12 ========== * :vytask:`T2778` ``(feature): Migrate "system syslog" to get_config_dict() to support new features`` * :vytask:`T2769` ``(feature): Add VRF support for syslog`` 2023-05-10 ========== * :vytask:`T5209` ``(bug): dhclient load-balancing exit hook 04-dhcp-wanlb returned non-zero exit status`` * :vytask:`T5065` ``(bug): Mixing `destination port xxx` and `destination group port-group yyy` in firewall rules doesn't work, but can be commited`` * :vytask:`T5060` ``(feature): add a VRRP 'maintenance mode'`` 2023-05-09 ========== * :vytask:`T5202` ``(bug): After removal load-balancing a pid remained which used in dhclient-exit-hooks`` 2023-05-06 ========== * :vytask:`T5206` ``(bug): ethtool.py:Ethtool.__init__ has always true conditional due to typo`` 2023-05-05 ========== * :vytask:`T5082` ``(feature): container: switch to netavark network stack`` 2023-05-04 ========== * :vytask:`T5193` ``(feature): Ability to specify NS records to specify NS servers for subdomains`` * :vytask:`T3891` ``(bug): X550-T2/Possibly other X550/X540 cards no link on VyOS`` * :vytask:`T5010` ``(bug): bgp: EVPN route-target not honored`` * :vytask:`T5196` ``(feature): wwan: op-mode should inform user if there is no WWAN interface`` 2023-05-03 ========== * :vytask:`T5163` ``(feature): Policy route-map add match source-protocol`` 2023-05-02 ========== * :vytask:`T5042` ``(bug): Command 'show vpn ipsec remote-access' does not work`` 2023-04-27 ========== * :vytask:`T5185` ``(bug): Static IPv6 route with blackhole fails`` * :vytask:`T5175` ``(bug): http-api: error in MultiPart parser for FastAPI version >= 0.91.0`` * :vytask:`T5183` ``(bug): IPv6 route6 problem`` * :vytask:`T5181` ``(bug): Wrong dependencies or priorities for zebra vni vrf interfaces and bgpd`` * :vytask:`T5128` ``(feature): Policy route - Allow wildcard interfaces`` * :vytask:`T5055` ``(feature): Firewall - Add packet type matcher (pkttype)`` * :vytask:`T5050` ``(feature): Firewall - Add options for logging packets`` * :vytask:`T5037` ``(feature): Firewall - Add queue action`` * :vytask:`T5176` ``(bug): http-api: update vyos-http-api-tools for FastAPI security vulnerability`` * :vytask:`T5174` ``(bug): vrf: ensure no duplicate VNIs can be created`` * :vytask:`T5123` ``(default): Display route originator in show ospf table command`` 2023-04-25 ========== * :vytask:`T5179` ``(bug): multi nodes defined in XML are not properly represented as list in get_config_dict()`` 2023-04-17 ========== * :vytask:`T5052` ``(bug): Error displaying dhcpv6 prefix delegation leases`` * :vytask:`T5150` ``(feature): Rework CLI definitions to apply route-maps between routing daemons and zebra/kernel`` * :vytask:`T3734` ``(bug): Move EVPN VRF up in FRR config`` 2023-04-13 ========== * :vytask:`T5152` ``(bug): Telegraf agent hostname isn't qualified`` * :vytask:`T4727` ``(feature): Add RADIUS rate limit support to PPTP server`` * :vytask:`T4939` ``(bug): VRRP command no-preempt not work as expected`` * :vytask:`T4791` ``(default): Consistent normalization of 'raw' output of op-mode scripts for CLI and API`` * :vytask:`T3608` ``(default): Standardize warnings from configure scripts`` 2023-04-11 ========== * :vytask:`T4924` ``(bug): Systemctl strongswan.service for some reason is not disabled`` * :vytask:`T4197` ``(bug): Vyos arm64-latest build issue with telegraf pkg`` * :vytask:`T4051` ``(bug): Connected routes strange / not working`` 2023-04-10 ========== * :vytask:`T5151` ``(bug): EAP-TLS TLSv1.0/1.1 regression after T5003`` * :vytask:`T5148` ``(bug): OpenVPN cannot start due to could not load plugin shared object /openvpn-otp.so`` * :vytask:`T5110` ``(bug): Show frr op-mode vtysh_pam: Failed in account validation`` * :vytask:`T5078` ``(feature): VyOS BGP does not support 'show bgp neighbors $NB filtered-routes'`` * :vytask:`T5070` ``(feature): show bgp nexthop unavailable in VRF`` * :vytask:`T5061` ``(bug): All containers restart on config change`` 2023-04-07 ========== * :vytask:`T5149` ``(bug): op-mode openvpn should not raise error in case interface is disabled`` 2023-04-06 ========== * :vytask:`T5147` ``(bug): Can't Commit with Container Network`` * :vytask:`T5142` ``(feature): One of the requirements is to use a system auditing tool to monitor and log all security-relevant events.`` * :vytask:`T5125` ``(feature): Add op-mode commands for hsflowd based sflow`` 2023-04-05 ========== * :vytask:`T5145` ``(feature): Add maxsyslogins maximum number of all logins on system`` * :vytask:`T5135` ``(default): Rewrite opennhrp script using vyos.ipsec library`` * :vytask:`T4975` ``(bug): CLI does not work after cutting off the power or reset`` * :vytask:`T5136` ``(bug): Possible config corruption on upgrade`` 2023-04-04 ========== * :vytask:`T5141` ``(feature): Add numbers for dhclient-exit-hooks.d to enforce script order execution`` * :vytask:`T5093` ``(bug): Command 'reset vpn ipsec-profile' doesn't work`` * :vytask:`T4362` ``(bug): Wan Load Balancing - Can't create routing tables`` 2023-04-03 ========== * :vytask:`T5139` ``(feature): IKE life-time should start from 0 for disable rekey`` * :vytask:`T4173` ``(bug): Wan Load Balancing - Error on firewall NAT rules`` 2023-04-02 ========== * :vytask:`T5134` ``(feature): Try if netavark networks can be moved to a VRF instance`` 2023-04-01 ========== * :vytask:`T5047` ``(bug): Recreate only a specific container`` * :vytask:`T5132` ``(default): Operational command "show isis vrf XXX route | neighbord" aren't working`` 2023-03-31 ========== * :vytask:`T5129` ``(feature): Add AWS build flavour`` * :vytask:`T5126` ``(feature): http-api: add 'allow-client' to restrict IP address of client connections`` 2023-03-30 ========== * :vytask:`T5130` ``(bug): op-mode: drop remaining reference to obsoleted 'show_interfaces.py'`` * :vytask:`T4866` ``(feature): Rewrite show_interfaces to standardized form`` * :vytask:`T366` ``(bug): SNMP Query for BGP Tunnels Returns IPv4 Tunnels Only`` 2023-03-29 ========== * :vytask:`T5100` ``(feature): Update FRR to 8.5`` * :vytask:`T5094` ``(bug): FRR systemd logs unknow key LimitNOFILESoft`` * :vytask:`T5085` ``(bug): ospfv3 route-map not applied in FRR configuration`` * :vytask:`T5056` ``(bug): IPoE server vlan-mon is not working`` * :vytask:`T5033` ``(bug): generate-public-key command fails for address with multiple public keys like GitHub`` * :vytask:`T4876` ``(bug): mpls - LSP broken on FRR 8.4.1`` * :vytask:`T5097` ``(bug): the operational command "show interfaces ethernet ethx" doesn't reflect a call to 'clear counters'`` * :vytask:`T5089` ``(enhancment): Add unit test of config_diff`` * :vytask:`T5088` ``(enhancment): Add lexicographical-numeric compare function for vytree/configtree`` * :vytask:`T5087` ``(enhancment): Add support for lexical ordering of nodes in config_tree`` * :vytask:`T4885` ``(feature): Rewrite 'clear interfaces counters' from Perl to Python`` * :vytask:`T4846` ``(bug): L3VPN- network command doesn't install direct connected prefix`` 2023-03-28 ========== * :vytask:`T5043` ``(feature): Need to create reset command for IKEv2 remote-access vpn connections`` 2023-03-27 ========== * :vytask:`T5099` ``(feature): IPoE server add option 'next-pool' for named ip pools`` * :vytask:`T5106` ``(feature): Extend generation of API client requests to configsession native functions and composite requests`` * :vytask:`T5104` ``(bug): DHCP default route issues with static routes in VRFs`` * :vytask:`T5079` ``(feature): xml: schema extension to support defaultValues on tagNodes`` * :vytask:`T5114` ``(feature): bgp: implement new CLI commands introduced in FRR 8.5`` 2023-03-23 ========== * :vytask:`T5108` ``(feature): Get rate limit for L2TP/PPTP/SSTP/IPoE in raw format`` * :vytask:`T5086` ``(feature): Integrate hsflowd for sflow accounting`` * :vytask:`T5107` ``(bug): Raise error in op-mode dns.py instead of calling exit`` 2023-03-22 ========== * :vytask:`T5068` ``(feature): Generate op-mode API client requests along with schema generation`` 2023-03-21 ========== * :vytask:`T5098` ``(feature): PPPoE client holdoff configuration`` * :vytask:`T3694` ``(bug): Static routes not installed into kernel nor frr`` * :vytask:`T5102` ``(feature): ospf: "redistribute babel" is always set`` 2023-03-20 ========== * :vytask:`T5057` ``(bug): IPoE server incorrect interface regex`` * :vytask:`T5095` ``(feature): Return list instead of dict for 'raw' output of op-mode openvpn`` 2023-03-19 ========== * :vytask:`T4925` ``(feature): Need to add the possibility to configure Pseudo-Random Functions (PRF) in IKEv2`` 2023-03-17 ========== * :vytask:`T5092` ``(bug): IPoE-server named pool must not rely on the authentication type`` * :vytask:`T5091` ``(bug): IPoE server with RADIUS authentication does not verify radius configuration`` 2023-03-16 ========== * :vytask:`T5073` ``(bug): IPoE-server interface option failed to parse`` * :vytask:`T5063` ``(bug): IPoE-server ethX vlan must not be used with client-subnet`` * :vytask:`T5058` ``(feature): Extend template filter range_to_regex`` * :vytask:`T3083` ``(feature): Add feature event-handler`` * :vytask:`T2516` ``(bug): vyos-container: cannot configure ethernet interface`` 2023-03-13 ========== * :vytask:`T5074` ``(bug): Show IPSEC SA failed if remote access IKEv2 vpn is used.`` * :vytask:`T4973` ``(bug): show dhcp server leases error for lease time 4294967295`` 2023-03-11 ========== * :vytask:`T5076` ``(feature): CI/CD: Docker container is bloated by legacy and conflicting dependencies`` 2023-03-09 ========== * :vytask:`T5066` ``(bug): Different GRE tunnel but same tunnel keys error`` * :vytask:`T4952` ``(feature): Improve interface completion helper CLI experience`` 2023-03-08 ========== * :vytask:`T4381` ``(default): OpenVPN: Add "Tunnel IP" column in "show openvpn server" operational command`` * :vytask:`T4872` ``(bug): Op-mode show openvpn misses a case when parsing for tunnel IP`` 2023-03-07 ========== * :vytask:`T2838` ``(bug): Ethernet device names changing, multiple hw-id being added`` * :vytask:`T5051` ``(feature): Use Literal types to provide op-mode CLI choices and API enums`` * :vytask:`T4900` ``(default): Cache intermediary results of get_config_diff in Config instance`` 2023-03-05 ========== * :vytask:`T5040` ``(default): Generate API GraphQL schema on installation, rather than dynamically`` 2023-03-03 ========== * :vytask:`T4625` ``(enhancment): Update ocserv to current revision (1.1.6)`` 2023-03-02 ========== * :vytask:`T4967` ``(feature): Ability to set hostname for the container`` 2023-03-01 ========== * :vytask:`T5015` ``(bug): Invalid format character error at hfsc class settings help text`` 2023-02-28 ========== * :vytask:`T5029` ``(feature): Nginx change default root directory and fix regex`` * :vytask:`T5025` ``(bug): Time-zone validation failed`` * :vytask:`T4955` ``(bug): Openconnect radiusclient.conf generating with extra authserver`` * :vytask:`T4843` ``(feature): Command-line arguments in container config`` * :vytask:`T4219` ``(feature): support incoming-interface (iif) in local PBR`` * :vytask:`T3903` ``(bug): Containers: after command "reboot" the host system will reboot after 1.5 minutes`` 2023-02-27 ========== * :vytask:`T5028` ``(feature): Add package exfatprogs to VyOS`` * :vytask:`T4985` ``(bug): reset vpn ipsec-peer command with peer name does not work`` 2023-02-26 ========== * :vytask:`T4979` ``(feature): Add API request 'show_user_info' for UI`` 2023-02-25 ========== * :vytask:`T5008` ``(bug): MACsec CKN of 32 chars is not allowed in CLI, but works fine`` * :vytask:`T5007` ``(bug): Interface multicast setting is invalid`` * :vytask:`T5027` ``(bug): OpenVPN options and site-to-site cannot pass smoketest`` * :vytask:`T4978` ``(bug): KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536`` * :vytask:`T5034` ``(bug): Migrate multicast CLI node to valueLess`` * :vytask:`T4948` ``(feature): pppoe: add CLI option to allow definition of host-uniq flag`` 2023-02-24 ========== * :vytask:`T5030` ``(bug): HTTPS-API delete key without id error`` * :vytask:`T5006` ``(bug): Http api segfault with concurrent requests`` 2023-02-23 ========== * :vytask:`T5013` ``(feature): Extend accelppp.py op-mode to get subnet start stop info from config`` * :vytask:`T5002` ``(feature): Add uk (United Kingdom) keymap`` 2023-02-22 ========== * :vytask:`T5024` ``(bug): check-qemu-install VM is not shutdown the first time`` * :vytask:`T5011` ``(bug): Some interface drivers don't support min_mtu and max_mtu and verify_mtu check should be skipped`` 2023-02-21 ========== * :vytask:`T5021` ``(bug): IPsec SA is closed before negotiating a new one or it is negotiated on every second if big life-time is set in swanctl.conf`` * :vytask:`T5020` ``(feature): Extend openvpn.py op-mode to get a list of configured clients`` 2023-02-20 ========== * :vytask:`T5005` ``(feature): Skip user authentication for PPPoE Server with noauth option`` 2023-02-16 ========== * :vytask:`T4971` ``(feature): Radius attribute "Framed-Pool" for PPPoE`` 2023-02-15 ========== * :vytask:`T4991` ``(bug): Restore path level information to compare output`` 2023-02-14 ========== * :vytask:`T4968` ``(bug): VPN IPsec check dpd and close action for empty values`` * :vytask:`T1993` ``(feature): Extended pppoe rate-limiter`` 2023-02-13 ========== * :vytask:`T4905` ``(feature): Convert show nhrp tunnel to tabulate format`` * :vytask:`T4153` ``(bug): Monitor bandwidth-test initiate not working`` 2023-02-12 ========== * :vytask:`T4998` ``(bug): pppoe username validation too restrictive (regression)`` 2023-02-11 ========== * :vytask:`T2603` ``(feature): pppoe-server: reduce min MTU`` 2023-02-10 ========== * :vytask:`T4857` ``(feature): SNMP - Implement FRR SNMP recommendations`` * :vytask:`T4995` ``(feature): pppoe, wwan and sstp-client - rename user -> username on authentication`` 2023-02-07 ========== * :vytask:`T4980` ``(bug): chrony not listening as a server`` * :vytask:`T4868` ``(bug): L2TP ppp-options ipv6 does not work without ipv6 pool but should`` * :vytask:`T4117` ``(bug): Does not possible to configure PoD/CoA for L2TP vpn`` 2023-02-01 ========== * :vytask:`T4970` ``(default): pin OCaml pcre package to avoid JIT support`` 2023-01-31 ========== * :vytask:`T4964` ``(bug): FRR bgp address-family l2vpn-evpn route-target export/import not working`` * :vytask:`T4780` ``(feature): Firewall - Add interface group`` * :vytask:`T4157` ``(default): Add jinja2 to pip test requirements`` 2023-01-30 ========== * :vytask:`T4958` ``(feature): Add OpenConnect RADIUS Accounting support`` * :vytask:`T4954` ``(bug): DNS cannot be configured via Network-Config v1 received from ConfigDrive / Cloud-Init`` * :vytask:`T4118` ``(default): IPsec syntax overhaul`` 2023-01-29 ========== * :vytask:`T4965` ``(default): empty description in firewall group causes configuration error on migration`` 2023-01-28 ========== * :vytask:`T4961` ``(bug): Uncaught configtree error allows ntp migration 1-to-2 to fail silentlly on config.boot.default`` 2023-01-27 ========== * :vytask:`T4960` ``(bug): Bugs in `cc_vyos.py` code (Cloud-Init)`` 2023-01-26 ========== * :vytask:`T4886` ``(feature): Firewall and Policy - Add connection mark`` * :vytask:`T4957` ``(bug): config-mgmt should not attempt to archive config at boot`` * :vytask:`T4962` ``(bug): Fix typo in regex in vyos.config_mgmt compare function`` * :vytask:`T4912` ``(default): Rewrite the IGMP op mode in the new style`` 2023-01-25 ========== * :vytask:`T4941` ``(bug): Accel-ppp IPoE incompatibility with kernel 6.1`` 2023-01-24 ========== * :vytask:`T4947` ``(feature): Support mounting container volumes as ro or rw`` 2023-01-23 ========== * :vytask:`T4798` ``(default): Migrate the file-exists validator away from Python`` * :vytask:`T4683` ``(enhancment): Add kitty-terminfo package to build`` * :vytask:`T4953` ``(bug): Remove convert_kwargs_to_snake_case decorator in dynamic generation of GraphQL resolvers`` * :vytask:`T4875` ``(default): Replace Python validator 'interface-name' to avoid Python startup cost`` * :vytask:`T4664` ``(bug): Add validation to reject whitespace in tag node value names`` 2023-01-22 ========== * :vytask:`T4906` ``(bug): ipsec connections shows only one connection as up`` 2023-01-21 ========== * :vytask:`T4799` ``(bug): PowerDNS >= 4.7 does not get reloaded by vyos-hostsd`` * :vytask:`T4878` ``(bug): Any interface bonding changes cause interface flapping`` * :vytask:`T4387` ``(default): Create additional smoketests for multiwan PBR & load-balanced configurations`` 2023-01-20 ========== * :vytask:`T4551` ``(bug): IPsec rekeying collisions bug`` * :vytask:`T4942` ``(feature): Rewrite vyatta-config-mgmt to Python/XML`` 2023-01-17 ========== * :vytask:`T4938` ``(bug): Interface input ifb does not work`` * :vytask:`T4902` ``(bug): snmpd: exclude container storage from monitoring`` * :vytask:`T4140` ``(bug): Lack of SNMP IANA mibs`` 2023-01-15 ========== * :vytask:`T4832` ``(feature): dhcp: Add IPv6-only dhcp option support (RFC 8925)`` * :vytask:`T4937` ``(feature): ocserv: upgrade package to version 1.1.6`` * :vytask:`T4918` ``(bug): Odd show interface behavior`` * :vytask:`T3008` ``(feature): Migrate from ntpd to chronyd`` 2023-01-13 ========== * :vytask:`T4911` ``(default): Rewrite the LLDP op mode in the new format`` * :vytask:`T4928` ``(feature): Upgrade Linux Kernel to 6.1.y (2022 LTS edition)`` 2023-01-12 ========== * :vytask:`T4934` ``(bug): ospf: Fix inter-area route summarization`` * :vytask:`T4929` ``(feature): Update Intel QAT drivers to 4.20.0-00001`` 2023-01-10 ========== * :vytask:`T4880` ``(feature): Expose 'add/delete container image' in HTTP-API`` 2023-01-09 ========== * :vytask:`T4922` ``(feature): Add ssh-client source-interface CLI option`` * :vytask:`T4524` ``(bug): Squid webproxy not working properly`` 2023-01-08 ========== * :vytask:`T4920` ``(bug): ospf: Fix `passive-interface default` option`` 2023-01-07 ========== * :vytask:`T4884` ``(bug): Missing a community6 in snmpd config`` 2023-01-05 ========== * :vytask:`T4904` ``(feature): Allow multiple ports for high-availability virtual-server`` * :vytask:`T4789` ``(feature): Ability to get L2TP/PPTP/SSTP sessions info in a machine readable format`` * :vytask:`T3937` ``(default): Rewrite "show system memory" in Python to make it usable as a library function`` 2023-01-04 ========== * :vytask:`T4848` ``(bug): Minor bug in OpenConnect server with default route`` * :vytask:`T4656` ``(feature): Support the listen-host config field of openconnect server`` 2023-01-03 ========== * :vytask:`T4907` ``(bug): nat source translations couldn't show metrics`` 2023-01-02 ========== * :vytask:`T4893` ``(feature): l2tp add ppp-options IPv6 interface identifier`` * :vytask:`T4717` ``(feature): Connect to console server by name`` * :vytask:`T725` ``(feature): Cake and FQ-PIE`` 2022-12-31 ========== * :vytask:`T4898` ``(feature): Add mtu config option for dummy interfaces`` 2022-12-30 ========== * :vytask:`T4834` ``(bug): Limit container network name to 15 characters`` * :vytask:`T4901` ``(bug): Update Podman to v4.3.1`` * :vytask:`T4899` ``(bug): Podman systemd services not being installed correctly`` 2022-12-28 ========== * :vytask:`T4593` ``(feature): Upgrade strongswan to 5.9.8`` 2022-12-26 ========== * :vytask:`T4511` ``(bug): IPv6 DNS lookup`` * :vytask:`T4809` ``(feature): radvd: Allow use of AdvRASrcAddress`` 2022-12-25 ========== * :vytask:`T3579` ``(feature): Rewrite vyatta-conntrack in new XML and Python flavour`` 2022-12-24 ========== * :vytask:`T4890` ``(bug): show conntrack table ipv4 fail`` * :vytask:`T4879` ``(bug): IPSec migration failed with missing remote-id`` * :vytask:`T4870` ``(feature): Containers switch to using overlay driver for podman storage`` 2022-12-23 ========== * :vytask:`T4792` ``(feature): Add SSTP VPN client`` 2022-12-21 ========== * :vytask:`T4887` ``(bug): Schema generation from op-mode functions should set default 'false' on boolean arguments`` 2022-12-18 ========== * :vytask:`T4882` ``(bug): Missing ICMPv6 type names in firewall configuration`` 2022-12-15 ========== * :vytask:`T4671` ``(bug): linux-firmware package is missing symlinks defined in WHENCE file`` 2022-12-14 ========== * :vytask:`T4881` ``(bug): Return opmode.Error on openconnect.py show_sessions`` 2022-12-12 ========== * :vytask:`T4861` ``(feature): Openconnect restart on adding users - Aborts all active connections`` 2022-12-09 ========== * :vytask:`T4865` ``(bug): container impossible to generate local image from a file if it requires install some pkgs`` 2022-12-05 ========== * :vytask:`T4860` ``(bug): Openconnect server incorrect unconfigured check`` * :vytask:`T4804` ``(bug): PPPoE server incorrect unconfigured check`` * :vytask:`T4854` ``(feature): BGP-route reflector allows to apply route-maps`` 2022-12-04 ========== * :vytask:`T4825` ``(feature): interfaces veth/veth-pairs -standalone used`` * :vytask:`T4805` ``(bug): PPPoE server does not restart service if pool was changed`` 2022-12-02 ========== * :vytask:`T4830` ``(bug): nat66 - Error in port translation rules`` * :vytask:`T4859` ``(bug): Correct calling of config mode script dependencies from http-api.py`` * :vytask:`T4820` ``(enhancment): Support for inter-config-mode script dependencies`` * :vytask:`T4858` ``(bug): L3VPN- Route Distinguisher notations`` * :vytask:`T1024` ``(feature): Policy Based Routing by DSCP`` 2022-12-01 ========== * :vytask:`T4841` ``(feature): add fan control`` * :vytask:`T4847` ``(bug): Correct calling of config mode script dependencies from pki.py`` 2022-11-29 ========== * :vytask:`T4842` ``(bug): Routing config broken if mpls config exists`` * :vytask:`T4845` ``(default): Add smoketest to detect cycles in config-mode script dependency calls`` 2022-11-27 ========== * :vytask:`T4739` ``(feature): ISIS and OSPF segment routing being refactored`` 2022-11-24 ========== * :vytask:`T4794` ``(bug): show firewall name - Can't use .items() on a list`` * :vytask:`T4714` ``(feature): Delete unused ipset from the filecaps`` * :vytask:`T3541` ``(bug): Route Map large community set additive is missing`` 2022-11-23 ========== * :vytask:`T4836` ``(feature): Kernel: enable new features like switchdev, ESP in TCP and HSR`` * :vytask:`T4835` ``(bug): SNMPD configuration incorrect for IPv6`` * :vytask:`T4819` ``(feature): Allow printing Warning messages in multiple lines with \n`` * :vytask:`T4807` ``(feature): Need to fix traceroute help completion`` * :vytask:`T4660` ``(feature): Reorganize route map set community CLI`` * :vytask:`T4526` ``(bug): keepalived-fifo.py unable to load config`` * :vytask:`T4793` ``(feature): Create warning message about disable-route-autoinstall when ipsec vti is used`` * :vytask:`T4492` ``(bug): Incorrect list of neighbors in help for "show bgp vrf VRF neighbors"`` * :vytask:`T4496` ``(feature): ping vrf help does not list VRFs`` 2022-11-22 ========== * :vytask:`T4823` ``(bug): swanctl.conf is broken when ipsec site-to-site peer set.`` * :vytask:`T4706` ``(bug): NAT and NAT66 issues`` * :vytask:`T4670` ``(feature): policy route - Update matching criteria`` 2022-11-21 ========== * :vytask:`T4812` ``(feature): IPsec ability to show all configured connections`` * :vytask:`T4829` ``(default): Tunnel argument to 'reset_peer' in ipsec.py should have type hint Optional`` 2022-11-20 ========== * :vytask:`T4827` ``(bug): route-map issues , not load configuration FRR`` 2022-11-19 ========== * :vytask:`T4826` ``(bug): Wrong key type is used for SSH SK public keys`` * :vytask:`T4720` ``(feature): Ability to configure SSH HostKeyAlgorithms`` * :vytask:`T4828` ``(default): Raise appropriate op-mode errors in ipsec.py 'reset_peer'`` 2022-11-18 ========== * :vytask:`T4821` ``(bug): Correct calling of config mode script dependencies from firewall.py`` 2022-11-17 ========== * :vytask:`T4750` ``(feature): Support of higher level SSH keys (sk-ssh-ed25519)`` 2022-11-15 ========== * :vytask:`T4808` ``(feature): Add details of configtree operations to migration log`` 2022-11-12 ========== * :vytask:`T4814` ``(bug): Regression in bundled powerdns version`` 2022-11-09 ========== * :vytask:`T4800` ``(bug): undefined var includes_chroot_dir in build-vyos-image`` 2022-11-08 ========== * :vytask:`T4771` ``(feature): Rewrite protocol BGP op-mode to vyos.opmode format`` * :vytask:`T4806` ``(default): Update FRR to 8.4 in 1.4 version`` 2022-11-06 ========== * :vytask:`T4803` ``(bug): The header 'Authorization' needs to be explictly allowed in http-api CORS middleware`` 2022-11-05 ========== * :vytask:`T4802` ``(feature): Ability to define per container shared-memory size`` 2022-11-01 ========== * :vytask:`T4764` ``(bug): NAT tables vyos_nat and vyos_static_nat not deleting after deleting nat`` * :vytask:`T4177` ``(bug): Strip-private doesn't work for service monitoring`` 2022-10-31 ========== * :vytask:`T4786` ``(feature): Add package python3-pyhumps`` * :vytask:`T1875` ``(feature): Add the ability to use network address as BGP neighbor (bgp listen range)`` * :vytask:`T4785` ``(feature): snmp: Allow !, @, * and # in community name`` * :vytask:`T4787` ``(feature): ipsec: add support for road-warrior/remote-access RADIUS timeout`` 2022-10-29 ========== * :vytask:`T4783` ``(default): Add support for stunnel`` * :vytask:`T4784` ``(feature): Add description node for static route/route6 tagNodes`` 2022-10-28 ========== * :vytask:`T4291` ``(default): Consolidate component version read/write functions`` 2022-10-27 ========== * :vytask:`T4763` ``(feature): Change XML for Show nat destination statistics`` * :vytask:`T4762` ``(bug): Show nat rules with empty rules incorrect error`` * :vytask:`T4778` ``(bug): Raise error UnconfiguredSubsystem if op-mode ipsec.py fails initialization`` 2022-10-26 ========== * :vytask:`T4773` ``(default): Add camel_case to snake_case conversion utility`` 2022-10-25 ========== * :vytask:`T4574` ``(default): Add token based authentication to GraphQL API`` 2022-10-24 ========== * :vytask:`T4772` ``(default): Return list of dicts in 'raw' output of route.py instead of dict with redundant information`` 2022-10-23 ========== * :vytask:`T3723` ``(bug): op-mode IPSec show vpn ipsec sa output with underscores`` 2022-10-21 ========== * :vytask:`T4768` ``(default): Change name of api child node from 'gql' to 'graphql'`` 2022-10-18 ========== * :vytask:`T4684` ``(feature): Rewrite show ip route by protocol to vyos.opmode format`` * :vytask:`T4533` ``(bug): Radius clients don’t have simple permissions`` * :vytask:`T4753` ``(enhancment): Extend automatic generation of schema to query SystemStatus`` 2022-10-17 ========== * :vytask:`T4725` ``(bug): Unable to reset vpn IPsec peer`` 2022-10-14 ========== * :vytask:`T4672` ``(bug): RADIUS server disable does not work`` * :vytask:`T4749` ``(enhancment): Use config_dict for conf_mode http-api.py`` 2022-10-13 ========== * :vytask:`T4746` ``(bug): Monitoring nft. table vyos_filter by default does not exist but telegraf checks this table`` * :vytask:`T4744` ``(bug): BGP directly connected neighbors don't compatible with ebgp-multihop`` * :vytask:`T4716` ``(feature): SSH ability to configure RekeyLimit`` * :vytask:`T4343` ``(default): Expose powerdns network-timeout for service dns forwarding`` * :vytask:`T4312` ``(bug): Telegraf configuration doesn't accept IPs for URL`` * :vytask:`T4274` ``(default): Extend OpenConnect RADIUS Timeout to Permit 2FA Entry`` 2022-10-12 ========== * :vytask:`T4747` ``(bug): Monitoring influxdb template input exec plugin does not work`` * :vytask:`T4740` ``(bug): Show conntrack table ipv6 fail`` * :vytask:`T4730` ``(bug): Conntrack-sync error - listen-address is not the correct type in config as it should be`` 2022-10-11 ========== * :vytask:`T4742` ``(bug): Autocomplete in policy route rule x set table / does not show the tables created in the static protocols`` * :vytask:`T4741` ``(bug): set firewall zone Local local-zone failed`` * :vytask:`T4680` ``(bug): Telegraf prometheus-client listen-address invalid format`` 2022-10-10 ========== * :vytask:`T538` ``(feature): Support for network mapping in NAT`` 2022-10-09 ========== * :vytask:`T4738` ``(enhancment): Extend automatic generation of schema definition files to native configsession functions; use single resolver/directive`` 2022-10-08 ========== * :vytask:`T4707` ``(feature): Enable OSPF segment routing`` 2022-10-07 ========== * :vytask:`T4736` ``(bug): Error on JSON output of API query ShowConfig`` 2022-10-04 ========== * :vytask:`T4708` ``(bug): 'show nat destination rules' throwing an error`` * :vytask:`T4700` ``(feature): Firewall - Add interface match criteria`` * :vytask:`T4699` ``(feature): Firewall - Add jump action - Add return action`` * :vytask:`T4651` ``(feature): Firewall - Add options to match packet size`` * :vytask:`T4702` ``(bug): Wireguard peers configuration is not synchronized with CLI`` * :vytask:`T4685` ``(bug): Interface does not exist on boot when used as inbound-interface for local policy route`` * :vytask:`T4652` ``(feature): Upgrade PowerDNS recursor to 4.7 series`` * :vytask:`T4582` ``(default): Router-advert: Preferred lifetime cannot equal valid lifetime in PIOs`` 2022-09-29 ========== * :vytask:`T4715` ``(feature): Auto logout user after a period of inactivity`` * :vytask:`T4697` ``(bug): policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit`` 2022-09-27 ========== * :vytask:`T4711` ``(feature): Ability to terminate user TTY and PTS sessions`` * :vytask:`T4557` ``(feature): fastnetmon: allow configure limits per protocol (tcp, udp, icmp)`` 2022-09-21 ========== * :vytask:`T4678` ``(feature): Rewrite service ipoe-server to get_config_dict`` * :vytask:`T4703` ``(feature): accel-ppp: combine vlan-id and vlan-range into single CLI node`` 2022-09-20 ========== * :vytask:`T4693` ``(bug): ISIS segment routing was broken...`` 2022-09-17 ========== * :vytask:`T4666` ``(bug): EAP-TLS no longer allows TLSv1.0 after T4537, T4584`` * :vytask:`T4665` ``(bug): Keepalived cannot use same VRID for VRRPv2 and VRRPv3`` 2022-09-16 ========== * :vytask:`T4698` ``(enhancment): Drop validator name="range" and replace it with numeric`` * :vytask:`T4695` ``(feature): Add 'es' and 'jp106' keymap option keyboard-layout`` * :vytask:`T4669` ``(enhancment): Extend numeric.ml for inversion of values and range values`` 2022-09-15 ========== * :vytask:`T4679` ``(bug): OpenVPN site-to-site incorrect check for IPv6 local and remote address`` * :vytask:`T4691` ``(feature): Upgrade Linux Kernel to latest 5.15.y train`` * :vytask:`T4630` ``(bug): Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time`` * :vytask:`T4696` ``(default): Extend bgp parameters for bgp bestpath peer-type multipath-relax`` 2022-09-12 ========== * :vytask:`T4617` ``(feature): VRF specification is needed for telegraf prometheus-client listen-address
`` * :vytask:`T4690` ``(bug): Update GraphQL resolver for 'SystemStatus' following changes to 'show_uptime' op-mode script`` * :vytask:`T4647` ``(feature): Add Google Virtual NIC (gVNIC) support`` * :vytask:`T4170` ``(feature): Rename "policy ipv6-route" -> "policy route6"`` 2022-09-09 ========== * :vytask:`T4682` ``(feature): Rewrite 'show system storage' in standardized format`` * :vytask:`T4681` ``(feature): Complete standardization of show_uptime.py`` 2022-09-06 ========== * :vytask:`T4640` ``(enhancment): Integrate op-mode exception hierarchy into API`` * :vytask:`T4597` ``(bug): Check bind port before assign service HTTPS API and openconnect`` * :vytask:`T4674` ``(bug): API should show op-mode error message, if present`` * :vytask:`T4673` ``(bug): op-mode bridge.py should raise error on show_fdb for nonexistent bridge interface`` 2022-09-05 ========== * :vytask:`T4668` ``(bug): Adding/removing members from bond doesn't work/results in incorrect interface state`` * :vytask:`T4663` ``(bug): Interface pseudo-ethernet does not change mode`` * :vytask:`T4655` ``(bug): Firewall in 1.4 sets the default action 'accept' instead of 'drop'`` * :vytask:`T4628` ``(bug): ConfigTree() throws ValueError() if tagNode contains whitespaces`` 2022-09-01 ========== * :vytask:`T4606` ``(bug): monitor nat destination translation shows missing script`` * :vytask:`T4435` ``(bug): Policy route and firewall - error when using undefined group`` * :vytask:`T4147` ``(bug): New Firewall Implementation - proposed changes on group implementation`` 2022-08-31 ========== * :vytask:`T4650` ``(feature): Rewire show nat translation to vyos.opmode format`` * :vytask:`T4644` ``(bug): Check bind port before assign vpn sstp`` * :vytask:`T4643` ``(bug): Smoketest exclude either sstp or openconnect from pki-misc default listen port`` * :vytask:`T4569` ``(feature): Rewrite show bridge to new format`` * :vytask:`T4547` ``(bug): Show vpn ipsec sa show unexpected prefix 'B' in packets`` * :vytask:`T4367` ``(bug): NAT - Config tmp file not available`` 2022-08-29 ========== * :vytask:`T4645` ``(bug): show nat source statistics lack argument --family`` * :vytask:`T4634` ``(bug): Bgp neighbor disable-connected-check does not work`` * :vytask:`T4631` ``(feature): Add port and protocol to nat66`` * :vytask:`T4623` ``(feature): Add show conntrack statistics`` * :vytask:`T4595` ``(bug): DPD interval and timeout do not work in DMVPN`` * :vytask:`T4594` ``(feature): Rewrite op-mode IPsec to vyos.opmode format`` * :vytask:`T4508` ``(bug): Problem with values of the same environment in different event handlers`` * :vytask:`T4653` ``(bug): Interface offload options are not applied correctly`` * :vytask:`T4546` ``(bug): Does not connect Cisco spoke to VyOS hub.`` * :vytask:`T4061` ``(default): Add util function to check for completion of boot config`` * :vytask:`T4654` ``(bug): RPKI cache incorrect description`` * :vytask:`T4572` ``(bug): Add an option to force interface MTU to the value received from DHCP`` 2022-08-26 ========== * :vytask:`T4642` ``(bug): proxy: hyphen not allowed in proxy URL`` 2022-08-25 ========== * :vytask:`T4626` ``(bug): Error showing nat66 source and destination`` * :vytask:`T4622` ``(feature): Firewall allow drop packets by TCP MSS size`` 2022-08-24 ========== * :vytask:`T4641` ``(bug): prefix-list allows ipv6 prefix as input`` * :vytask:`T4633` ``(feature): Change keepalived to v2.2.7`` 2022-08-23 ========== * :vytask:`T4618` ``(bug): Traffic policy not set on virtual interfaces`` * :vytask:`T4538` ``(bug): Macsec does not work correctly when the interface status changes.`` 2022-08-22 ========== * :vytask:`T4089` ``(bug): Show nat destination rules shows ip address instead of interface 'any'`` * :vytask:`T4632` ``(bug): VLAN-aware bridge not working`` * :vytask:`T4637` ``(feature): Upgrade to podman 4.2.0`` 2022-08-20 ========== * :vytask:`T4596` ``(bug): "show openconnect-server sessions" command does not work in the openconnect module`` 2022-08-19 ========== * :vytask:`T4620` ``(bug): UPnP does not work due to incorrect template`` * :vytask:`T4619` ``(bug): Static arp is not set if another entry is present`` * :vytask:`T4611` ``(bug): UPnP rule IP should be a prefix instead of an address`` * :vytask:`T4614` ``(feature): OpenConnect split-dns directive`` 2022-08-18 ========== * :vytask:`T4613` ``(bug): UPnP configuration without listen option fail`` * :vytask:`T4570` ``(bug): Exception when trying to set up VXLAN over Wireguard`` 2022-08-17 ========== * :vytask:`T4598` ``(feature): nat66 - Add exclude options`` * :vytask:`T4480` ``(default): add an ability to configure squid acl safe ports and acl ssl safe ports`` 2022-08-16 ========== * :vytask:`T4592` ``(bug): macsec: can not create two interfaces using the same source-interface`` * :vytask:`T4584` ``(bug): hostap: create custom package build`` * :vytask:`T4413` ``(default): Add an API endpoint with basic system stats`` * :vytask:`T4537` ``(bug): MACsec not working with cipher gcm-aes-256`` 2022-08-15 ========== * :vytask:`T4609` ``(bug): Unable to Restart Container VyOS 1.4`` * :vytask:`T4565` ``(bug): vlan aware bridge not working with - Kernel: T3318: update Linux Kernel to v5.4.205 #249`` * :vytask:`T3988` ``(default): Feature Request: IPsec Multiple local/remote prefix for the tunnel`` * :vytask:`T2763` ``(feature): New SNMP resource request - SNMP over TCP`` 2022-08-14 ========== * :vytask:`T4579` ``(bug): bridge: can not delete member interface CLI option when VLAN is enabled`` * :vytask:`T4421` ``(default): Add support for floating point numbers in the numeric validator`` * :vytask:`T3507` ``(bug): Bond with mode LACP show u/u in show interfaces even if peer is not configured`` 2022-08-12 ========== * :vytask:`T4603` ``(feature): Need a config option to specify NAS-IP-Address for vpn l2tp`` 2022-08-10 ========== * :vytask:`T4408` ``(feature): Add sshguard to protect against brut-forces`` 2022-08-08 ========== * :vytask:`T4586` ``(feature): Add to NAT66: SNAT destination address and DNAT source address.`` 2022-08-04 ========== * :vytask:`T4257` ``(feature): Discussion on changing BGP autonomous system number syntax`` 2022-08-02 ========== * :vytask:`T4585` ``(feature): Rewrite op-mode containers to vyos.opmode`` * :vytask:`T4515` ``(default): Reduce telegraf binary size`` 2022-08-01 ========== * :vytask:`T4581` ``(bug): 'show system cpu' not working`` * :vytask:`T4578` ``(feature): Rewrite show dns forwarding statistics to new format`` 2022-07-31 ========== * :vytask:`T4580` ``(bug): Handle the case of op-mode file names with hyphens in GraphQL schema/resolver generation`` 2022-07-30 ========== * :vytask:`T4575` ``(feature): vyos.utill add new wrapper "rc_cmd" to get the return code and output`` * :vytask:`T4562` ``(feature): Rewrite show vrf to new format`` * :vytask:`T4545` ``(feature): Rewrite show nat source rules`` * :vytask:`T4543` ``(bug): Show source nat statistics shows incorrect interface`` * :vytask:`T4503` ``(default): Prevent op mode scripts from restarting services if there's a commit in progress`` * :vytask:`T4411` ``(feature): Add migration for service monitoring telegraf influxdb`` 2022-07-29 ========== * :vytask:`T4554` ``(enhancment): Implement GraphQL resolvers for standardized op-mode scripts`` * :vytask:`T4518` ``(feature): Add XML for CLI conf mode load-balancing wan`` * :vytask:`T4544` ``(enhancment): Generate schema definitions from standardized op-mode scripts`` 2022-07-28 ========== * :vytask:`T4531` ``(bug): NAT op-mode errors with exclude rules`` * :vytask:`T3435` ``(bug): NAT rules show corruption`` 2022-07-27 ========== * :vytask:`T4571` ``(bug): Sflow with vrf configured does not use vrf to validate agent-address IP from vrf-configured interfaces`` * :vytask:`T4552` ``(bug): Unable to reset IPsec IPv6 peer`` 2022-07-26 ========== * :vytask:`T4568` ``(bug): show vpn debug peer doesn't work`` * :vytask:`T4556` ``(feature): fastnetmon: Allow configure white_list_path and populate with hosts/networks that should be ignored.`` * :vytask:`T4495` ``(feature): Combine BGP reset op commands`` 2022-07-25 ========== * :vytask:`T4567` ``(default): Merge experimental branch of GraphQL development`` * :vytask:`T4560` ``(bug): VRF and BGP neighbor local-as error`` * :vytask:`T4493` ``(bug): Incorrect help for "show bgp neighbors"`` * :vytask:`T1233` ``(bug): ipsec vpn sa showing down`` 2022-07-22 ========== * :vytask:`T4145` ``(bug): Conntrack table not showing after firewall rewriting`` 2022-07-21 ========== * :vytask:`T4555` ``(feature): fastnetmon: add IPv6 support`` * :vytask:`T4553` ``(default): Allow to set ban time on ddos-protection configuration`` 2022-07-20 ========== * :vytask:`T4056` ``(bug): Traffic policy not set in live configuration`` 2022-07-18 ========== * :vytask:`T4523` ``(feature): OP-mode Extend conntrack output to get marks, zones and directions`` * :vytask:`T4228` ``(bug): bond: OS error thrown when two bonds use the same member`` * :vytask:`T4539` ``(feature): qat: update Intel QuickAssist release version 1.7.L.4.16.0-00017`` * :vytask:`T4534` ``(bug): bond: bridge: error out if member interface is assigned to a VRF instance`` * :vytask:`T4525` ``(bug): Delete interface from VRF and add it to bonding error`` * :vytask:`T4522` ``(feature): bond: add ability to specify mii monitor interval via CLI`` * :vytask:`T4535` ``(feature): FRR: upgrade to stable/8.3 version`` * :vytask:`T4521` ``(bug): bond: ARP monitor interval is not configured despite set via CLI`` * :vytask:`T4540` ``(feature): firmware: update to Linux release 20220708`` 2022-07-17 ========== * :vytask:`T4028` ``(bug): FRR 8.1 routes not being applied to routing table after reboot if an interface has 2 ip addresses`` 2022-07-15 ========== * :vytask:`T4494` ``(bug): Cannot reset BGP peer within VRF`` * :vytask:`T4536` ``(feature): FRR: move to systemd for daemon control`` 2022-07-14 ========== * :vytask:`T4491` ``(bug): Use empty string for internal name of root node of config_tree`` 2022-07-13 ========== * :vytask:`T1375` ``(feature): Add clear dhcp server lease function`` 2022-07-12 ========== * :vytask:`T4527` ``(bug): Prevent to create VRF name default`` * :vytask:`T4084` ``(default): Dehardcode the default login banner`` * :vytask:`T3948` ``(feature): IPSec VPN: Add a new option "none" for the connection-type`` * :vytask:`T235` ``(feature): Ability to configure manual IP Rules`` 2022-07-10 ========== * :vytask:`T3836` ``(bug): Setting a default IPv6 route while getting IPv4 gateway via DHCP removes the IPv4 gateway`` 2022-07-09 ========== * :vytask:`T4507` ``(feature): IPoE-server add multiplier option for shaper`` * :vytask:`T4499` ``(bug): NAT source translation not showing a single output`` * :vytask:`T4468` ``(bug): web-proxy source group cannot start with a number bug`` * :vytask:`T4373` ``(feature): PPPoE-server add multiplier option for shaper`` * :vytask:`T3353` ``(bug): PPPoE server wrong vlan-range generating config`` * :vytask:`T3648` ``(bug): op-mode: nat rules broken`` * :vytask:`T4517` ``(feature): ip: Add options to enable directed broadcast forwarding`` 2022-07-07 ========== * :vytask:`T4456` ``(bug): NTP client in VRF tries to bind to interfaces outside VRF, logs many messages`` * :vytask:`T4509` ``(feature): Feature Request: DNS64`` 2022-07-06 ========== * :vytask:`T4513` ``(bug): Webproxy monitor commands do not work`` * :vytask:`T4299` ``(feature): Firewall - GeoIP filtering`` 2022-07-05 ========== * :vytask:`T4378` ``(bug): Unable to submit wildcard ("*.example.com") A or AAAA records in dns forwarder`` * :vytask:`T2683` ``(default): no dual stack in system static-host-mapping host-name`` * :vytask:`T478` ``(feature): Firewall address group (multi and nesting)`` 2022-07-04 ========== * :vytask:`T4501` ``(bug): Syslog-identifier does not work in event handler`` * :vytask:`T3600` ``(bug): DHCP Interface static route breaks PBR`` * :vytask:`T4498` ``(feature): bridge: Add option to enable/disable IGMP/MLD snooping`` 2022-07-01 ========== * :vytask:`T2455` ``(bug): No support for the IPv6 VTI`` * :vytask:`T4490` ``(feature): BGP- warning message that AFI/SAFI is needed to establish the neighborship`` * :vytask:`T4489` ``(bug): MPLS sysctl not persistent for tunnel interfaces`` 2022-06-29 ========== * :vytask:`T4477` ``(feature): router-advert: support RDNSS lifetime option`` 2022-06-28 ========== * :vytask:`T4486` ``(bug): Container can't be deleted`` * :vytask:`T4473` ``(bug): Use container network without network declaration error`` * :vytask:`T4458` ``(feature): Firewall - add support for matching ip ttl in firewall rules`` * :vytask:`T3907` ``(feature): Firewall - Set log levels`` 2022-06-27 ========== * :vytask:`T4484` ``(default): Firewall op-mode summary doesn't correctly handle address group containing ranges`` 2022-06-25 ========== * :vytask:`T4482` ``(bug): dhcp: toggle of "dhcp-options no-default-route" has no effect`` * :vytask:`T4483` ``(feature): Upgrade fastnetmon to v1.2.2 community edition`` 2022-06-22 ========== * :vytask:`T1748` ``(feature): vbash: beautify tab completion output/line breaks`` 2022-06-20 ========== * :vytask:`T1856` ``(feature): Support configuring IPSec SA bytes`` 2022-06-18 ========== * :vytask:`T4467` ``(bug): Validator Does Not Accept Signed Numbers`` 2022-06-17 ========== * :vytask:`T4209` ``(bug): Firewall incorrect handler for recent count and time`` 2022-06-16 ========== * :vytask:`T4352` ``(bug): wan-load balance - priority traffic rule doesn't work`` 2022-06-15 ========== * :vytask:`T4450` ``(feature): Route-map - Extend options for ip|ipv6 address match`` * :vytask:`T4449` ``(feature): Route-map - Extend options for ip next-hop match`` * :vytask:`T990` ``(feature): Make DNAT/SNAT a valid state in firewall rules.`` 2022-06-12 ========== * :vytask:`T4420` ``(feature): Feature Request: ocserv: show configured 2FA OTP key`` * :vytask:`T4380` ``(default): Feature Request: ocserv: 2FA OTP key generator in VyOS CLI`` 2022-06-10 ========== * :vytask:`T4365` ``(bug): NAT - Error on setting up tables`` * :vytask:`T4465` ``(feature): node.def generation misses whitespace on multiple use of `` 2022-06-09 ========== * :vytask:`T4444` ``(default): sstp: Feature request. Port number changing support`` * :vytask:`T2580` ``(feature): Support for ip pools for ippoe`` 2022-06-08 ========== * :vytask:`T4447` ``(bug): DHCPv6 prefix delegation `sla-id` limited to 128`` 2022-05-31 ========== * :vytask:`T4212` ``(default): PermissionError when generating/installing server Certificate (generate pki certificate sign ...)`` * :vytask:`T4199` ``(bug): Commit failed when setting icmpv6 type any`` * :vytask:`T4148` ``(bug): Firewall - Error messages not that clear as it were in old firewall`` * :vytask:`T3659` ``(bug): Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors`` 2022-05-30 ========== * :vytask:`T4315` ``(feature): Telegraf - Output to prometheus`` 2022-05-29 ========== * :vytask:`T2473` ``(feature): Xml for EIGRP [conf_mode]`` 2022-05-28 ========== * :vytask:`T4448` ``(feature): rip: add support for explicit version selection`` 2022-05-26 ========== * :vytask:`T4442` ``(feature): HTTP API add action "reset"`` 2022-05-25 ========== * :vytask:`T4410` ``(feature): Telegraf - Output to Splunk`` * :vytask:`T4382` ``(bug): Replacing legacy loadFile exposes missing steps in migration scripts and other errors`` 2022-05-21 ========== * :vytask:`T4437` ``(bug): flow-accounting: support IPv6 flow collectors`` 2022-05-20 ========== * :vytask:`T4418` ``(feature): Telegraf - output Plugin azure-data-explorer`` 2022-05-19 ========== * :vytask:`T4434` ``(bug): DMVPN: cisco-authentication password length is 8 characters`` * :vytask:`T3938` ``(default): Rewrite the uptime script in Python to allow using it as a library`` * :vytask:`T4334` ``(default): Make the config lexer reentrant`` 2022-05-17 ========== * :vytask:`T4424` ``(bug): policy local-route6 shows ipv4 format`` 2022-05-16 ========== * :vytask:`T4377` ``(default): generate tech-support archive includes previous archives`` 2022-05-12 ========== * :vytask:`T4417` ``(bug): VRRP doesn't start with conntrack-sync`` * :vytask:`T4100` ``(feature): Firewall increase maximum number of rules`` 2022-05-11 ========== * :vytask:`T4405` ``(bug): DHCP client sometimes ignores `no-default-route` option of an interface`` 2022-05-10 ========== * :vytask:`T4156` ``(default): Adding DHCP Option 13 (bootfile-size)`` * :vytask:`T1972` ``(feature): Allow setting interface name for virtual_ipaddress in VRRP VRID`` 2022-05-07 ========== * :vytask:`T4361` ``(bug): `vyos.config.exists()` does not work for nodes with multiple values`` * :vytask:`T4354` ``(bug): Slave interfaces fall out from bonding during configuration change`` * :vytask:`T4419` ``(feature): vrf: support to disable IP forwarding within a given VRF`` 2022-05-06 ========== * :vytask:`T4385` ``(bug): bgp: peer-group member cannot override remote-as of peer-group`` 2022-05-05 ========== * :vytask:`T4414` ``(feature): Add route-map "as-path prepend last-as x" option`` 2022-05-03 ========== * :vytask:`T4395` ``(feature): Extend show vpn debug`` 2022-05-01 ========== * :vytask:`T4369` ``(bug): OpenVPN: daemon not restarted on changes to "openvpn-option" CLI node`` * :vytask:`T4363` ``(bug): salt-minion: default mine_interval option is not set`` * :vytask:`T4353` ``(feature): Add Jinja2 linter to vyos-1x build process`` 2022-04-29 ========== * :vytask:`T4388` ``(bug): dhcp-server: missing constraint on tftp-server-name option`` * :vytask:`T4366` ``(bug): geneve: interface is removed on changes to e.g. description`` 2022-04-28 ========== * :vytask:`T4400` ``(bug): Container OP mode has delete where show and update should be`` 2022-04-27 ========== * :vytask:`T4398` ``(bug): IPSec site-to-site generates unexpected passthrough option`` * :vytask:`T4397` ``(feature): arp: migrate static ARP entry configuration to get_config_dict() and make it VRF aware`` * :vytask:`T4357` ``(feature): Allow free-form setting of DHCPv6 server options`` 2022-04-26 ========== * :vytask:`T4210` ``(bug): NAT source/destination negated ports throws an error`` * :vytask:`T4235` ``(default): Add config tree diff algorithm`` 2022-04-25 ========== * :vytask:`T4390` ``(feature): op-mode: extend "show log" and "monitor log" with additional daemons/subsystems to read journalctl logs`` * :vytask:`T4391` ``(bug): PPPoE: IPv6 not working after system boot`` 2022-04-24 ========== * :vytask:`T4342` ``(bug): "show ip ospf neighbor address x.x.x.x" gives "unknown command" error`` 2022-04-23 ========== * :vytask:`T4386` ``(default): Applying limiter on traffic-policy "in" fails, incorrectly reports mirror or redirect policy in use`` 2022-04-22 ========== * :vytask:`T4389` ``(feature): dhcp: add vendor option support for Ubiquity Unifi controller`` 2022-04-21 ========== * :vytask:`T4384` ``(feature): pppoe: replace default-route CLI option with common CLI nodes already present for DHCP`` 2022-04-20 ========== * :vytask:`T4345` ``(bug): New firewall code does not accept "rate/time interval" syntax used in old config`` * :vytask:`T4231` ``(feature): Feature Request: ocserv: 2FA (password+OTP) support in Openconnect`` 2022-04-19 ========== * :vytask:`T4379` ``(bug): PPPoE: default-route lost after applying additional static routes`` * :vytask:`T4344` ``(bug): DHCP statistics not matching, conf-mode generates incorrect pool name with dash`` * :vytask:`T4268` ``(bug): Elevated LA while using VyOS monitoring feature`` 2022-04-18 ========== * :vytask:`T4351` ``(bug): Openvpn conf-mode "openvpn-option" is not respected`` * :vytask:`T4278` ``(default): vyos-vm-images: fix vagrant libvirt box`` * :vytask:`T4368` ``(bug): bgp: AS specified for local as is the same as the remote as and this is not allowed.`` * :vytask:`T4370` ``(feature): vxlan: geneve: support configuration of df bit option`` 2022-04-15 ========== * :vytask:`T4327` ``(default): Ethernet interface configuration fails on Hyper-V due to speed/duplex/autoneg ethtool command error`` * :vytask:`T4364` ``(feature): salt-minion: Upgrade to 3004 and migrate to get_config_dict()`` 2022-04-13 ========== * :vytask:`T4333` ``(feature): Jinja2: add plugin to test if a variable is defined and not none to reduce template complexity`` 2022-04-08 ========== * :vytask:`T4331` ``(bug): IPv6 link local addresses are not configured when an interface is in a VRF`` * :vytask:`T4347` ``(default): Return complete and consistent error codes from HTTP API`` * :vytask:`T4339` ``(bug): wwan: tab-completion results in "No such file or directory" if there is no WWAN interface`` * :vytask:`T4338` ``(bug): wwan: changing interface description should not trigger reconnect`` * :vytask:`T4324` ``(bug): wwan: check alive script should only be run via cron if a wwan interface is configured at all`` 2022-04-07 ========== * :vytask:`T4330` ``(bug): MTU settings cannot be applied when IPv6 is disabled`` * :vytask:`T4346` ``(feature): Deprecate "system ipv6 disable" option to disable address family within OS kernel`` * :vytask:`T4319` ``(bug): The command "set system ipv6 disable" doesn't work as expected.`` * :vytask:`T4341` ``(feature): login: disable user-account prior to deletion and wait until deletion is complete`` * :vytask:`T4336` ``(feature): isis: add support for MD5 authentication password on a circuit`` 2022-04-06 ========== * :vytask:`T4308` ``(feature): Op-comm "Show log frr" to view specific protocol logs`` 2022-04-04 ========== * :vytask:`T4329` ``(bug): Bgp policy route-map bug with set several extcommunity rt`` 2022-04-02 ========== * :vytask:`T4335` ``(bug): open-vmdk fails to build under gcc-10.+`` 2022-04-01 ========== * :vytask:`T4332` ``(bug): bgp: deterministic-med cannot be disabled while addpath-tx-bestpath-per-AS is in use`` 2022-03-31 ========== * :vytask:`T4326` ``(feature): Add bgp option no-suppress-duplicates`` * :vytask:`T4323` ``(default): ospf6d crashes on latest vyos nightly`` 2022-03-29 ========== * :vytask:`T3686` ``(bug): Bridging OpenVPN tap with no local-address breaks`` * :vytask:`T3635` ``(default): Add ability to use mDNS repeater with VRRP`` 2022-03-26 ========== * :vytask:`T4321` ``(default): Allow BGP neighbors between different VIFs on the same VyOS`` 2022-03-24 ========== * :vytask:`T4301` ``(bug): The "arp-monitor" option in bonding interface settings does not work`` * :vytask:`T4294` ``(bug): Adding a new openvpn-option does not restart the OpenVPN process`` * :vytask:`T4290` ``(bug): BGP source-interface fails to commit`` * :vytask:`T4230` ``(bug): OpenVPN server configuration deleted after reboot when using a VRRP virtual-address`` 2022-03-23 ========== * :vytask:`T4314` ``(bug): Latest 1.4 Rolling release config migration error`` 2022-03-21 ========== * :vytask:`T4304` ``(feature): [OSPF]import/export filter inter-area prefix`` 2022-03-20 ========== * :vytask:`T4298` ``(default): vyos-vm-images: fix ansible group name and remove obsolete empty command`` 2022-03-18 ========== * :vytask:`T4286` ``(bug): Fix for firewall ipv6 name address validator`` 2022-03-15 ========== * :vytask:`T4302` ``(feature): FRRouting upgrade to release 8.2.2`` * :vytask:`T4293` ``(default): Add "set ip-next-hop unchanged" in route-map`` 2022-03-14 ========== * :vytask:`T4275` ``(default): Incorrect val_help for local/remote prefix in ipsec vpn`` 2022-03-12 ========== * :vytask:`T4296` ``(bug): Interface config injected by Cloud-Init may interfere with VyOS native`` * :vytask:`T4265` ``(feature): Add op-mode for bgp flowspec state and routes`` 2022-03-11 ========== * :vytask:`T4297` ``(bug): Interface configuration saving fails for ice/iavf based interfaces because they can't change speed/duplex settings`` 2022-03-09 ========== * :vytask:`T3981` ``(feature): VRF support for flow-accounting`` 2022-03-05 ========== * :vytask:`T4259` ``(bug): The conntrackd daemon can be started wrongly`` 2022-03-03 ========== * :vytask:`T4283` ``(feature): Add support to "reject" routes - emit an ICMP unreachable when matched`` 2022-03-01 ========== * :vytask:`T4277` ``(feature): flow-accounting: support sending flow-data via VRF interface`` 2022-02-28 ========== * :vytask:`T4273` ``(bug): ssh: Upgrade from 1.2.X to 1.3.0 breaks config`` * :vytask:`T4115` ``(bug): reboot in not working as expected`` * :vytask:`T3656` ``(bug): IPSec 1.4 : "show vpn ike sa" does not show the correct default ike version`` 2022-02-26 ========== * :vytask:`T4272` ``(feature): lldp: migrate Python script to use get_config_dict()`` 2022-02-25 ========== * :vytask:`T4269` ``(feature): node.def generator should automatically add default values`` 2022-02-24 ========== * :vytask:`T4267` ``(bug): Error - Missing required "ip key" parameter`` 2022-02-23 ========== * :vytask:`T4194` ``(bug): prefix-list no check for duplicate entries`` * :vytask:`T4264` ``(bug): vxlan: interface is destroyed and rebuild on description change`` * :vytask:`T4263` ``(bug): vyos.util.leaf_node_changed() dos not honor valueLess nodes`` 2022-02-21 ========== * :vytask:`T4120` ``(feature): [VXLAN] add ability to set multiple unicast-remotes`` 2022-02-20 ========== * :vytask:`T4254` ``(feature): VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on`` * :vytask:`T4249` ``(feature): Add support for device mapping in containers`` * :vytask:`T3617` ``(bug): IPSec 1.4 generate invalid configuration`` * :vytask:`T4261` ``(feature): MACsec: add DHCP client support`` * :vytask:`T4203` ``(bug): Reconfigure DHCP client interface causes brief outages`` 2022-02-19 ========== * :vytask:`T4258` ``(bug): [DHCP-SERVER] error parameter on Failover`` 2022-02-17 ========== * :vytask:`T4255` ``(bug): Unexpected print of dict bridge on delete`` * :vytask:`T4240` ``(bug): Cannot add wlan0 to bridge via configure`` * :vytask:`T4154` ``(bug): Error add second gre tunnel with the same source interface`` 2022-02-16 ========== * :vytask:`T4237` ``(bug): Conntrack-sync error - error adding listen-address command`` 2022-02-15 ========== * :vytask:`T4160` ``(bug): Firewall - Error in rules that matches everything except something`` * :vytask:`T3006` ``(bug): Accel-PPP & vlan-mon config get invalid VLAN`` * :vytask:`T3494` ``(bug): DHCPv6 leases traceback when PD using`` * :vytask:`T1292` ``(bug): Issues while deleting all rules from a firewall`` 2022-02-13 ========== * :vytask:`T4242` ``(bug): ethernet speed/duplex can never be switched back to auto/auto`` * :vytask:`T4191` ``(bug): Lost access to host after VRF re-creating`` 2022-02-11 ========== * :vytask:`T3872` ``(feature): Add configurable telegraf monitoring service`` 2022-02-08 ========== * :vytask:`T4227` ``(bug): Typo in help completion of hello-time option of bridge interface`` 2022-02-07 ========== * :vytask:`T4233` ``(bug): ssh: sync regex for allow/deny usernames to "system login"`` 2022-02-06 ========== * :vytask:`T4223` ``(bug): policy route cannot have several entries with the same table`` * :vytask:`T4216` ``(bug): Firewall: can't use negated groups in firewall rules`` * :vytask:`T4178` ``(bug): policy based routing tcp flags issue`` * :vytask:`T4164` ``(bug): PBR: network groups (as well as address and port groups) don't resolve in `nftables_policy.conf``` * :vytask:`T3970` ``(feature): Add support for op-mode PKI direct install into an active config session`` * :vytask:`T3828` ``(bug): ipsec: Subtle change in "pfs enable" behavior from equuleus -> sagitta`` 2022-02-05 ========== * :vytask:`T4226` ``(bug): VRRP transition-script does not work for groups name which contains -(minus) sign`` 2022-02-04 ========== * :vytask:`T4196` ``(bug): DHCP server client-prefix-length parameter results in non-functional leases`` 2022-02-03 ========== * :vytask:`T4218` ``(bug): firewall: rule name is not allowed to start with a number`` * :vytask:`T3643` ``(bug): show vpn ipsec sa doesn't show tunnels in "down" state`` 2022-02-01 ========== * :vytask:`T4224` ``(bug): Ethernet interfaces configured for DHCP not working on latest rolling snapshot (vyos-1.4-rolling-202201291849-amd64.iso)`` * :vytask:`T4225` ``(bug): Performance degration with latest rolling release`` * :vytask:`T4220` ``(bug): Commit broke dhclient 78b247b724f74bdabab0706aaa7f5b00e5809bc1`` * :vytask:`T4138` ``(bug): NAT configuration allows to set incorrect port range and invalid port`` 2022-01-28 ========== * :vytask:`T4184` ``(bug): NTP allow-clients address doesn't work it allows to use ntp server for all addresses`` * :vytask:`T4217` ``(bug): firewall: port-group requires protocol to be set - but not in VyOS 1.3`` 2022-01-27 ========== * :vytask:`T4213` ``(default): ipv6 policy routing not working anymore`` * :vytask:`T4188` ``(bug): Firewall does not correctly handle conntracking`` * :vytask:`T3762` ``(feature): Support network and address groups for policy ipv6-route`` * :vytask:`T3560` ``(feature): Ability to create groups of MAC addresses`` * :vytask:`T3495` ``(feature): Modernising port/protocol definitions`` 2022-01-25 ========== * :vytask:`T4205` ``(feature): Disable Debian Version in SSH (DebianBanner->no)`` * :vytask:`T4131` ``(bug): Show firewall group incorrect format members`` 2022-01-24 ========== * :vytask:`T4204` ``(feature): Update Accel-PPP to a newer revision`` * :vytask:`T1795` ``(default): Commit rollback by timeout`` 2022-01-23 ========== * :vytask:`T4186` ``(bug): Firewall icmp type - Offered options not supported`` * :vytask:`T4181` ``(bug): Firewall ipv6-network-group - incorrect description on helper`` 2022-01-21 ========== * :vytask:`T4200` ``(bug): Assigning ipv6-name to interface is not generating nftables rules`` * :vytask:`T4144` ``(bug): Firewall address-group - Improve error messages`` * :vytask:`T4137` ``(bug): Firewall group configuration allows to set incorrect port range and invalid port`` * :vytask:`T4133` ``(bug): Firewall network group error with zone-based firewall rules`` 2022-01-20 ========== * :vytask:`T4171` ``(bug): Interface config migration error on 1.2.8 -> 1.4 upgrade`` 2022-01-19 ========== * :vytask:`T4195` ``(feature): [OSPF-ECMP]enable set maximun-path`` 2022-01-18 ========== * :vytask:`T4159` ``(bug): Empty firewall group (address, network & port) generates invalid nftables config, commit fails`` * :vytask:`T4155` ``(bug): PBR: `set table main` fails in `firewall.py` with newer rolling releases`` * :vytask:`T3873` ``(feature): Zone based Firewall - Filter traffic in same zone`` * :vytask:`T3286` ``(feature): Switch the firewall from iptables to nftables`` * :vytask:`T292` ``(feature): [ZBF] Allow filtering intra zone traffic`` 2022-01-17 ========== * :vytask:`T3164` ``(bug): console-server ssh does not work with RADIUS PAM auth`` 2022-01-15 ========== * :vytask:`T4183` ``(feature): IPv6 link-local address not accepted as wireguard peer`` * :vytask:`T4150` ``(bug): VRRP with conntrack-sync does not work`` * :vytask:`T4110` ``(feature): [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0`` 2022-01-14 ========== * :vytask:`T4182` ``(bug): Show vrrp if vrrp not configured bug`` * :vytask:`T4179` ``(feature): Add op-mode CLI for show high-availability virtual-server`` 2022-01-13 ========== * :vytask:`T4175` ``(bug): BGP configuration failed`` * :vytask:`T4109` ``(feature): Extend high-availability/keepalived for support virtual-server lb`` 2022-01-12 ========== * :vytask:`T4174` ``(bug): Validation fails when entering port range with upper port 65535`` * :vytask:`T4162` ``(bug): VPN ipsec ike-group - Incorrect value help for ikev2-reauth`` * :vytask:`T4161` ``(bug): Policy route-map - Incorrect value help for local preference`` * :vytask:`T4152` ``(bug): NHRP shortcut-target holding-time does not work`` 2022-01-11 ========== * :vytask:`T4149` ``(bug): [Firewall-IPV6] Error delete Fw rules on VIF/INT`` * :vytask:`T3950` ``(bug): CLI backtrace on update if DNS not defined`` * :vytask:`T4166` ``(bug): Debug output missing when frr.py called under vyos-configd`` 2022-01-10 ========== * :vytask:`T3299` ``(bug): Allow the web proxy service to listen on all IP addresses`` * :vytask:`T3115` ``(feature): Add support for firewall on L3 VIF bridge interface`` 2022-01-09 ========== * :vytask:`T4142` ``(bug): Input ifbX interfaces not displayed in op-mode`` * :vytask:`T3914` ``(bug): VRRP rfc3768-compatibility doesn't work with unicast peers`` 2022-01-08 ========== * :vytask:`T4116` ``(bug): Webproxy/Squid not working with IPv6 listen-address`` 2022-01-07 ========== * :vytask:`T3924` ``(bug): VRRP stops working with VRF`` 2022-01-06 ========== * :vytask:`T4135` ``(bug): Declare zone policy firewall without local zone errors`` * :vytask:`T4130` ``(bug): Firewall state policy errors chain`` * :vytask:`T4141` ``(bug): Set high-availability vrrp sync-group without members error`` 2022-01-04 ========== * :vytask:`T4134` ``(bug): Incorrect firewall protocol completion help uppercase and duplicates`` * :vytask:`T4132` ``(bug): Impossible to show a specific firewall group`` 2022-01-03 ========== * :vytask:`T4126` ``(feature): Ability to set priority to site to site IPSec vpn tunnels`` * :vytask:`T4052` ``(bug): Validator return traceback on VRRP configuration with the script path not in config dir`` * :vytask:`T4128` ``(bug): keepalived: Upgrade package to add VRF support`` 2021-12-31 ========== * :vytask:`T4081` ``(bug): VRRP health-check script stops working when setting up a sync group`` 2021-12-30 ========== * :vytask:`T4124` ``(feature): snmp: migrate to get_config_dict()`` 2021-12-29 ========== * :vytask:`T4111` ``(bug): IPSec generates wrong configuration colons for IPv6 peers`` * :vytask:`T4023` ``(feature): Add grepcidr or similar functionality`` * :vytask:`T4086` ``(default): system login banner is not removed on deletion.`` 2021-12-28 ========== * :vytask:`T3380` ``(bug): "show vpn ike sa" does not display IPv6 peers`` 2021-12-27 ========== * :vytask:`T3979` ``(bug): vyos-hostd unable to hostfile-update`` * :vytask:`T2566` ``(bug): sstp not able to run tunnels ipv6 only`` * :vytask:`T4093` ``(bug): SNMPv3 snmpd.conf generation bug`` * :vytask:`T2764` ``(enhancment): Increase maximum number of NAT rules`` 2021-12-26 ========== * :vytask:`T4104` ``(bug): RAID1: "add raid md0 member sda1" does not restore boot sector`` * :vytask:`T4108` ``(default): OSPFv3: add support for auto-cost parameter`` * :vytask:`T4107` ``(default): OSPFv3: add support for "default-information originate"`` 2021-12-25 ========== * :vytask:`T4101` ``(bug): commit-archive: Use of uninitialized value $source_address in concatenation`` * :vytask:`T4099` ``(feature): flow-accounting: sync "source-ip" and "source-address" between netflow and sflow ion CLI`` * :vytask:`T4097` ``(feature): flow-accounting: migrate implementation to get_config_dict()`` * :vytask:`T4105` ``(feature): flow-accounting: drop "sflow agent-address auto"`` * :vytask:`T4106` ``(feature): flow-accounting: support specification of capture packet lenght`` * :vytask:`T4102` ``(feature): OSPFv3: add support for NSSA area-type`` * :vytask:`T4055` ``(feature): Add VRF support for HTTP(S) API service`` 2021-12-24 ========== * :vytask:`T3854` ``(bug): Missing op-mode commands for conntrack-sync`` 2021-12-23 ========== * :vytask:`T3354` ``(default): Convert strip-private script from Perl to Python`` 2021-12-22 ========== * :vytask:`T3678` ``(bug): VyOS 1.4: Invalid error message while deleting ipsec vpn configuration`` * :vytask:`T3356` ``(feature): Script for remote file transfers`` 2021-12-21 ========== * :vytask:`T4083` ``(bug): Cluster heartbeat doesn't start b.c lack of directory /run/heartbeat/`` * :vytask:`T4070` ``(bug): NATv4 : inbound-interface type "any" is missing.`` * :vytask:`T4053` ``(bug): VRRP impossible to set scripts out of the /config directory`` * :vytask:`T3931` ``(bug): SSTP doesn't work after rewriting to PKI`` 2021-12-20 ========== * :vytask:`T4088` ``(default): Fix typo in login banner`` 2021-12-19 ========== * :vytask:`T3912` ``(default): Use a more informative default post-login banner`` 2021-12-17 ========== * :vytask:`T4059` ``(bug): VRRP sync-group transition script does not persist after reboot`` 2021-12-16 ========== * :vytask:`T4046` ``(feature): Sflow - Add Source address parameter`` * :vytask:`T3556` ``(bug): Commit-archive via scp causes 100% CPU on boot`` * :vytask:`T4076` ``(enhancment): Allow setting CORS options in HTTP API`` * :vytask:`T4037` ``(default): HTTP transfers do not follow redirects`` * :vytask:`T4029` ``(default): Broken SFTP uploads`` 2021-12-15 ========== * :vytask:`T4077` ``(bug): op-mode: bfd: drop "show protocols bfd" in favour of "show bfd"`` * :vytask:`T4073` ``(bug): "show protocols bfd peer <>" shows incorrect peer information.`` 2021-12-14 ========== * :vytask:`T4071` ``(feature): Allow HTTP API to bind to unix domain socket`` 2021-12-12 ========== * :vytask:`T4069` ``(feature): BGP: add additional available parameters to VyOS CLI`` * :vytask:`T4036` ``(bug): VXLAN incorrect raiseError if set multicast network instead of singe address`` 2021-12-10 ========== * :vytask:`T4068` ``(feature): Python: ConfigError should insert line breaks into the error message`` 2021-12-09 ========== * :vytask:`T4033` ``(bug): VRRP - Error security when setting scripts`` * :vytask:`T4064` ``(bug): IP address for vif is not removed from the system when deleted in configuration`` * :vytask:`T4060` ``(enhancment): Extend configquery for use before boot configuration is complete`` * :vytask:`T4058` ``(bug): BFD: add BGP and OSPF "bfd profile" support`` * :vytask:`T4054` ``(bug): BFD profiles configuration incorrect behavior.`` 2021-12-07 ========== * :vytask:`T4041` ``(servicerequest): "transition-script" doesn't work on "sync-group"`` 2021-12-06 ========== * :vytask:`T4012` ``(feature): Add VRF support for TFTP`` 2021-12-04 ========== * :vytask:`T4049` ``(feature): support command-style output with compare command`` * :vytask:`T4047` ``(bug): Wrong regex validation in XML definitions`` * :vytask:`T4042` ``(bug): BGP L2VPN / EVPN and RD type 0 set`` * :vytask:`T4048` ``(bug): BGP: L2VPN/EVPN and individual RD and RT settings for each VNI`` * :vytask:`T4045` ``(bug): Unable to "format disk like "`` * :vytask:`T4044` ``(feature): BFD: add vrf support`` * :vytask:`T4043` ``(feature): BFD: add support for passive mode`` 2021-12-02 ========== * :vytask:`T4035` ``(bug): Geneve interfaces aren't displayed by operational mode commands`` 2021-12-01 ========== * :vytask:`T3695` ``(bug): OpenConnect reports commit success when ocserv fails to start due to SSL cert/key file issues`` 2021-11-30 ========== * :vytask:`T4010` ``(bug): DMVPN generates incorrect configuration life_time for swanctl.conf`` * :vytask:`T3725` ``(feature): show configuration in json format`` 2021-11-29 ========== * :vytask:`T3946` ``(enhancment): Automatically resize the root partition if the drive has extra space`` 2021-11-28 ========== * :vytask:`T3999` ``(bug): show lldp neighbor Traceback error`` * :vytask:`T3928` ``(feature): Add OSPFv3 VRF support`` 2021-11-27 ========== * :vytask:`T3755` ``(feature): ospf: adjust to new FRR 8 syntax where "no passive-interface " moved to interface section`` * :vytask:`T3753` ``(feature): frr: upgrade to stable/8.1 release train`` 2021-11-26 ========== * :vytask:`T3978` ``(bug): containers add network without declaring prefix raise ConfigError`` 2021-11-25 ========== * :vytask:`T4006` ``(default): Add additional Linux capabilities to container configuration`` * :vytask:`T3986` ``(bug): Incorrect description for vpn ipsec site-to-site authentication and connection`` 2021-11-24 ========== * :vytask:`T4015` ``(feature): Update Accel-PPP to a newer revision`` * :vytask:`T3865` ``(bug): loadkey command help text missing escape sequence`` * :vytask:`T1083` ``(feature): Implement persistent/random address and port mapping options for NAT rules`` 2021-11-23 ========== * :vytask:`T3990` ``(bug): WATCHFRR: crashlog and per-thread log buffering unavailable (due to files left behind in /var/tmp/frr/ after reboot)`` 2021-11-20 ========== * :vytask:`T3998` ``(bug): route-target completion incorrect description`` 2021-11-19 ========== * :vytask:`T4003` ``(bug): API for "show interfaces ethernet" does not include the interface description`` * :vytask:`T4011` ``(bug): ethernet: deleting interface should place interface in admin down state`` 2021-11-18 ========== * :vytask:`T3612` ``(bug): IPoE Server address pool issues.`` * :vytask:`T3995` ``(feature): OpenVPN: do not stop/start service on configuration change`` * :vytask:`T4008` ``(feature): dhcp: change client retry interval form 300 -> 60 seconds`` * :vytask:`T3795` ``(bug): WWAN: issues with non connected interface / no signal`` * :vytask:`T3510` ``(bug): RADIUS usersname is not shown on CLI`` 2021-11-17 ========== * :vytask:`T3350` ``(bug): OpenVPN config file generation broken`` * :vytask:`T3996` ``(bug): SNMP service error in log`` 2021-11-15 ========== * :vytask:`T3994` ``(bug): VRF: unable to delete vrf when name contains numbers, hyphen or underscore`` * :vytask:`T3960` ``(bug): FRR Misconfig when using multiple VRF VNI`` * :vytask:`T3724` ``(feature): Allow setting host-name in l2tp section of accel-ppp`` * :vytask:`T645` ``(feature): Allow multiple prefixes in ipsec tunnel`` 2021-11-10 ========== * :vytask:`T3966` ``(default): OpenVPN fix the smoketests`` * :vytask:`T3834` ``(default): [OPENVPN] Support for Two Factor Authentication totp.`` * :vytask:`T3982` ``(bug): DHCP server commit fails if static-mapping contains + or .`` 2021-11-09 ========== * :vytask:`T3962` ``(bug): Image cannot be built without open-vm-tools`` 2021-11-07 ========== * :vytask:`T3626` ``(bug): Configuring and disabling DHCP Server`` 2021-11-06 ========== * :vytask:`T3514` ``(bug): NIC flap at any interface change`` 2021-11-05 ========== * :vytask:`T3972` ``(bug): Removing vif-c interface raises KeyError`` 2021-11-04 ========== * :vytask:`T3969` ``(bug): Container incorrect raiseError format if network doesn't exist`` * :vytask:`T3662` ``(bug): Container configuration upgrade destroys system`` * :vytask:`T3964` ``(bug): SSTP: local-user static-ip CLI node accepts invalid IPv4 addresses`` 2021-11-03 ========== * :vytask:`T3952` ``(default): Add sh bgp ipv4/ipv6 vpn command`` * :vytask:`T3610` ``(bug): DHCP-Server creation for not primary IP address fails`` 2021-11-01 ========== * :vytask:`T3958` ``(default): OpenVPN breaks the smoketests`` * :vytask:`T3956` ``(bug): GRE tunnel - unable to move from source-interface to source-address, commit error`` 2021-10-31 ========== * :vytask:`T3945` ``(feature): Add route-map for bgp aggregate-address`` * :vytask:`T3954` ``(bug): FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error`` * :vytask:`T3943` ``(bug): "netflow source-ip" prevents image upgrades if IP address does not exist locally`` 2021-10-29 ========== * :vytask:`T3942` ``(feature): Generate IPSec debug archive from op-mode`` 2021-10-28 ========== * :vytask:`T3951` ``(bug): After resetting vti ipsec tunnel old child SA still active`` * :vytask:`T3941` ``(bug): "show vpn ipsec sa" shows established time of parent SA not child SA's`` * :vytask:`T3916` ``(feature): Add additional Linux capabilities to container configuration`` 2021-10-27 ========== * :vytask:`T3944` ``(bug): VRRP fails over when adding new group to master`` 2021-10-22 ========== * :vytask:`T3897` ``(feature): Dynamic DNS doesn't work with IPv6 addresses`` * :vytask:`T3832` ``(feature): Allow to set DHCP client-id in hexadecimal format`` * :vytask:`T3188` ``(bug): Tunnel local-ip to dhcp-interface Change Fails to Update`` * :vytask:`T3917` ``(default): Use Avahi as mDNS repeater for IPv6 support`` 2021-10-21 ========== * :vytask:`T3926` ``(bug): strip-private does not sanitize "cisco-authentication" from NHRP configuration`` * :vytask:`T3925` ``(feature): Tunnel: dhcp-interface not implemented - use source-interface instead`` * :vytask:`T3923` ``(feature): Kernel: Enable TLS/IPSec offload support for Mellanox ConnectX NICs`` * :vytask:`T3927` ``(feature): Kernel: Enable kernel support for HW offload of the TLS protocol`` 2021-10-20 ========== * :vytask:`T3918` ``(bug): DHCPv6 prefix delegation incorrect verify error`` * :vytask:`T3921` ``(bug): tunnel: KeyError when using dhcp-interface`` 2021-10-19 ========== * :vytask:`T3396` ``(bug): syslog can't be configured with an ipv6 literal destination in 1.2.x`` 2021-10-18 ========== * :vytask:`T3002` ``(default): VRRP change on IPSec interface causes packet routing issues`` 2021-10-17 ========== * :vytask:`T3786` ``(bug): GRE tunnel source address 0.0.0.0 error`` * :vytask:`T3217` ``(default): Save FRR configuration on each commit`` * :vytask:`T3381` ``(bug): Change GRE tunnel failed`` * :vytask:`T3254` ``(bug): Dynamic DNS status shows incorrect last update time`` * :vytask:`T1243` ``(bug): BGP local-as accept wrong values`` * :vytask:`T697` ``(bug): Clean up and sanitize package dependencies`` * :vytask:`T578` ``(feature): Support Linux Container`` 2021-10-16 ========== * :vytask:`T3879` ``(bug): GPG key verification fails when upgrading from a 1.3 beta version`` 2021-10-15 ========== * :vytask:`T3748` ``(bug): Container deletion bug`` * :vytask:`T3693` ``(feature): ISIS Route redistribution ipv6 support missing`` * :vytask:`T3676` ``(feature): Container option to add Linux capabilities`` * :vytask:`T3613` ``(feature): Selectors for route-based IPsec tunnel (vti)`` * :vytask:`T3692` ``(bug): VyOS build failing due to repo.saltstack.com`` * :vytask:`T3673` ``(feature): BGP large-community del operation missing`` 2021-10-14 ========== * :vytask:`T3811` ``(bug): NAT (op_mode): NAT op_mode command fails.`` * :vytask:`T3801` ``(feature): containers: do not use podman CLI to create container networks`` 2021-10-13 ========== * :vytask:`T3904` ``(bug): NTP pool associations silently fail`` * :vytask:`T3277` ``(feature): DNS Forwarding - reverse zones`` 2021-10-12 ========== * :vytask:`T3216` ``(bug): Removal of restricted-shell broke configure mode for RADIUS users`` * :vytask:`T3881` ``(bug): Wrong description for container section restart`` * :vytask:`T3868` ``(bug): Regex and/or wildcard not accepted with large-community-list`` * :vytask:`T3701` ``(bug): ipoe server fails to start when configuring radius dynamic-author on ipoe`` 2021-10-10 ========== * :vytask:`T3750` ``(bug): pdns-recursor 4.4 issue with dont-query and private DNS servers`` * :vytask:`T3885` ``(default): dhcpv6-pd: randomly generated DUID is not persisted`` * :vytask:`T3899` ``(enhancment): Add support for hd44780 LCD displays`` 2021-10-09 ========== * :vytask:`T3894` ``(bug): Tunnel Commit Failed if system does not have `eth0``` 2021-10-08 ========== * :vytask:`T3893` ``(bug): MGRE Tunnel commit crash If sit tunnel available`` 2021-10-05 ========== * :vytask:`T3741` ``(feature): [BGP] default no-ipv4-unicast - by default`` 2021-10-04 ========== * :vytask:`T3888` ``(bug): Incorrect warning when poweroff command executed from configure mode.`` * :vytask:`T3890` ``(feature): dhcp(v6): provide op-mode commands to retrieve both server and client logfiles`` * :vytask:`T3889` ``(feature): Migrate to journalctl when reading daemon logs`` 2021-10-03 ========== * :vytask:`T3880` ``(bug): EFI boot shows error on display`` 2021-10-02 ========== * :vytask:`T3882` ``(feature): Upgrade PowerDNs recursor to 4.5 series`` * :vytask:`T3883` ``(bug): VRF - Delette vrf config on interface`` 2021-09-30 ========== * :vytask:`T3874` ``(bug): D-Link Ethernet Interface not working.`` * :vytask:`T3869` ``(default): Rewrite vyatta_net_name/vyatta_interface_rescan in Python`` 2021-09-28 ========== * :vytask:`T3853` ``(default): nat66 rules gets deleted on reboot in 1.4-rolling-202109240217`` 2021-09-27 ========== * :vytask:`T3863` ``(default): nat66: commit fails/hangs on non existing interface`` 2021-09-26 ========== * :vytask:`T3860` ``(bug): Error on pppoe, tunnel and wireguard interfaces for IPv6 EUI64 addresses`` * :vytask:`T3857` ``(feature): reboot: send wall message to all users for information`` * :vytask:`T3867` ``(bug): vxlan: multicast group address is not validated`` * :vytask:`T3859` ``(bug): Add "log-adjacency-changes" to ospfv3 process`` * :vytask:`T3826` ``(bug): PKI: op-mode - do input validation when listing certificates`` 2021-09-25 ========== * :vytask:`T3657` ``(default): BGP neighbors ipv6 not able to establish with IPv6 link-local addresses`` 2021-09-23 ========== * :vytask:`T3850` ``(bug): Dots are no longer allowed in SSH public key names`` 2021-09-21 ========== * :vytask:`T3847` ``(feature): keepalived/vrrp: migrate to get_config_dict() - cleanup`` 2021-09-20 ========== * :vytask:`T3823` ``(bug): strip-private does not filter public IPv6 addresses`` 2021-09-19 ========== * :vytask:`T3841` ``(feature): dhcp-server: add ping-check option to CLI`` * :vytask:`T2738` ``(bug): Modifying configuration in the "interfaces" section from VRRP transition scripts causes configuration lockup and high CPU utilization`` * :vytask:`T3840` ``(feature): dns forwarding: Cache size should allow values > 10k`` * :vytask:`T3672` ``(bug): DHCP-FO with multiple subnets results in invalid/non-functioning dhcpd.conf configuration file output`` 2021-09-18 ========== * :vytask:`T3831` ``(bug): External traffic stops routing when IPSEC tunnel comes up with interface vti0`` * :vytask:`T1968` ``(default): Allow multiple static routes in dhcp-server`` * :vytask:`T3838` ``(feature): dhcp-server - sync cli for name-servers to other subsystems`` * :vytask:`T3839` ``(feature): dhcp-server: Allow configuration of a DNS server and domain name on the shared-network level`` 2021-09-17 ========== * :vytask:`T3830` ``(bug): ipsec: remote-id no longer included in IKE AUTH if not explicitly specified`` 2021-09-11 ========== * :vytask:`T3402` ``(feature): Add VyOS programming library for operational level commands`` * :vytask:`T3275` ``(default): Disable conntrack helpers by default`` 2021-09-10 ========== * :vytask:`T3802` ``(bug): Commit fails if ethernet interface doesn't support flow control`` * :vytask:`T3819` ``(bug): Upgrade Salt Stack 3002.3 -> 3003 release train`` * :vytask:`T915` ``(feature): MPLS Support`` 2021-09-09 ========== * :vytask:`T3812` ``(bug): Vyos and frr route-map config out of sync`` * :vytask:`T3814` ``(bug): wireguard: commit error showing incorrect peer name from the configured name`` * :vytask:`T3805` ``(bug): OpenVPN insufficient privileges for rtnetlink when closing TUN/TAP interface`` * :vytask:`T3815` ``(bug): pki : the file command 'generate pki wireguard key-pair file' is not working`` 2021-09-07 ========== * :vytask:`T1894` ``(bug): FRR config not loaded after daemons segfault or restart`` * :vytask:`T3807` ``(bug): Op Command "show interfaces wireguard" does not show the output`` 2021-09-06 ========== * :vytask:`T3806` ``(bug): Don't set link local ipv6 address if MTU less then 1280`` * :vytask:`T3803` ``(default): Add source-address option to the ping CLI`` * :vytask:`T3431` ``(bug): Show version all bug`` * :vytask:`T2920` ``(bug): Commit crash when adding the second mGRE tunnel with the same key`` 2021-09-05 ========== * :vytask:`T3804` ``(feature): cli: Migrate and merge "system name-servers-dhcp" into "system name-server"`` 2021-09-04 ========== * :vytask:`T3619` ``(bug): Performance Degradation 1.2 --> 1.3 | High ksoftirqd CPU usage`` 2021-09-03 ========== * :vytask:`T3788` ``(bug): Keys are not allowed with ipip and sit tunnels`` * :vytask:`T3634` ``(feature): Add op command option for ping for do not fragment bit to be set`` * :vytask:`T3798` ``(feature): bgp: add support for "neighbor local-as replace-as" option`` 2021-09-02 ========== * :vytask:`T3792` ``(bug): login: A hypen present in a username from "system login user" is replaced by an underscore`` * :vytask:`T3790` ``(bug): Does not possible to configure PPTP static ip-address to users`` * :vytask:`T2947` ``(bug): Nat translation many-many with prefix does not map 1-1.`` 2021-08-31 ========== * :vytask:`T3789` ``(feature): Add custom validator for base64 encoded CLI data`` * :vytask:`T3782` ``(default): Ingress Shaping with IFB No Longer Functional with 1.3`` 2021-08-30 ========== * :vytask:`T3768` ``(default): Remove early syntaxVersion implementation`` * :vytask:`T2941` ``(default): Using a non-ASCII character in the description field causes UnicodeDecodeError in configsource.py`` * :vytask:`T3787` ``(bug): Remove deprecated UDP fragmentation offloading option`` 2021-08-29 ========== * :vytask:`T3708` ``(bug): isisd and gre-bridge commit error`` * :vytask:`T3783` ``(bug): "set protocols isis spf-delay-ietf" is not working`` * :vytask:`T2750` ``(default): Use m4 as a template processor`` 2021-08-28 ========== * :vytask:`T3743` ``(bug): l2tp doesn't work after reboot if outside-address not 0.0.0.0`` 2021-08-27 ========== * :vytask:`T3182` ``(bug): Main blocker Task for FRR 7.4/7.5 series update`` * :vytask:`T3568` ``(feature): Add XML for firewall conf-mode`` * :vytask:`T2108` ``(default): Use minisign/signify instead of GPG for release signing`` 2021-08-26 ========== * :vytask:`T3776` ``(default): Rename FRR daemon restart op-mode commands`` * :vytask:`T3739` ``(feature): policy: route-map: add EVPN match support`` 2021-08-25 ========== * :vytask:`T3773` ``(bug): Delete the "show system integrity" command (to prepare for a re-implementation)`` * :vytask:`T3775` ``(bug): Typo in generated Strongswan VPN-config`` 2021-08-24 ========== * :vytask:`T3772` ``(bug): VRRP virtual interfaces are not shown in show interfaces`` 2021-08-23 ========== * :vytask:`T3769` ``(feature): Containers: Network Bridging`` 2021-08-22 ========== * :vytask:`T3090` ``(feature): Move 'adjust-mss' firewall options to the interface section.`` * :vytask:`T3765` ``(default): container: additional op-mode commands`` 2021-08-20 ========== * :vytask:`T1950` ``(default): Store VyOS configuration syntax version data in JSON file`` 2021-08-19 ========== * :vytask:`T3751` ``(bug): pki generate ca add new line after passphrase`` * :vytask:`T3764` ``(bug): Unconfigurable IKE and ESP lifetime`` * :vytask:`T3234` ``(bug): multi_to_list fails in certain cases, with root cause an element redundancy in XML interface-definitions`` * :vytask:`T3732` ``(feature): override-default helper should support adding defaultValues to default less nodes`` * :vytask:`T3759` ``(default): [L3VPN] VPNv4/VPNv6 add commands`` 2021-08-18 ========== * :vytask:`T3752` ``(bug): generate pki certificate file xxx doesn't touch file`` 2021-08-16 ========== * :vytask:`T3738` ``(default): openvpn fails if server and authentication are configured`` * :vytask:`T1594` ``(bug): l2tpv3 error on IPv6 local-ip`` 2021-08-15 ========== * :vytask:`T3756` ``(default): VyOS generates invalid QR code for wireguard clients`` * :vytask:`T3757` ``(default): OSPF: add support to configure the area at an interface level`` 2021-08-14 ========== * :vytask:`T3745` ``(feature): op-mode IPSec show vpn ipse sa sorting`` 2021-08-13 ========== * :vytask:`T3749` ``(bug): V4/V6 Counters in network container validation aren't being reset`` * :vytask:`T3728` ``(bug): FRR not respect configured RD and RT for L3VNI`` * :vytask:`T3727` ``(bug): VPN IPsec ESP proposal and ESP presented in config missmatch`` * :vytask:`T3740` ``(bug): HTTPs API breaks when the address is IPv6`` 2021-08-12 ========== * :vytask:`T3731` ``(bug): verify_accel_ppp_base_service return wrong config error for SSP`` * :vytask:`T3405` ``(feature): PPPoE server unit-cache`` * :vytask:`T2432` ``(default): dhcpd: Can't create new lease file: Permission denied`` * :vytask:`T3746` ``(feature): Inform users logging into the system about a pending reboot`` * :vytask:`T3744` ``(default): Dns forwarding statistics formatting missing a new line`` 2021-08-11 ========== * :vytask:`T3709` ``(feature): Snmp: Allow enable MIDs/OIDs ipCidrRouteTable`` 2021-08-09 ========== * :vytask:`T3720` ``(bug): IPSec set vti secondary address cause interface disable`` 2021-08-08 ========== * :vytask:`T3705` ``(bug): IPSec: VTI interface does not honor default-esp-group`` * :vytask:`T2027` ``(bug): get_config_dict is failing when the configuration section is empty/missing`` 2021-08-05 ========== * :vytask:`T3719` ``(bug): Restart vpn shows some missed files`` 2021-08-04 ========== * :vytask:`T3704` ``(feature): Add ability to interact with Areca RAID adapers`` * :vytask:`T3718` ``(bug): VPN IPsec IKE group by default not use DH-group 2`` 2021-08-02 ========== * :vytask:`T3601` ``(default): Error in ssh keys for vmware cloud-init if ssh keys is left empty.`` 2021-08-01 ========== * :vytask:`T3707` ``(bug): Ping incorrect ip host checks`` 2021-07-31 ========== * :vytask:`T3716` ``(feature): Linux kernel parameters ignore_routes_with_link_down- ignore disconnected routing connections`` 2021-07-30 ========== * :vytask:`T1176` ``(default): FRR - BGP replicating routes`` * :vytask:`T1210` ``(feature): About IKEv2 IPSec VPN remote access`` 2021-07-23 ========== * :vytask:`T3699` ``(bug): login: verify selected "system login user" name is not already used by the base system.`` * :vytask:`T3698` ``(default): Support bridge monitoring`` 2021-07-13 ========== * :vytask:`T3679` ``(default): Point the unexpected exception message link to the new rolling release location`` 2021-07-11 ========== * :vytask:`T3665` ``(bug): Missing VRF support for VxLAN but already documented`` 2021-07-10 ========== * :vytask:`T3636` ``(feature): SSTP / L2TP ipv6 support broken`` 2021-07-09 ========== * :vytask:`T3667` ``(bug): brctl is damaged`` 2021-07-06 ========== * :vytask:`T3660` ``(feature): Conntrack-Sync configuration command to specify destination udp port for peer`` 2021-07-03 ========== * :vytask:`T57` ``(enhancment): Make it possible to disable the entire IPsec peer`` 2021-07-01 ========== * :vytask:`T3658` ``(feature): Add support for dhcpdv6 fixed-prefix6`` * :vytask:`T2035` ``(bug): Executing vyos-smoketest multiple times makes ssh test fail on execution`` 2021-06-29 ========== * :vytask:`T3593` ``(bug): PPPoE server called-sid format does not work`` * :vytask:`T1441` ``(feature): Add support for IPSec XFRM interfaces`` 2021-06-25 ========== * :vytask:`T3641` ``(feature): Upgrade base system from Debian Buster -> Debian Bullseye`` * :vytask:`T3649` ``(feature): Add bonding additional hash-policy`` 2021-06-23 ========== * :vytask:`T3647` ``(feature): Bullseye: gcc defaults to passing --as-needed to linker`` 2021-06-22 ========== * :vytask:`T3629` ``(bug): IPoE server shifting address in the range`` * :vytask:`T3645` ``(feature): Bullseye: ethtool changed output for ring-buffer information`` 2021-06-21 ========== * :vytask:`T3563` ``(default): commit-archive breaks with IPv6 source addresses`` 2021-06-20 ========== * :vytask:`T3637` ``(bug): vrf: bind-to-all didn't work properly`` * :vytask:`T3639` ``(default): GCC preprocessor clobbers C comments`` 2021-06-19 ========== * :vytask:`T3633` ``(feature): Add LRO offload for interface ethernet`` 2021-06-18 ========== * :vytask:`T3599` ``(default): Migrate NHRP to XML/Python`` 2021-06-17 ========== * :vytask:`T3624` ``(feature): BGP: add support for extended community bandwidth definition`` 2021-06-16 ========== * :vytask:`T3623` ``(default): Fix for dummy interface option in the operational command "clear interfaces dummy"`` * :vytask:`T3630` ``(feature): op-mode: add "show version kernel" command`` 2021-06-13 ========== * :vytask:`T3620` ``(feature): Rename WWAN interface from wirelessmodem to wwan to use QMI interface`` * :vytask:`T2173` ``(feature): Add the ability to use VRF on VTI interfaces`` * :vytask:`T3622` ``(feature): WWAN: add support for APN authentication`` * :vytask:`T3606` ``(bug): SNMP unknown notification OID`` * :vytask:`T3621` ``(bug): PPPoE interface does not validate if password is supplied when username is set`` 2021-06-12 ========== * :vytask:`T3611` ``(bug): WWAN interface (MC7710) no longer works on Kernel 5.10`` * :vytask:`T1534` ``(bug): IPSec w/ IKEv2 Invalid local-address "any"`` * :vytask:`T3616` ``(bug): Update to FastAPI causes regression in vyos-http-api-server`` 2021-06-11 ========== * :vytask:`T3614` ``(bug): Container network name with hyphen fail`` 2021-06-10 ========== * :vytask:`T3250` ``(bug): PPPoE server: wrong local usernames`` * :vytask:`T3138` ``(bug): ddclient improperly updated when apply rfc2136 config`` * :vytask:`T2645` ``(default): Editing route-map action requires adding a new rule`` 2021-06-08 ========== * :vytask:`T3605` ``(default): Allow to set prefer-global for ipv6-next-hop`` * :vytask:`T3607` ``(feature): [route-map] set ipv6 next-hop prefer-global`` * :vytask:`T3289` ``(bug): No description for node "service" conf-mode`` 2021-06-07 ========== * :vytask:`T3461` ``(bug): OpenConnect Server redundancy check`` * :vytask:`T3455` ``(bug): system users can not be added in "edit"`` * :vytask:`T3588` ``(default): IPSec: migrate no longer available options from CLI which are now hardcoded/enabled in strongSwan`` 2021-06-06 ========== * :vytask:`T842` ``(feature): Adopt VyOS CLI to latest StrongSwan options and deprecated Keywords`` 2021-06-04 ========== * :vytask:`T3595` ``(default): Cannot create new VTI interface`` * :vytask:`T3592` ``(feature): Set default TTL 64 for tunnels`` 2021-06-03 ========== * :vytask:`T3384` ``(feature): Support UDP bandwidth testing`` 2021-06-02 ========== * :vytask:`T3233` ``(bug): Interface redirect to dum0`` 2021-06-01 ========== * :vytask:`T3585` ``(default): Fix NHRP module for updated interfaces tunnel syntax`` * :vytask:`T3594` ``(bug): Disable by default service strongswan-starter`` 2021-05-30 ========== * :vytask:`T3518` ``(bug): Warning messages when using SCP commit-archive`` * :vytask:`T3093` ``(default): Add xml for vpn ipsec`` * :vytask:`T1866` ``(bug): Commit archive over SFTP doesn't work with non-standard ports`` * :vytask:`T3590` ``(feature): bgp: add option for limiting maximum number of prefixes to be sent to a peer`` * :vytask:`T3589` ``(feature): op-mode: support clearing out logfiles from CLI`` * :vytask:`T2641` ``(feature): Rewrite vpn ipsec OP commands in new style XML syntax`` * :vytask:`T3351` ``(feature): Installer checking MD5 checksums on the ISO image`` 2021-05-29 ========== * :vytask:`T1944` ``(bug): FRR: Invalid route in BGP causes update storm, memory leak, and failure of Zebra`` * :vytask:`T1888` ``(feature): Update to StrongSwan 5.9.1`` 2021-05-27 ========== * :vytask:`T3561` ``(feature): router-advert: support advertising specific routes`` * :vytask:`T2669` ``(bug): DHCP-server overlapping ranges.`` 2021-05-26 ========== * :vytask:`T3540` ``(bug): Keepalived memory utilisation issue when constantly getting its state in JSON format`` 2021-05-24 ========== * :vytask:`T3575` ``(bug): pseudo-ethernet: must check source-interface MTU`` * :vytask:`T3571` ``(bug): Broken Show Tab Complete`` * :vytask:`T3555` ``(bug): GRE TAP tunnel does not silent fragment packets / kernel fix available`` * :vytask:`T3576` ``(bug): ISIS does not support IPV6`` 2021-05-23 ========== * :vytask:`T3570` ``(default): Prevent setting of a larger MTU on child interfaces`` * :vytask:`T3573` ``(bug): as-path-prepend Description Invalid`` * :vytask:`T3572` ``(feature): Basic Drive Diagnostic Tools`` 2021-05-22 ========== * :vytask:`T3564` ``(default): Multiple BGP Confederation Peers Not Allowed`` 2021-05-21 ========== * :vytask:`T3551` ``(bug): QoS control failure of VLAN sub interface`` 2021-05-20 ========== * :vytask:`T3554` ``(feature): Add area-type stub for ospfv3`` * :vytask:`T3565` ``(feature): sysctl: rewrite in XML and Python and drop from vyatta-cfg-system`` 2021-05-19 ========== * :vytask:`T3562` ``(feature): Update Accel-PPP to a newer revision`` * :vytask:`T3559` ``(feature): Add restart op-command for OpenConnect Server`` 2021-05-18 ========== * :vytask:`T3525` ``(default): VMWare resume script syntax errors`` 2021-05-15 ========== * :vytask:`T3549` ``(bug): DHCPv6 "service dhcpv6-server global-parameters name-server" is not correctly exported to dhcpdv6.conf when multiple name-server entries are present`` * :vytask:`T3532` ``(bug): Not possible to change ethertype after interface creation`` * :vytask:`T3550` ``(bug): Router-advert completion typo`` * :vytask:`T3547` ``(feature): conntrackd: remove deprecated config options`` * :vytask:`T3535` ``(feature): Rewrite vyatta-conntrack-sync in new XML and Python flavor`` 2021-05-14 ========== * :vytask:`T3346` ``(bug): nat 4-to-5 migration script fails when a 'source' or 'destination' node exists but there are no rules`` * :vytask:`T3248` ``(default): Deal with VRRP mode-force command that exists in 1.2 but not in 1.3`` * :vytask:`T3426` ``(default): add support for script arguments to vyos-configd`` 2021-05-13 ========== * :vytask:`T3539` ``(bug): Typo in RPKI interface definition`` * :vytask:`T439` ``(feature): local PBR support`` * :vytask:`T3544` ``(feature): DHCP server should validate configuration before applying it`` * :vytask:`T3543` ``(feature): Support for setting lacp_rate on LACP bonded interfaces`` 2021-05-12 ========== * :vytask:`T3302` ``(default): Make vyos-configd relay stdout from scripts to the user's console`` * :vytask:`T3542` ``(bug): udev net.rules not installed in image since may 2nd`` 2021-05-10 ========== * :vytask:`T3374` ``(bug): IPv6 GRE Tunnel issues`` 2021-05-09 ========== * :vytask:`T3530` ``(bug): BGP peer-group can't contain a hyphen`` 2021-05-06 ========== * :vytask:`T3523` ``(bug): VRF BGP daemon route-map command missing`` * :vytask:`T3519` ``(bug): Cannot add / assign L2TPv3 to vrf`` 2021-05-05 ========== * :vytask:`T3520` ``(bug): Cannot add tunnel interface to isis within vrf`` * :vytask:`T3335` ``(bug): Some OSPFv3 show commands do not work`` 2021-05-04 ========== * :vytask:`T3504` ``(feature): BGP Per Peer Graceful Restart`` 2021-05-02 ========== * :vytask:`T3511` ``(bug): Update libnss-mapuser and libpam-radius packages from CUMULUS Linux`` 2021-05-01 ========== * :vytask:`T3379` ``(feature): Add global-parameters name-server for dhcpv6-server`` * :vytask:`T3491` ``(default): Change Kernel HZ to 1000`` 2021-04-29 ========== * :vytask:`T3503` ``(bug): "route-reflector-client" fails when "remote-as" is "internal"`` * :vytask:`T3502` ``(bug): "system ip multipath layer4-hashing" doesn't work`` 2021-04-28 ========== * :vytask:`T3473` ``(bug): IPSec op-mode show sa error`` 2021-04-27 ========== * :vytask:`T2946` ``(bug): Calling 'stty_size' causes show interfaces API to fail`` 2021-04-25 ========== * :vytask:`T3490` ``(bug): priority inversion on PBR "policy route" create, breaks default route from dhcp (live iso)`` * :vytask:`T3468` ``(bug): Tunnel interfaces aren't suggested as being available for bridging (regression)`` * :vytask:`T3497` ``(bug): Prefix list with rule containing only action is not detected as error during parse`` * :vytask:`T3492` ``(bug): BGP Configuration Migration failed (badly!) from rolling 202102240218 to rolling 202104221210`` * :vytask:`T1802` ``(feature): Wireguard QR code in cli for mobile devices`` 2021-04-24 ========== * :vytask:`T3472` ``(bug): commit-confirm script not found`` * :vytask:`T3439` ``(bug): Commit-archive location not working for scp`` 2021-04-23 ========== * :vytask:`T3395` ``(bug): WAN load-balancing fails with nexthop dhcp`` * :vytask:`T3290` ``(bug): Disabling GRE conntrack module fails`` 2021-04-20 ========== * :vytask:`T3488` ``(bug): Specifying an invalid "interface address" like dhcph leads to commit error`` 2021-04-18 ========== * :vytask:`T3481` ``(default): Exclude tag node values from key mangling`` * :vytask:`T3475` ``(bug): XML dictionary cache unable to process syntaxVersion elements`` 2021-04-17 ========== * :vytask:`T3470` ``(bug): as-override isn't applied to frr`` 2021-04-15 ========== * :vytask:`T3386` ``(bug): PPPoE-server don't start with local authentication`` * :vytask:`T3190` ``(feature): Unable to subtract value from local-preference in route-map`` 2021-04-14 ========== * :vytask:`T3398` ``(bug): Can't commit`` * :vytask:`T3055` ``(bug): op-mode incorrect naming for ipsec policy-based tunnels`` 2021-04-13 ========== * :vytask:`T3436` ``(feature): Refactoring ospf op-mode for support vrf`` * :vytask:`T3434` ``(feature): Refactoring bgp op-mode for support vrf`` 2021-04-12 ========== * :vytask:`T3454` ``(enhancment): dhclient reject option`` * :vytask:`T3328` ``(bug): Bgp not possible to delete bgp route-map`` 2021-04-10 ========== * :vytask:`T3460` ``(bug): bgp, Configuration FRR failed while commiting code`` 2021-04-09 ========== * :vytask:`T3464` ``(bug): OSPF: route-map names containing a hypen are not "found"`` 2021-04-08 ========== * :vytask:`T3462` ``(default): show ipv6 bgp -- missing`` * :vytask:`T3463` ``(bug): Prevent IPv4 Route exchange with IPv6 neighbors`` 2021-04-05 ========== * :vytask:`T3438` ``(bug): VRF: removing vif which belongs to a vrf, will delete the entire vrf from the operating system`` * :vytask:`T3418` ``(bug): BGP: system wide known interface can not be used as neighbor`` 2021-04-04 ========== * :vytask:`T3457` ``(feature): Output the "monitor log" command in a colorful way`` 2021-03-31 ========== * :vytask:`T3445` ``(bug): vyos-1x build include not all nodes`` 2021-03-30 ========== * :vytask:`T3448` ``(bug): Loading vyos on a system without xdp installed fails`` 2021-03-29 ========== * :vytask:`T3415` ``(feature): bridge: add support for isolated interfaces (private-vlan)`` * :vytask:`T1711` ``(feature): BGP - migrate from tagNode to node (remove ASN from tagNode)`` 2021-03-28 ========== * :vytask:`T3440` ``(bug): HTTP API: give uvicorn time to initialize before restarting Nginx proxy`` 2021-03-27 ========== * :vytask:`T3423` ``(bug): Cannot create ipv4 static route for default gateway in vrf`` 2021-03-26 ========== * :vytask:`T3412` ``(default): HTTP API: move to FastAPI as web framework`` * :vytask:`T2397` ``(feature): HTTP API: export OpenAPI definition`` 2021-03-24 ========== * :vytask:`T3419` ``(bug): show interfaces | strip-private fails`` 2021-03-22 ========== * :vytask:`T3284` ``(bug): merge/load fail silently if unable to resolve host`` 2021-03-21 ========== * :vytask:`T3417` ``(default): ISIS: provide per VRF instance support`` * :vytask:`T3416` ``(bug): NTP: when running inside a VRF op-mode commands do not work`` 2021-03-20 ========== * :vytask:`T3392` ``(bug): vrrp over dhcp default route bug (unexpected vrf)`` * :vytask:`T3373` ``(feature): Upgrade to SaltStack version 3002.5`` * :vytask:`T3329` ``(default): "system conntrack ignore" rules can no longer be created due to an iptables syntax change`` * :vytask:`T3300` ``(feature): Add DHCP default route distance`` * :vytask:`T3306` ``(feature): Extend set route-map aggregator as to 4 Bytes`` 2021-03-18 ========== * :vytask:`T3411` ``(default): Extend the redirect_stdout context manager in vyos-configd to redirect stdout from subprocesses`` * :vytask:`T3271` ``(bug): qemu-kvm grub issue`` 2021-03-17 ========== * :vytask:`T3413` ``(bug): Configuring invalid IPv6 EUI64 address results in "OSError: illegal IP address string passed to inet_pton"`` 2021-03-14 ========== * :vytask:`T3345` ``(default): BGP: add per VRF instance support`` * :vytask:`T3344` ``(default): Per VRF dynamic routing support`` * :vytask:`T3325` ``(bug): Bgp listen-range wrong commit message`` * :vytask:`T1513` ``(default): Move OSPF and RIP interface configuration under protocols`` 2021-03-13 ========== * :vytask:`T3406` ``(bug): tunnel: interface no longer supports specifying encaplimit none - or migrator is missing`` * :vytask:`T3407` ``(bug): console-server: do not allow to spawn a console-server session on serial port used by "system console"`` 2021-03-11 ========== * :vytask:`T3305` ``(bug): Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot`` * :vytask:`T2927` ``(bug): isc-dhcpd release and expiry events never execute`` 2021-03-09 ========== * :vytask:`T3382` ``(bug): Error creating Console Server`` 2021-03-08 ========== * :vytask:`T3387` ``(bug): Command "Monitor vpn ipsec" is not working`` 2021-03-07 ========== * :vytask:`T3388` ``(bug): show interfaces doesn't display pppoeX`` * :vytask:`T3211` ``(feature): ability to redistribute ISIS into other routing protocols`` 2021-03-04 ========== * :vytask:`T3377` ``(bug): show interfaces throws error`` 2021-03-02 ========== * :vytask:`T3375` ``(bug): Interface becomes up at boot even when disabled`` 2021-02-28 ========== * :vytask:`T3370` ``(bug): dhcp: Invalid domain name "private"`` * :vytask:`T3369` ``(feature): VXLAN: add IPv6 underlay support`` * :vytask:`T3363` ``(bug): VyOS-Build interactive prompt when using Podman`` * :vytask:`T3320` ``(bug): Bgp neighbor peer-group without peer-group fail`` 2021-02-27 ========== * :vytask:`T3365` ``(bug): Bgp neighbor interface ordering for remote-as`` * :vytask:`T3225` ``(bug): Adding a BGP neighbor with an address on a local interface throws a vyos.frr.CommitError: Configuration FRR failed while committing code: ''`` * :vytask:`T3368` ``(feature): macsec: add support for gcm-aes-256 cipher`` * :vytask:`T3173` ``(feature): Need 'nopmtudisc' option for tunnel interface`` 2021-02-26 ========== * :vytask:`T3324` ``(bug): Bgp space in the password`` * :vytask:`T3357` ``(default): HTTP-API redirect from http correct https port`` * :vytask:`T3323` ``(bug): Bgp ttl-security and ebgp-multihop fail`` 2021-02-24 ========== * :vytask:`T3303` ``(feature): Change welcome message on boot`` 2021-02-22 ========== * :vytask:`T3322` ``(bug): Bgp neighbor timers not applyed to FRR config`` * :vytask:`T3327` ``(bug): OSPFv3: Cannot add dummy interface`` 2021-02-21 ========== * :vytask:`T3331` ``(bug): Bgp unsuppress-map should be as "value leafNode"`` * :vytask:`T3330` ``(bug): Bgp capability orf prefix-list fail`` * :vytask:`T3163` ``(feature): ethernet ring-buffer can be set with an invalid value`` 2021-02-19 ========== * :vytask:`T3326` ``(bug): OSPFv3: Cannot add L2TPv3 interface`` * :vytask:`T3332` ``(bug): BGP unnumbered - UnboundLocalError: local variable 'peer_group' referenced before assignment`` 2021-02-18 ========== * :vytask:`T3259` ``(default): many dnat rules makes the vyos http api crash, even showConfig op timeouts`` 2021-02-17 ========== * :vytask:`T3312` ``(feature): SolarFlare NICs support`` 2021-02-16 ========== * :vytask:`T3313` ``(bug): ospfv3 interface missing options`` * :vytask:`T3318` ``(feature): Update Linux Kernel to v5.4.208 / 5.10.142`` 2021-02-15 ========== * :vytask:`T3311` ``(bug): BGP Error: Remote AS must be set for neighbor or peer-group`` 2021-02-14 ========== * :vytask:`T2848` ``(feature): bgp-add-path configuration options`` 2021-02-12 ========== * :vytask:`T3301` ``(bug): Wrong format and valueHelp for policy as-path-list regex`` 2021-02-11 ========== * :vytask:`T3281` ``(default): Rewrite protocol RIPng [conf-mode] to new XML/Python style`` * :vytask:`T3282` ``(default): Add XML for [conf-mode] RIPng`` * :vytask:`T3279` ``(default): Rewrite protocol STATIC [op-mode] to new XML/Python style`` * :vytask:`T3297` ``(bug): Optimize irrelevant error stack hints`` 2021-02-08 ========== * :vytask:`T3295` ``(feature): Update Linux Kernel to v5.4.96 / 5.10.14`` 2021-02-05 ========== * :vytask:`T3030` ``(feature): Support ERSPAN Tunnel Protocol`` 2021-02-04 ========== * :vytask:`T3283` ``(feature): Support for IPv4 neigh tables`` * :vytask:`T3280` ``(default): Add XML for [conf-mode] STATIC`` 2021-02-03 ========== * :vytask:`T3278` ``(feature): Add XML for "protocols vrf" [conf-mode]`` * :vytask:`T3239` ``(default): XML: override 'defaultValue' for mtu of certain interfaces; remove workarounds`` * :vytask:`T2910` ``(feature): XML: generator should support override of variables`` 2021-02-02 ========== * :vytask:`T3018` ``(bug): Unclear behaviour when configuring vif and vif-s interfaces`` * :vytask:`T3255` ``(default): Rewrite protocol RPKI to new XML/Python style`` * :vytask:`T3263` ``(feature): OSPF Hello subsecond timer`` 2021-01-31 ========== * :vytask:`T3276` ``(feature): Update Linux Kernel to v5.4.94 / 5.10.12`` 2021-01-30 ========== * :vytask:`T3240` ``(feature): Support per-interface DHCPv6 DUIDs`` * :vytask:`T3273` ``(default): PPPoE static default-routes deleted on interface down when not added by interface up`` 2021-01-29 ========== * :vytask:`T3261` ``(bug): Does not possible to disable pppoe client interface.`` * :vytask:`T3272` ``(default): OSPF: interface config is not removed`` 2021-01-27 ========== * :vytask:`T3257` ``(feature): tcpdump supporting complete protocol`` * :vytask:`T3244` ``(default): Rewrite protocol OSPFv3 to new XML/Python style`` 2021-01-26 ========== * :vytask:`T3251` ``(bug): PPPoE client trying to authorize with the wrong username`` * :vytask:`T3256` ``(default): Add XML for protocol RPKI [conf-mode]`` 2021-01-25 ========== * :vytask:`T3249` ``(feature): Support operation mode forwarding table output`` 2021-01-24 ========== * :vytask:`T3227` ``(bug): Latest releases don't work with RPKI (crash)`` * :vytask:`T3230` ``(bug): RPKI can't be deleted`` * :vytask:`T3221` ``(bug): FRR config`` * :vytask:`T3245` ``(default): Add XML for protocol ospfv3 [conf-mode]`` 2021-01-23 ========== * :vytask:`T3236` ``(default): Add XML for [conf-mode] OSPF`` 2021-01-17 ========== * :vytask:`T3222` ``(bug): Typo in BGP dampening description`` * :vytask:`T3226` ``(bug): Repair bridge smoke test damage`` 2021-01-16 ========== * :vytask:`T3215` ``(bug): Operational command "show ipv6 route" is broken`` * :vytask:`T3157` ``(bug): salt-minion fails to start due to permission error accessing /root/.salt/minion.log`` * :vytask:`T3137` ``(feature): Let VLAN aware bridge approach the behavior of professional equipment`` 2021-01-15 ========== * :vytask:`T3210` ``(feature): ISIS three-way-handshake`` * :vytask:`T3184` ``(feature): Add correct desctiptions for BGP neighbors`` 2021-01-14 ========== * :vytask:`T3213` ``(bug): show interface command python error`` 2021-01-12 ========== * :vytask:`T3205` ``(bug): Does not possible to configure tunnel mode gre-bridge`` 2020-12-20 ========== * :vytask:`T3132` ``(feature): Enable egress flow accounting`` 2020-11-29 ========== * :vytask:`T2297` ``(feature): NTP add support for pool configuration``