########### 1.4 Sagitta ########### .. Please don't add anything by hand. This file is managed by the script: _ext/releasenotes.py 2022-12-25 ========== * :vytask:`T3579` (feature): Rewrite vyatta-conntrack in new XML and Python flavour 2022-12-24 ========== * :vytask:`T4890` (bug): show conntrack table ipv4 fail * :vytask:`T4879` (bug): IPSec migration failed with missing remote-id * :vytask:`T4870` (feature): Containers switch to using overlay driver for podman storage 2022-12-23 ========== * :vytask:`T4792` (feature): Add SSTP VPN client 2022-12-21 ========== * :vytask:`T4887` (bug): Schema generation from op-mode functions should set default 'false' on boolean arguments 2022-12-18 ========== * :vytask:`T4882` (bug): Missing ICMPv6 type names in firewall configuration 2022-12-15 ========== * :vytask:`T4671` (bug): linux-firmware package is missing symlinks defined in WHENCE file 2022-12-14 ========== * :vytask:`T4881` (bug): Return opmode.Error on openconnect.py show_sessions 2022-12-12 ========== * :vytask:`T4861` (feature): Openconnect restart on adding users - Aborts all active connections 2022-12-09 ========== * :vytask:`T4865` (bug): container impossible to generate local image from a file if it requires install some pkgs 2022-12-05 ========== * :vytask:`T4860` (bug): Openconnect server incorrect unconfigured check * :vytask:`T4804` (bug): PPPoE server incorrect unconfigured check * :vytask:`T4854` (feature): BGP-route reflector allows to apply route-maps 2022-12-04 ========== * :vytask:`T4825` (feature): interfaces veth/veth-pairs -standalone used * :vytask:`T4805` (bug): PPPoE server does not restart service if pool was changed 2022-12-02 ========== * :vytask:`T4830` (bug): nat66 - Error in port translation rules * :vytask:`T4859` (bug): Correct calling of config mode script dependencies from http-api.py * :vytask:`T4820` (enhancment): Support for inter-config-mode script dependencies * :vytask:`T4858` (bug): L3VPN- Route Distinguisher notations * :vytask:`T1024` (feature): Policy Based Routing by DSCP 2022-12-01 ========== * :vytask:`T4841` (feature): add fan control * :vytask:`T4847` (bug): Correct calling of config mode script dependencies from pki.py 2022-11-29 ========== * :vytask:`T4842` (bug): Routing config broken if mpls config exists * :vytask:`T4845` (default): Add smoketest to detect cycles in config-mode script dependency calls 2022-11-27 ========== * :vytask:`T4739` (feature): ISIS and OSPF segment routing being refactored 2022-11-24 ========== * :vytask:`T4794` (bug): show firewall name - Can't use .items() on a list * :vytask:`T4714` (feature): Delete unused ipset from the filecaps * :vytask:`T3541` (bug): Route Map large community set additive is missing 2022-11-23 ========== * :vytask:`T4836` (feature): Kernel: enable new features like switchdev, ESP in TCP and HSR * :vytask:`T4835` (bug): SNMPD configuration incorrect for IPv6 * :vytask:`T4819` (feature): Allow printing Warning messages in multiple lines with \n * :vytask:`T4807` (feature): Need to fix traceroute help completion * :vytask:`T4660` (feature): Reorganize route map set community CLI * :vytask:`T4526` (bug): keepalived-fifo.py unable to load config * :vytask:`T4793` (feature): Create warning message about disable-route-autoinstall when ipsec vti is used * :vytask:`T4492` (bug): Incorrect list of neighbors in help for "show bgp vrf VRF neighbors" * :vytask:`T4496` (feature): ping vrf help does not list VRFs 2022-11-22 ========== * :vytask:`T4823` (bug): swanctl.conf is broken when ipsec site-to-site peer set. * :vytask:`T4706` (bug): NAT and NAT66 issues * :vytask:`T4670` (feature): policy route - Update matching criteria 2022-11-21 ========== * :vytask:`T4812` (feature): IPsec ability to show all configured connections * :vytask:`T4829` (default): Tunnel argument to 'reset_peer' in ipsec.py should have type hint Optional 2022-11-20 ========== * :vytask:`T4827` (bug): route-map issues , not load configuration FRR 2022-11-19 ========== * :vytask:`T4826` (bug): Wrong key type is used for SSH SK public keys * :vytask:`T4720` (feature): Ability to configure SSH HostKeyAlgorithms * :vytask:`T4828` (default): Raise appropriate op-mode errors in ipsec.py 'reset_peer' 2022-11-18 ========== * :vytask:`T4821` (bug): Correct calling of config mode script dependencies from firewall.py 2022-11-17 ========== * :vytask:`T4750` (feature): Support of higher level SSH keys (sk-ssh-ed25519) 2022-11-15 ========== * :vytask:`T4808` (feature): Add details of configtree operations to migration log 2022-11-12 ========== * :vytask:`T4814` (bug): Regression in bundled powerdns version 2022-11-09 ========== * :vytask:`T4800` (bug): undefined var includes_chroot_dir in build-vyos-image 2022-11-08 ========== * :vytask:`T4771` (feature): Rewrite protocol BGP op-mode to vyos.opmode format * :vytask:`T4806` (default): Update FRR to 8.4 in 1.4 version 2022-11-06 ========== * :vytask:`T4803` (bug): The header 'Authorization' needs to be explictly allowed in http-api CORS middleware 2022-11-05 ========== * :vytask:`T4802` (feature): Ability to define per container shared-memory size 2022-11-01 ========== * :vytask:`T4764` (bug): NAT tables vyos_nat and vyos_static_nat not deleting after deleting nat * :vytask:`T4177` (bug): Strip-private doesn't work for service monitoring 2022-10-31 ========== * :vytask:`T4786` (feature): Add package python3-pyhumps * :vytask:`T1875` (feature): Add the ability to use network address as BGP neighbor (bgp listen range) * :vytask:`T4785` (feature): snmp: Allow !, @, * and # in community name * :vytask:`T4787` (feature): ipsec: add support for road-warrior/remote-access RADIUS timeout 2022-10-29 ========== * :vytask:`T4783` (default): Add support for stunnel * :vytask:`T4784` (feature): Add description node for static route/route6 tagNodes 2022-10-28 ========== * :vytask:`T4291` (default): Consolidate component version read/write functions 2022-10-27 ========== * :vytask:`T4763` (feature): Change XML for Show nat destination statistics * :vytask:`T4762` (bug): Show nat rules with empty rules incorrect error * :vytask:`T4778` (bug): Raise error UnconfiguredSubsystem if op-mode ipsec.py fails initialization 2022-10-26 ========== * :vytask:`T4773` (default): Add camel_case to snake_case conversion utility 2022-10-25 ========== * :vytask:`T4574` (default): Add token based authentication to GraphQL API 2022-10-24 ========== * :vytask:`T4772` (default): Return list of dicts in 'raw' output of route.py instead of dict with redundant information 2022-10-23 ========== * :vytask:`T3723` (bug): op-mode IPSec show vpn ipsec sa output with underscores 2022-10-21 ========== * :vytask:`T4768` (default): Change name of api child node from 'gql' to 'graphql' 2022-10-18 ========== * :vytask:`T4684` (feature): Rewrite show ip route by protocol to vyos.opmode format * :vytask:`T4533` (bug): Radius clients don’t have simple permissions * :vytask:`T4753` (enhancment): Extend automatic generation of schema to query SystemStatus 2022-10-17 ========== * :vytask:`T4725` (bug): Unable to reset vpn IPsec peer 2022-10-14 ========== * :vytask:`T4672` (bug): RADIUS server disable does not work * :vytask:`T4749` (enhancment): Use config_dict for conf_mode http-api.py 2022-10-13 ========== * :vytask:`T4746` (bug): Monitoring nft. table vyos_filter by default does not exist but telegraf checks this table * :vytask:`T4744` (bug): BGP directly connected neighbors don't compatible with ebgp-multihop * :vytask:`T4716` (feature): SSH ability to configure RekeyLimit * :vytask:`T4343` (default): Expose powerdns network-timeout for service dns forwarding * :vytask:`T4312` (bug): Telegraf configuration doesn't accept IPs for URL * :vytask:`T4274` (default): Extend OpenConnect RADIUS Timeout to Permit 2FA Entry 2022-10-12 ========== * :vytask:`T4747` (bug): Monitoring influxdb template input exec plugin does not work * :vytask:`T4740` (bug): Show conntrack table ipv6 fail * :vytask:`T4730` (bug): Conntrack-sync error - listen-address is not the correct type in config as it should be 2022-10-11 ========== * :vytask:`T4742` (bug): Autocomplete in policy route rule x set table / does not show the tables created in the static protocols * :vytask:`T4741` (bug): set firewall zone Local local-zone failed * :vytask:`T4680` (bug): Telegraf prometheus-client listen-address invalid format 2022-10-10 ========== * :vytask:`T538` (feature): Support for network mapping in NAT 2022-10-09 ========== * :vytask:`T4738` (enhancment): Extend automatic generation of schema definition files to native configsession functions; use single resolver/directive 2022-10-08 ========== * :vytask:`T4707` (feature): Enable OSPF segment routing 2022-10-07 ========== * :vytask:`T4736` (bug): Error on JSON output of API query ShowConfig 2022-10-04 ========== * :vytask:`T4708` (bug): 'show nat destination rules' throwing an error * :vytask:`T4700` (feature): Firewall - Add interface match criteria * :vytask:`T4699` (feature): Firewall - Add jump action - Add return action * :vytask:`T4651` (feature): Firewall - Add options to match packet size * :vytask:`T4702` (bug): Wireguard peers configuration is not synchronized with CLI * :vytask:`T4685` (bug): Interface does not exist on boot when used as inbound-interface for local policy route * :vytask:`T4652` (feature): Upgrade PowerDNS recursor to 4.7 series * :vytask:`T4582` (default): Router-advert: Preferred lifetime cannot equal valid lifetime in PIOs 2022-09-29 ========== * :vytask:`T4715` (feature): Auto logout user after a period of inactivity * :vytask:`T4697` (bug): policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit 2022-09-27 ========== * :vytask:`T4711` (feature): Ability to terminate user TTY and PTS sessions * :vytask:`T4557` (feature): fastnetmon: allow configure limits per protocol (tcp, udp, icmp) 2022-09-21 ========== * :vytask:`T4678` (feature): Rewrite service ipoe-server to get_config_dict * :vytask:`T4703` (feature): accel-ppp: combine vlan-id and vlan-range into single CLI node 2022-09-20 ========== * :vytask:`T4693` (bug): ISIS segment routing was broken... 2022-09-17 ========== * :vytask:`T4666` (bug): EAP-TLS no longer allows TLSv1.0 after T4537, T4584 * :vytask:`T4665` (bug): Keepalived cannot use same VRID for VRRPv2 and VRRPv3 2022-09-16 ========== * :vytask:`T4698` (enhancment): Drop validator name="range" and replace it with numeric * :vytask:`T4695` (feature): Add 'es' and 'jp106' keymap option keyboard-layout * :vytask:`T4669` (enhancment): Extend numeric.ml for inversion of values and range values 2022-09-15 ========== * :vytask:`T4679` (bug): OpenVPN site-to-site incorrect check for IPv6 local and remote address * :vytask:`T4691` (feature): Upgrade Linux Kernel to latest 5.15.y train * :vytask:`T4630` (bug): Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time * :vytask:`T4696` (default): Extend bgp parameters for bgp bestpath peer-type multipath-relax 2022-09-12 ========== * :vytask:`T4617` (feature): VRF specification is needed for telegraf prometheus-client listen-address
* :vytask:`T4690` (bug): Update GraphQL resolver for 'SystemStatus' following changes to 'show_uptime' op-mode script * :vytask:`T4647` (feature): Add Google Virtual NIC (gVNIC) support * :vytask:`T4170` (feature): Rename "policy ipv6-route" -> "policy route6" 2022-09-09 ========== * :vytask:`T4682` (feature): Rewrite 'show system storage' in standardized format * :vytask:`T4681` (feature): Complete standardization of show_uptime.py 2022-09-06 ========== * :vytask:`T4640` (enhancment): Integrate op-mode exception hierarchy into API * :vytask:`T4597` (bug): Check bind port before assign service HTTPS API and openconnect * :vytask:`T4674` (bug): API should show op-mode error message, if present * :vytask:`T4673` (bug): op-mode bridge.py should raise error on show_fdb for nonexistent bridge interface 2022-09-05 ========== * :vytask:`T4668` (bug): Adding/removing members from bond doesn't work/results in incorrect interface state * :vytask:`T4663` (bug): Interface pseudo-ethernet does not change mode * :vytask:`T4655` (bug): Firewall in 1.4 sets the default action 'accept' instead of 'drop' * :vytask:`T4628` (bug): ConfigTree() throws ValueError() if tagNode contains whitespaces 2022-09-01 ========== * :vytask:`T4606` (bug): monitor nat destination translation shows missing script * :vytask:`T4435` (bug): Policy route and firewall - error when using undefined group * :vytask:`T4147` (bug): New Firewall Implementation - proposed changes on group implementation 2022-08-31 ========== * :vytask:`T4650` (feature): Rewire show nat translation to vyos.opmode format * :vytask:`T4644` (bug): Check bind port before assign vpn sstp * :vytask:`T4643` (bug): Smoketest exclude either sstp or openconnect from pki-misc default listen port * :vytask:`T4569` (feature): Rewrite show bridge to new format * :vytask:`T4547` (bug): Show vpn ipsec sa show unexpected prefix 'B' in packets * :vytask:`T4367` (bug): NAT - Config tmp file not available 2022-08-29 ========== * :vytask:`T4645` (bug): show nat source statistics lack argument --family * :vytask:`T4634` (bug): Bgp neighbor disable-connected-check does not work * :vytask:`T4631` (feature): Add port and protocol to nat66 * :vytask:`T4623` (feature): Add show conntrack statistics * :vytask:`T4595` (bug): DPD interval and timeout do not work in DMVPN * :vytask:`T4594` (feature): Rewrite op-mode IPsec to vyos.opmode format * :vytask:`T4508` (bug): Problem with values of the same environment in different event handlers * :vytask:`T4653` (bug): Interface offload options are not applied correctly * :vytask:`T4546` (bug): Does not connect Cisco spoke to VyOS hub. * :vytask:`T4061` (default): Add util function to check for completion of boot config * :vytask:`T4654` (bug): RPKI cache incorrect description * :vytask:`T4572` (bug): Add an option to force interface MTU to the value received from DHCP 2022-08-26 ========== * :vytask:`T4642` (bug): proxy: hyphen not allowed in proxy URL 2022-08-25 ========== * :vytask:`T4626` (bug): Error showing nat66 source and destination * :vytask:`T4622` (feature): Firewall allow drop packets by TCP MSS size 2022-08-24 ========== * :vytask:`T4641` (bug): prefix-list allows ipv6 prefix as input * :vytask:`T4633` (feature): Change keepalived to v2.2.7 2022-08-23 ========== * :vytask:`T4618` (bug): Traffic policy not set on virtual interfaces * :vytask:`T4538` (bug): Macsec does not work correctly when the interface status changes. 2022-08-22 ========== * :vytask:`T4089` (bug): Show nat destination rules shows ip address instead of interface 'any' * :vytask:`T4632` (bug): VLAN-aware bridge not working * :vytask:`T4637` (feature): Upgrade to podman 4.2.0 2022-08-20 ========== * :vytask:`T4596` (bug): "show openconnect-server sessions" command does not work in the openconnect module 2022-08-19 ========== * :vytask:`T4620` (bug): UPnP does not work due to incorrect template * :vytask:`T4619` (bug): Static arp is not set if another entry is present * :vytask:`T4611` (bug): UPnP rule IP should be a prefix instead of an address * :vytask:`T4614` (feature): OpenConnect split-dns directive 2022-08-18 ========== * :vytask:`T4613` (bug): UPnP configuration without listen option fail * :vytask:`T4570` (bug): Exception when trying to set up VXLAN over Wireguard 2022-08-17 ========== * :vytask:`T4598` (feature): nat66 - Add exclude options * :vytask:`T4480` (default): add an ability to configure squid acl safe ports and acl ssl safe ports 2022-08-16 ========== * :vytask:`T4592` (bug): macsec: can not create two interfaces using the same source-interface * :vytask:`T4584` (bug): hostap: create custom package build * :vytask:`T4413` (default): Add an API endpoint with basic system stats * :vytask:`T4537` (bug): MACsec not working with cipher gcm-aes-256 2022-08-15 ========== * :vytask:`T4609` (bug): Unable to Restart Container VyOS 1.4 * :vytask:`T4565` (bug): vlan aware bridge not working with - Kernel: T3318: update Linux Kernel to v5.4.205 #249 * :vytask:`T3988` (default): Feature Request: IPsec Multiple local/remote prefix for the tunnel * :vytask:`T2763` (feature): New SNMP resource request - SNMP over TCP 2022-08-14 ========== * :vytask:`T4579` (bug): bridge: can not delete member interface CLI option when VLAN is enabled * :vytask:`T4421` (default): Add support for floating point numbers in the numeric validator * :vytask:`T3507` (bug): Bond with mode LACP show u/u in show interfaces even if peer is not configured 2022-08-12 ========== * :vytask:`T4603` (feature): Need a config option to specify NAS-IP-Address for vpn l2tp 2022-08-10 ========== * :vytask:`T4408` (feature): Add sshguard to protect against brut-forces 2022-08-08 ========== * :vytask:`T4586` (feature): Add to NAT66: SNAT destination address and DNAT source address. 2022-08-04 ========== * :vytask:`T4257` (feature): Discussion on changing BGP autonomous system number syntax 2022-08-02 ========== * :vytask:`T4585` (feature): Rewrite op-mode containers to vyos.opmode * :vytask:`T4515` (default): Reduce telegraf binary size 2022-08-01 ========== * :vytask:`T4581` (bug): 'show system cpu' not working * :vytask:`T4578` (feature): Rewrite show dns forwarding statistics to new format 2022-07-31 ========== * :vytask:`T4580` (bug): Handle the case of op-mode file names with hyphens in GraphQL schema/resolver generation 2022-07-30 ========== * :vytask:`T4575` (feature): vyos.utill add new wrapper "rc_cmd" to get the return code and output * :vytask:`T4562` (feature): Rewrite show vrf to new format * :vytask:`T4545` (feature): Rewrite show nat source rules * :vytask:`T4543` (bug): Show source nat statistics shows incorrect interface * :vytask:`T4503` (default): Prevent op mode scripts from restarting services if there's a commit in progress * :vytask:`T4411` (feature): Add migration for service monitoring telegraf influxdb 2022-07-29 ========== * :vytask:`T4554` (enhancment): Implement GraphQL resolvers for standardized op-mode scripts * :vytask:`T4518` (feature): Add XML for CLI conf mode load-balancing wan * :vytask:`T4544` (enhancment): Generate schema definitions from standardized op-mode scripts 2022-07-28 ========== * :vytask:`T4531` (bug): NAT op-mode errors with exclude rules * :vytask:`T3435` (bug): NAT rules show corruption 2022-07-27 ========== * :vytask:`T4571` (bug): Sflow with vrf configured does not use vrf to validate agent-address IP from vrf-configured interfaces * :vytask:`T4552` (bug): Unable to reset IPsec IPv6 peer 2022-07-26 ========== * :vytask:`T4568` (bug): show vpn debug peer doesn't work * :vytask:`T4556` (feature): fastnetmon: Allow configure white_list_path and populate with hosts/networks that should be ignored. * :vytask:`T4495` (feature): Combine BGP reset op commands 2022-07-25 ========== * :vytask:`T4567` (default): Merge experimental branch of GraphQL development * :vytask:`T4560` (bug): VRF and BGP neighbor local-as error * :vytask:`T4493` (bug): Incorrect help for "show bgp neighbors" * :vytask:`T1233` (bug): ipsec vpn sa showing down 2022-07-22 ========== * :vytask:`T4145` (bug): Conntrack table not showing after firewall rewriting 2022-07-21 ========== * :vytask:`T4555` (feature): fastnetmon: add IPv6 support * :vytask:`T4553` (default): Allow to set ban time on ddos-protection configuration 2022-07-20 ========== * :vytask:`T4056` (bug): Traffic policy not set in live configuration 2022-07-18 ========== * :vytask:`T4523` (feature): OP-mode Extend conntrack output to get marks, zones and directions * :vytask:`T4228` (bug): bond: OS error thrown when two bonds use the same member * :vytask:`T4539` (feature): qat: update Intel QuickAssist release version 1.7.L.4.16.0-00017 * :vytask:`T4534` (bug): bond: bridge: error out if member interface is assigned to a VRF instance * :vytask:`T4525` (bug): Delete interface from VRF and add it to bonding error * :vytask:`T4522` (feature): bond: add ability to specify mii monitor interval via CLI * :vytask:`T4535` (feature): FRR: upgrade to stable/8.3 version * :vytask:`T4521` (bug): bond: ARP monitor interval is not configured despite set via CLI * :vytask:`T4540` (feature): firmware: update to Linux release 20220708 2022-07-17 ========== * :vytask:`T4028` (bug): FRR 8.1 routes not being applied to routing table after reboot if an interface has 2 ip addresses 2022-07-15 ========== * :vytask:`T4494` (bug): Cannot reset BGP peer within VRF * :vytask:`T4536` (feature): FRR: move to systemd for daemon control 2022-07-14 ========== * :vytask:`T4491` (bug): Use empty string for internal name of root node of config_tree 2022-07-13 ========== * :vytask:`T1375` (feature): Add clear dhcp server lease function 2022-07-12 ========== * :vytask:`T4527` (bug): Prevent to create VRF name default * :vytask:`T4084` (default): Dehardcode the default login banner * :vytask:`T3948` (feature): IPSec VPN: Add a new option "none" for the connection-type * :vytask:`T235` (feature): Ability to configure manual IP Rules 2022-07-10 ========== * :vytask:`T3836` (bug): Setting a default IPv6 route while getting IPv4 gateway via DHCP removes the IPv4 gateway 2022-07-09 ========== * :vytask:`T4507` (feature): IPoE-server add multiplier option for shaper * :vytask:`T4499` (bug): NAT source translation not showing a single output * :vytask:`T4468` (bug): web-proxy source group cannot start with a number bug * :vytask:`T4373` (feature): PPPoE-server add multiplier option for shaper * :vytask:`T3353` (bug): PPPoE server wrong vlan-range generating config * :vytask:`T3648` (bug): op-mode: nat rules broken * :vytask:`T4517` (feature): ip: Add options to enable directed broadcast forwarding 2022-07-07 ========== * :vytask:`T4456` (bug): NTP client in VRF tries to bind to interfaces outside VRF, logs many messages * :vytask:`T4509` (feature): Feature Request: DNS64 2022-07-06 ========== * :vytask:`T4513` (bug): Webproxy monitor commands do not work * :vytask:`T4299` (feature): Firewall - GeoIP filtering 2022-07-05 ========== * :vytask:`T4378` (bug): Unable to submit wildcard ("*.example.com") A or AAAA records in dns forwarder * :vytask:`T2683` (default): no dual stack in system static-host-mapping host-name * :vytask:`T478` (feature): Firewall address group (multi and nesting) 2022-07-04 ========== * :vytask:`T4501` (bug): Syslog-identifier does not work in event handler * :vytask:`T3600` (bug): DHCP Interface static route breaks PBR * :vytask:`T4498` (feature): bridge: Add option to enable/disable IGMP/MLD snooping 2022-07-01 ========== * :vytask:`T2455` (bug): No support for the IPv6 VTI * :vytask:`T4490` (feature): BGP- warning message that AFI/SAFI is needed to establish the neighborship * :vytask:`T4489` (bug): MPLS sysctl not persistent for tunnel interfaces 2022-06-29 ========== * :vytask:`T4477` (feature): router-advert: support RDNSS lifetime option 2022-06-28 ========== * :vytask:`T4486` (bug): Container can't be deleted * :vytask:`T4473` (bug): Use container network without network declaration error * :vytask:`T4458` (feature): Firewall - add support for matching ip ttl in firewall rules * :vytask:`T3907` (feature): Firewall - Set log levels 2022-06-27 ========== * :vytask:`T4484` (default): Firewall op-mode summary doesn't correctly handle address group containing ranges 2022-06-25 ========== * :vytask:`T4482` (bug): dhcp: toggle of "dhcp-options no-default-route" has no effect * :vytask:`T4483` (feature): Upgrade fastnetmon to v1.2.2 community edition 2022-06-22 ========== * :vytask:`T1748` (feature): vbash: beautify tab completion output/line breaks 2022-06-20 ========== * :vytask:`T1856` (feature): Support configuring IPSec SA bytes 2022-06-18 ========== * :vytask:`T4467` (bug): Validator Does Not Accept Signed Numbers 2022-06-17 ========== * :vytask:`T4209` (bug): Firewall incorrect handler for recent count and time 2022-06-16 ========== * :vytask:`T4352` (bug): wan-load balance - priority traffic rule doesn't work 2022-06-15 ========== * :vytask:`T4450` (feature): Route-map - Extend options for ip|ipv6 address match * :vytask:`T4449` (feature): Route-map - Extend options for ip next-hop match * :vytask:`T990` (feature): Make DNAT/SNAT a valid state in firewall rules. 2022-06-12 ========== * :vytask:`T4420` (feature): Feature Request: ocserv: show configured 2FA OTP key * :vytask:`T4380` (default): Feature Request: ocserv: 2FA OTP key generator in VyOS CLI 2022-06-10 ========== * :vytask:`T4365` (bug): NAT - Error on setting up tables * :vytask:`T4465` (feature): node.def generation misses whitespace on multiple use of 2022-06-09 ========== * :vytask:`T4444` (default): sstp: Feature request. Port number changing support * :vytask:`T2580` (feature): Support for ip pools for ippoe 2022-06-08 ========== * :vytask:`T4447` (bug): DHCPv6 prefix delegation `sla-id` limited to 128 2022-05-31 ========== * :vytask:`T4212` (default): PermissionError when generating/installing server Certificate (generate pki certificate sign ...) * :vytask:`T4199` (bug): Commit failed when setting icmpv6 type any * :vytask:`T4148` (bug): Firewall - Error messages not that clear as it were in old firewall * :vytask:`T3659` (bug): Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors 2022-05-30 ========== * :vytask:`T4315` (feature): Telegraf - Output to prometheus 2022-05-29 ========== * :vytask:`T2473` (feature): Xml for EIGRP [conf_mode] 2022-05-28 ========== * :vytask:`T4448` (feature): rip: add support for explicit version selection 2022-05-26 ========== * :vytask:`T4442` (feature): HTTP API add action "reset" 2022-05-25 ========== * :vytask:`T4410` (feature): Telegraf - Output to Splunk * :vytask:`T4382` (bug): Replacing legacy loadFile exposes missing steps in migration scripts and other errors 2022-05-21 ========== * :vytask:`T4437` (bug): flow-accounting: support IPv6 flow collectors 2022-05-20 ========== * :vytask:`T4418` (feature): Telegraf - output Plugin azure-data-explorer 2022-05-19 ========== * :vytask:`T4434` (bug): DMVPN: cisco-authentication password length is 8 characters * :vytask:`T3938` (default): Rewrite the uptime script in Python to allow using it as a library * :vytask:`T4334` (default): Make the config lexer reentrant 2022-05-17 ========== * :vytask:`T4424` (bug): policy local-route6 shows ipv4 format 2022-05-16 ========== * :vytask:`T4377` (default): generate tech-support archive includes previous archives 2022-05-12 ========== * :vytask:`T4417` (bug): VRRP doesn't start with conntrack-sync * :vytask:`T4100` (feature): Firewall increase maximum number of rules 2022-05-11 ========== * :vytask:`T4405` (bug): DHCP client sometimes ignores `no-default-route` option of an interface 2022-05-10 ========== * :vytask:`T4156` (default): Adding DHCP Option 13 (bootfile-size) * :vytask:`T1972` (feature): Allow setting interface name for virtual_ipaddress in VRRP VRID 2022-05-07 ========== * :vytask:`T4361` (bug): `vyos.config.exists()` does not work for nodes with multiple values * :vytask:`T4354` (bug): Slave interfaces fall out from bonding during configuration change * :vytask:`T4419` (feature): vrf: support to disable IP forwarding within a given VRF 2022-05-06 ========== * :vytask:`T4385` (bug): bgp: peer-group member cannot override remote-as of peer-group 2022-05-05 ========== * :vytask:`T4414` (feature): Add route-map "as-path prepend last-as x" option 2022-05-03 ========== * :vytask:`T4395` (feature): Extend show vpn debug 2022-05-01 ========== * :vytask:`T4369` (bug): OpenVPN: daemon not restarted on changes to "openvpn-option" CLI node * :vytask:`T4363` (bug): salt-minion: default mine_interval option is not set * :vytask:`T4353` (feature): Add Jinja2 linter to vyos-1x build process 2022-04-29 ========== * :vytask:`T4388` (bug): dhcp-server: missing constraint on tftp-server-name option * :vytask:`T4366` (bug): geneve: interface is removed on changes to e.g. description 2022-04-28 ========== * :vytask:`T4400` (bug): Container OP mode has delete where show and update should be 2022-04-27 ========== * :vytask:`T4398` (bug): IPSec site-to-site generates unexpected passthrough option * :vytask:`T4397` (feature): arp: migrate static ARP entry configuration to get_config_dict() and make it VRF aware * :vytask:`T4357` (feature): Allow free-form setting of DHCPv6 server options 2022-04-26 ========== * :vytask:`T4210` (bug): NAT source/destination negated ports throws an error * :vytask:`T4235` (default): Add config tree diff algorithm 2022-04-25 ========== * :vytask:`T4390` (feature): op-mode: extend "show log" and "monitor log" with additional daemons/subsystems to read journalctl logs * :vytask:`T4391` (bug): PPPoE: IPv6 not working after system boot 2022-04-24 ========== * :vytask:`T4342` (bug): "show ip ospf neighbor address x.x.x.x" gives "unknown command" error 2022-04-23 ========== * :vytask:`T4386` (default): Applying limiter on traffic-policy "in" fails, incorrectly reports mirror or redirect policy in use 2022-04-22 ========== * :vytask:`T4389` (feature): dhcp: add vendor option support for Ubiquity Unifi controller 2022-04-21 ========== * :vytask:`T4384` (feature): pppoe: replace default-route CLI option with common CLI nodes already present for DHCP 2022-04-20 ========== * :vytask:`T4345` (bug): New firewall code does not accept "rate/time interval" syntax used in old config * :vytask:`T4231` (feature): Feature Request: ocserv: 2FA (password+OTP) support in Openconnect 2022-04-19 ========== * :vytask:`T4379` (bug): PPPoE: default-route lost after applying additional static routes * :vytask:`T4344` (bug): DHCP statistics not matching, conf-mode generates incorrect pool name with dash * :vytask:`T4268` (bug): Elevated LA while using VyOS monitoring feature 2022-04-18 ========== * :vytask:`T4351` (bug): Openvpn conf-mode "openvpn-option" is not respected * :vytask:`T4278` (default): vyos-vm-images: fix vagrant libvirt box * :vytask:`T4368` (bug): bgp: AS specified for local as is the same as the remote as and this is not allowed. * :vytask:`T4370` (feature): vxlan: geneve: support configuration of df bit option 2022-04-15 ========== * :vytask:`T4327` (default): Ethernet interface configuration fails on Hyper-V due to speed/duplex/autoneg ethtool command error * :vytask:`T4364` (feature): salt-minion: Upgrade to 3004 and migrate to get_config_dict() 2022-04-13 ========== * :vytask:`T4333` (feature): Jinja2: add plugin to test if a variable is defined and not none to reduce template complexity 2022-04-08 ========== * :vytask:`T4331` (bug): IPv6 link local addresses are not configured when an interface is in a VRF * :vytask:`T4347` (default): Return complete and consistent error codes from HTTP API * :vytask:`T4339` (bug): wwan: tab-completion results in "No such file or directory" if there is no WWAN interface * :vytask:`T4338` (bug): wwan: changing interface description should not trigger reconnect * :vytask:`T4324` (bug): wwan: check alive script should only be run via cron if a wwan interface is configured at all 2022-04-07 ========== * :vytask:`T4330` (bug): MTU settings cannot be applied when IPv6 is disabled * :vytask:`T4346` (feature): Deprecate "system ipv6 disable" option to disable address family within OS kernel * :vytask:`T4319` (bug): The command "set system ipv6 disable" doesn't work as expected. * :vytask:`T4341` (feature): login: disable user-account prior to deletion and wait until deletion is complete * :vytask:`T4336` (feature): isis: add support for MD5 authentication password on a circuit 2022-04-06 ========== * :vytask:`T4308` (feature): Op-comm "Show log frr" to view specific protocol logs 2022-04-04 ========== * :vytask:`T4329` (bug): Bgp policy route-map bug with set several extcommunity rt 2022-04-02 ========== * :vytask:`T4335` (bug): open-vmdk fails to build under gcc-10.+ 2022-04-01 ========== * :vytask:`T4332` (bug): bgp: deterministic-med cannot be disabled while addpath-tx-bestpath-per-AS is in use 2022-03-31 ========== * :vytask:`T4326` (feature): Add bgp option no-suppress-duplicates * :vytask:`T4323` (default): ospf6d crashes on latest vyos nightly 2022-03-29 ========== * :vytask:`T3686` (bug): Bridging OpenVPN tap with no local-address breaks * :vytask:`T3635` (default): Add ability to use mDNS repeater with VRRP 2022-03-26 ========== * :vytask:`T4321` (default): Allow BGP neighbors between different VIFs on the same VyOS 2022-03-24 ========== * :vytask:`T4301` (bug): The "arp-monitor" option in bonding interface settings does not work * :vytask:`T4294` (bug): Adding a new openvpn-option does not restart the OpenVPN process * :vytask:`T4290` (bug): BGP source-interface fails to commit * :vytask:`T4230` (bug): OpenVPN server configuration deleted after reboot when using a VRRP virtual-address 2022-03-23 ========== * :vytask:`T4314` (bug): Latest 1.4 Rolling release config migration error 2022-03-21 ========== * :vytask:`T4304` (feature): [OSPF]import/export filter inter-area prefix 2022-03-20 ========== * :vytask:`T4298` (default): vyos-vm-images: fix ansible group name and remove obsolete empty command 2022-03-18 ========== * :vytask:`T4286` (bug): Fix for firewall ipv6 name address validator 2022-03-15 ========== * :vytask:`T4302` (feature): FRRouting upgrade to release 8.2.2 * :vytask:`T4293` (default): Add "set ip-next-hop unchanged" in route-map 2022-03-14 ========== * :vytask:`T4275` (default): Incorrect val_help for local/remote prefix in ipsec vpn 2022-03-12 ========== * :vytask:`T4296` (bug): Interface config injected by Cloud-Init may interfere with VyOS native * :vytask:`T4265` (feature): Add op-mode for bgp flowspec state and routes 2022-03-11 ========== * :vytask:`T4297` (bug): Interface configuration saving fails for ice/iavf based interfaces because they can't change speed/duplex settings 2022-03-09 ========== * :vytask:`T3981` (feature): VRF support for flow-accounting 2022-03-05 ========== * :vytask:`T4259` (bug): The conntrackd daemon can be started wrongly 2022-03-03 ========== * :vytask:`T4283` (feature): Add support to "reject" routes - emit an ICMP unreachable when matched 2022-03-01 ========== * :vytask:`T4277` (feature): flow-accounting: support sending flow-data via VRF interface 2022-02-28 ========== * :vytask:`T4273` (bug): ssh: Upgrade from 1.2.X to 1.3.0 breaks config * :vytask:`T4115` (bug): reboot in not working as expected * :vytask:`T3656` (bug): IPSec 1.4 : "show vpn ike sa" does not show the correct default ike version 2022-02-26 ========== * :vytask:`T4272` (feature): lldp: migrate Python script to use get_config_dict() 2022-02-25 ========== * :vytask:`T4269` (feature): node.def generator should automatically add default values 2022-02-24 ========== * :vytask:`T4267` (bug): Error - Missing required "ip key" parameter 2022-02-23 ========== * :vytask:`T4194` (bug): prefix-list no check for duplicate entries * :vytask:`T4264` (bug): vxlan: interface is destroyed and rebuild on description change * :vytask:`T4263` (bug): vyos.util.leaf_node_changed() dos not honor valueLess nodes 2022-02-21 ========== * :vytask:`T4120` (feature): [VXLAN] add ability to set multiple unicast-remotes 2022-02-20 ========== * :vytask:`T4254` (feature): VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on * :vytask:`T4249` (feature): Add support for device mapping in containers * :vytask:`T3617` (bug): IPSec 1.4 generate invalid configuration * :vytask:`T4261` (feature): MACsec: add DHCP client support * :vytask:`T4203` (bug): Reconfigure DHCP client interface causes brief outages 2022-02-19 ========== * :vytask:`T4258` (bug): [DHCP-SERVER] error parameter on Failover 2022-02-17 ========== * :vytask:`T4255` (bug): Unexpected print of dict bridge on delete * :vytask:`T4240` (bug): Cannot add wlan0 to bridge via configure * :vytask:`T4154` (bug): Error add second gre tunnel with the same source interface 2022-02-16 ========== * :vytask:`T4237` (bug): Conntrack-sync error - error adding listen-address command 2022-02-15 ========== * :vytask:`T4160` (bug): Firewall - Error in rules that matches everything except something * :vytask:`T3006` (bug): Accel-PPP & vlan-mon config get invalid VLAN * :vytask:`T3494` (bug): DHCPv6 leases traceback when PD using * :vytask:`T1292` (bug): Issues while deleting all rules from a firewall 2022-02-13 ========== * :vytask:`T4242` (bug): ethernet speed/duplex can never be switched back to auto/auto * :vytask:`T4191` (bug): Lost access to host after VRF re-creating 2022-02-11 ========== * :vytask:`T3872` (feature): Add configurable telegraf monitoring service 2022-02-08 ========== * :vytask:`T4227` (bug): Typo in help completion of hello-time option of bridge interface 2022-02-07 ========== * :vytask:`T4233` (bug): ssh: sync regex for allow/deny usernames to "system login" 2022-02-06 ========== * :vytask:`T4223` (bug): policy route cannot have several entries with the same table * :vytask:`T4216` (bug): Firewall: can't use negated groups in firewall rules * :vytask:`T4178` (bug): policy based routing tcp flags issue * :vytask:`T4164` (bug): PBR: network groups (as well as address and port groups) don't resolve in `nftables_policy.conf` * :vytask:`T3970` (feature): Add support for op-mode PKI direct install into an active config session * :vytask:`T3828` (bug): ipsec: Subtle change in "pfs enable" behavior from equuleus -> sagitta 2022-02-05 ========== * :vytask:`T4226` (bug): VRRP transition-script does not work for groups name which contains -(minus) sign 2022-02-04 ========== * :vytask:`T4196` (bug): DHCP server client-prefix-length parameter results in non-functional leases 2022-02-03 ========== * :vytask:`T4218` (bug): firewall: rule name is not allowed to start with a number * :vytask:`T3643` (bug): show vpn ipsec sa doesn't show tunnels in "down" state 2022-02-01 ========== * :vytask:`T4224` (bug): Ethernet interfaces configured for DHCP not working on latest rolling snapshot (vyos-1.4-rolling-202201291849-amd64.iso) * :vytask:`T4225` (bug): Performance degration with latest rolling release * :vytask:`T4220` (bug): Commit broke dhclient 78b247b724f74bdabab0706aaa7f5b00e5809bc1 * :vytask:`T4138` (bug): NAT configuration allows to set incorrect port range and invalid port 2022-01-28 ========== * :vytask:`T4184` (bug): NTP allow-clients address doesn't work it allows to use ntp server for all addresses * :vytask:`T4217` (bug): firewall: port-group requires protocol to be set - but not in VyOS 1.3 2022-01-27 ========== * :vytask:`T4213` (default): ipv6 policy routing not working anymore * :vytask:`T4188` (bug): Firewall does not correctly handle conntracking * :vytask:`T3762` (feature): Support network and address groups for policy ipv6-route * :vytask:`T3560` (feature): Ability to create groups of MAC addresses * :vytask:`T3495` (feature): Modernising port/protocol definitions 2022-01-25 ========== * :vytask:`T4205` (feature): Disable Debian Version in SSH (DebianBanner->no) * :vytask:`T4131` (bug): Show firewall group incorrect format members 2022-01-24 ========== * :vytask:`T4204` (feature): Update Accel-PPP to a newer revision * :vytask:`T1795` (default): Commit rollback by timeout 2022-01-23 ========== * :vytask:`T4186` (bug): Firewall icmp type - Offered options not supported * :vytask:`T4181` (bug): Firewall ipv6-network-group - incorrect description on helper 2022-01-22 ========== * :vytask:`T4173` (bug): Wan Load Balancing - Error on firewall NAT rules 2022-01-21 ========== * :vytask:`T4200` (bug): Assigning ipv6-name to interface is not generating nftables rules * :vytask:`T4144` (bug): Firewall address-group - Improve error messages * :vytask:`T4137` (bug): Firewall group configuration allows to set incorrect port range and invalid port * :vytask:`T4133` (bug): Firewall network group error with zone-based firewall rules 2022-01-20 ========== * :vytask:`T4171` (bug): Interface config migration error on 1.2.8 -> 1.4 upgrade 2022-01-19 ========== * :vytask:`T4195` (feature): [OSPF-ECMP]enable set maximun-path 2022-01-18 ========== * :vytask:`T4159` (bug): Empty firewall group (address, network & port) generates invalid nftables config, commit fails * :vytask:`T4155` (bug): PBR: `set table main` fails in `firewall.py` with newer rolling releases * :vytask:`T3873` (feature): Zone based Firewall - Filter traffic in same zone * :vytask:`T3286` (feature): Switch the firewall from iptables to nftables * :vytask:`T292` (feature): [ZBF] Allow filtering intra zone traffic 2022-01-17 ========== * :vytask:`T3164` (bug): console-server ssh does not work with RADIUS PAM auth 2022-01-15 ========== * :vytask:`T4183` (feature): IPv6 link-local address not accepted as wireguard peer * :vytask:`T4150` (bug): VRRP with conntrack-sync does not work * :vytask:`T4110` (feature): [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0 2022-01-14 ========== * :vytask:`T4182` (bug): Show vrrp if vrrp not configured bug * :vytask:`T4179` (feature): Add op-mode CLI for show high-availability virtual-server 2022-01-13 ========== * :vytask:`T4175` (bug): BGP configuration failed * :vytask:`T4109` (feature): Extend high-availability/keepalived for support virtual-server lb 2022-01-12 ========== * :vytask:`T4174` (bug): Validation fails when entering port range with upper port 65535 * :vytask:`T4162` (bug): VPN ipsec ike-group - Incorrect value help for ikev2-reauth * :vytask:`T4161` (bug): Policy route-map - Incorrect value help for local preference * :vytask:`T4152` (bug): NHRP shortcut-target holding-time does not work 2022-01-11 ========== * :vytask:`T4149` (bug): [Firewall-IPV6] Error delete Fw rules on VIF/INT * :vytask:`T3950` (bug): CLI backtrace on update if DNS not defined * :vytask:`T4166` (bug): Debug output missing when frr.py called under vyos-configd 2022-01-10 ========== * :vytask:`T3299` (bug): Allow the web proxy service to listen on all IP addresses * :vytask:`T3115` (feature): Add support for firewall on L3 VIF bridge interface 2022-01-09 ========== * :vytask:`T4142` (bug): Input ifbX interfaces not displayed in op-mode * :vytask:`T3914` (bug): VRRP rfc3768-compatibility doesn't work with unicast peers 2022-01-08 ========== * :vytask:`T4116` (bug): Webproxy/Squid not working with IPv6 listen-address 2022-01-07 ========== * :vytask:`T3924` (bug): VRRP stops working with VRF 2022-01-06 ========== * :vytask:`T4135` (bug): Declare zone policy firewall without local zone errors * :vytask:`T4130` (bug): Firewall state policy errors chain * :vytask:`T4141` (bug): Set high-availability vrrp sync-group without members error 2022-01-04 ========== * :vytask:`T4134` (bug): Incorrect firewall protocol completion help uppercase and duplicates * :vytask:`T4132` (bug): Impossible to show a specific firewall group 2022-01-03 ========== * :vytask:`T4126` (feature): Ability to set priority to site to site IPSec vpn tunnels * :vytask:`T4052` (bug): Validator return traceback on VRRP configuration with the script path not in config dir * :vytask:`T4128` (bug): keepalived: Upgrade package to add VRF support 2021-12-31 ========== * :vytask:`T4081` (bug): VRRP health-check script stops working when setting up a sync group 2021-12-30 ========== * :vytask:`T4124` (feature): snmp: migrate to get_config_dict() 2021-12-29 ========== * :vytask:`T4111` (bug): IPSec generates wrong configuration colons for IPv6 peers * :vytask:`T4023` (feature): Add grepcidr or similar functionality * :vytask:`T4086` (default): system login banner is not removed on deletion. 2021-12-28 ========== * :vytask:`T3380` (bug): "show vpn ike sa" does not display IPv6 peers 2021-12-27 ========== * :vytask:`T3979` (bug): vyos-hostd unable to hostfile-update * :vytask:`T2566` (bug): sstp not able to run tunnels ipv6 only * :vytask:`T4093` (bug): SNMPv3 snmpd.conf generation bug * :vytask:`T2764` (enhancment): Increase maximum number of NAT rules 2021-12-26 ========== * :vytask:`T4104` (bug): RAID1: "add raid md0 member sda1" does not restore boot sector * :vytask:`T4108` (default): OSPFv3: add support for auto-cost parameter * :vytask:`T4107` (default): OSPFv3: add support for "default-information originate" 2021-12-25 ========== * :vytask:`T4101` (bug): commit-archive: Use of uninitialized value $source_address in concatenation * :vytask:`T4099` (feature): flow-accounting: sync "source-ip" and "source-address" between netflow and sflow ion CLI * :vytask:`T4097` (feature): flow-accounting: migrate implementation to get_config_dict() * :vytask:`T4105` (feature): flow-accounting: drop "sflow agent-address auto" * :vytask:`T4106` (feature): flow-accounting: support specification of capture packet lenght * :vytask:`T4102` (feature): OSPFv3: add support for NSSA area-type * :vytask:`T4055` (feature): Add VRF support for HTTP(S) API service 2021-12-24 ========== * :vytask:`T3854` (bug): Missing op-mode commands for conntrack-sync 2021-12-23 ========== * :vytask:`T3354` (default): Convert strip-private script from Perl to Python 2021-12-22 ========== * :vytask:`T3678` (bug): VyOS 1.4: Invalid error message while deleting ipsec vpn configuration * :vytask:`T3356` (feature): Script for remote file transfers 2021-12-21 ========== * :vytask:`T4083` (bug): Cluster heartbeat doesn't start b.c lack of directory /run/heartbeat/ * :vytask:`T4070` (bug): NATv4 : inbound-interface type "any" is missing. * :vytask:`T4053` (bug): VRRP impossible to set scripts out of the /config directory * :vytask:`T3931` (bug): SSTP doesn't work after rewriting to PKI 2021-12-20 ========== * :vytask:`T4088` (default): Fix typo in login banner 2021-12-19 ========== * :vytask:`T3912` (default): Use a more informative default post-login banner 2021-12-17 ========== * :vytask:`T4059` (bug): VRRP sync-group transition script does not persist after reboot 2021-12-16 ========== * :vytask:`T4046` (feature): Sflow - Add Source address parameter * :vytask:`T3556` (bug): Commit-archive via scp causes 100% CPU on boot * :vytask:`T4076` (enhancment): Allow setting CORS options in HTTP API * :vytask:`T4037` (default): HTTP transfers do not follow redirects * :vytask:`T4029` (default): Broken SFTP uploads 2021-12-15 ========== * :vytask:`T4077` (bug): op-mode: bfd: drop "show protocols bfd" in favour of "show bfd" * :vytask:`T4073` (bug): "show protocols bfd peer <>" shows incorrect peer information. 2021-12-14 ========== * :vytask:`T4071` (feature): Allow HTTP API to bind to unix domain socket 2021-12-12 ========== * :vytask:`T4069` (feature): BGP: add additional available parameters to VyOS CLI * :vytask:`T4036` (bug): VXLAN incorrect raiseError if set multicast network instead of singe address 2021-12-10 ========== * :vytask:`T4068` (feature): Python: ConfigError should insert line breaks into the error message 2021-12-09 ========== * :vytask:`T4033` (bug): VRRP - Error security when setting scripts * :vytask:`T4064` (bug): IP address for vif is not removed from the system when deleted in configuration * :vytask:`T4060` (enhancment): Extend configquery for use before boot configuration is complete * :vytask:`T4058` (bug): BFD: add BGP and OSPF "bfd profile" support * :vytask:`T4054` (bug): BFD profiles configuration incorrect behavior. 2021-12-07 ========== * :vytask:`T4041` (servicerequest): "transition-script" doesn't work on "sync-group" 2021-12-06 ========== * :vytask:`T4012` (feature): Add VRF support for TFTP 2021-12-04 ========== * :vytask:`T4049` (feature): support command-style output with compare command * :vytask:`T4047` (bug): Wrong regex validation in XML definitions * :vytask:`T4042` (bug): BGP L2VPN / EVPN and RD type 0 set * :vytask:`T4048` (bug): BGP: L2VPN/EVPN and individual RD and RT settings for each VNI * :vytask:`T4045` (bug): Unable to "format disk like " * :vytask:`T4044` (feature): BFD: add vrf support * :vytask:`T4043` (feature): BFD: add support for passive mode 2021-12-02 ========== * :vytask:`T4035` (bug): Geneve interfaces aren't displayed by operational mode commands 2021-12-01 ========== * :vytask:`T3695` (bug): OpenConnect reports commit success when ocserv fails to start due to SSL cert/key file issues 2021-11-30 ========== * :vytask:`T4010` (bug): DMVPN generates incorrect configuration life_time for swanctl.conf * :vytask:`T3725` (feature): show configuration in json format 2021-11-29 ========== * :vytask:`T3946` (enhancment): Automatically resize the root partition if the drive has extra space 2021-11-28 ========== * :vytask:`T3999` (bug): show lldp neighbor Traceback error * :vytask:`T3928` (feature): Add OSPFv3 VRF support 2021-11-27 ========== * :vytask:`T3755` (feature): ospf: adjust to new FRR 8 syntax where "no passive-interface " moved to interface section * :vytask:`T3753` (feature): frr: upgrade to stable/8.1 release train 2021-11-26 ========== * :vytask:`T3978` (bug): containers add network without declaring prefix raise ConfigError 2021-11-25 ========== * :vytask:`T4006` (default): Add additional Linux capabilities to container configuration * :vytask:`T3986` (bug): Incorrect description for vpn ipsec site-to-site authentication and connection 2021-11-24 ========== * :vytask:`T4015` (feature): Update Accel-PPP to a newer revision * :vytask:`T3865` (bug): loadkey command help text missing escape sequence * :vytask:`T1083` (feature): Implement persistent/random address and port mapping options for NAT rules 2021-11-23 ========== * :vytask:`T3990` (bug): WATCHFRR: crashlog and per-thread log buffering unavailable (due to files left behind in /var/tmp/frr/ after reboot) 2021-11-20 ========== * :vytask:`T3998` (bug): route-target completion incorrect description 2021-11-19 ========== * :vytask:`T4003` (bug): API for "show interfaces ethernet" does not include the interface description * :vytask:`T4011` (bug): ethernet: deleting interface should place interface in admin down state 2021-11-18 ========== * :vytask:`T3612` (bug): IPoE Server address pool issues. * :vytask:`T3995` (feature): OpenVPN: do not stop/start service on configuration change * :vytask:`T3680` (bug): Static routes with dhcp-interface are flaky * :vytask:`T4008` (feature): dhcp: change client retry interval form 300 -> 60 seconds * :vytask:`T3795` (bug): WWAN: issues with non connected interface / no signal * :vytask:`T3510` (bug): RADIUS usersname is not shown on CLI 2021-11-17 ========== * :vytask:`T3350` (bug): OpenVPN config file generation broken * :vytask:`T3996` (bug): SNMP service error in log 2021-11-15 ========== * :vytask:`T3994` (bug): VRF: unable to delete vrf when name contains numbers, hyphen or underscore * :vytask:`T3960` (bug): FRR Misconfig when using multiple VRF VNI * :vytask:`T3724` (feature): Allow setting host-name in l2tp section of accel-ppp * :vytask:`T645` (feature): Allow multiple prefixes in ipsec tunnel 2021-11-10 ========== * :vytask:`T3966` (default): OpenVPN fix the smoketests * :vytask:`T3834` (default): [OPENVPN] Support for Two Factor Authentication totp. * :vytask:`T3982` (bug): DHCP server commit fails if static-mapping contains + or . 2021-11-09 ========== * :vytask:`T3962` (bug): Image cannot be built without open-vm-tools 2021-11-07 ========== * :vytask:`T3626` (bug): Configuring and disabling DHCP Server 2021-11-06 ========== * :vytask:`T3514` (bug): NIC flap at any interface change 2021-11-05 ========== * :vytask:`T3972` (bug): Removing vif-c interface raises KeyError 2021-11-04 ========== * :vytask:`T3969` (bug): Container incorrect raiseError format if network doesn't exist * :vytask:`T3662` (bug): Container configuration upgrade destroys system * :vytask:`T3964` (bug): SSTP: local-user static-ip CLI node accepts invalid IPv4 addresses 2021-11-03 ========== * :vytask:`T3952` (default): Add sh bgp ipv4/ipv6 vpn command * :vytask:`T3610` (bug): DHCP-Server creation for not primary IP address fails 2021-11-01 ========== * :vytask:`T3958` (default): OpenVPN breaks the smoketests * :vytask:`T3956` (bug): GRE tunnel - unable to move from source-interface to source-address, commit error 2021-10-31 ========== * :vytask:`T3945` (feature): Add route-map for bgp aggregate-address * :vytask:`T3954` (bug): FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error * :vytask:`T3943` (bug): "netflow source-ip" prevents image upgrades if IP address does not exist locally 2021-10-29 ========== * :vytask:`T3942` (feature): Generate IPSec debug archive from op-mode 2021-10-28 ========== * :vytask:`T3951` (bug): After resetting vti ipsec tunnel old child SA still active * :vytask:`T3941` (bug): "show vpn ipsec sa" shows established time of parent SA not child SA's * :vytask:`T3916` (feature): Add additional Linux capabilities to container configuration 2021-10-27 ========== * :vytask:`T3944` (bug): VRRP fails over when adding new group to master 2021-10-22 ========== * :vytask:`T3897` (feature): Dynamic DNS doesn't work with IPv6 addresses * :vytask:`T3832` (feature): Allow to set DHCP client-id in hexadecimal format * :vytask:`T3188` (bug): Tunnel local-ip to dhcp-interface Change Fails to Update * :vytask:`T3917` (default): Use Avahi as mDNS repeater for IPv6 support 2021-10-21 ========== * :vytask:`T3926` (bug): strip-private does not sanitize "cisco-authentication" from NHRP configuration * :vytask:`T3925` (feature): Tunnel: dhcp-interface not implemented - use source-interface instead * :vytask:`T3923` (feature): Kernel: Enable TLS/IPSec offload support for Mellanox ConnectX NICs * :vytask:`T3927` (feature): Kernel: Enable kernel support for HW offload of the TLS protocol 2021-10-20 ========== * :vytask:`T3918` (bug): DHCPv6 prefix delegation incorrect verify error * :vytask:`T3921` (bug): tunnel: KeyError when using dhcp-interface 2021-10-19 ========== * :vytask:`T3396` (bug): syslog can't be configured with an ipv6 literal destination in 1.2.x 2021-10-18 ========== * :vytask:`T3002` (default): VRRP change on IPSec interface causes packet routing issues 2021-10-17 ========== * :vytask:`T3786` (bug): GRE tunnel source address 0.0.0.0 error * :vytask:`T3217` (default): Save FRR configuration on each commit * :vytask:`T3381` (bug): Change GRE tunnel failed * :vytask:`T3254` (bug): Dynamic DNS status shows incorrect last update time * :vytask:`T1243` (bug): BGP local-as accept wrong values * :vytask:`T697` (bug): Clean up and sanitize package dependencies * :vytask:`T578` (feature): Support Linux Container 2021-10-16 ========== * :vytask:`T3879` (bug): GPG key verification fails when upgrading from a 1.3 beta version 2021-10-15 ========== * :vytask:`T3748` (bug): Container deletion bug * :vytask:`T3693` (feature): ISIS Route redistribution ipv6 support missing * :vytask:`T3676` (feature): Container option to add Linux capabilities * :vytask:`T3613` (feature): Selectors for route-based IPsec tunnel (vti) * :vytask:`T3692` (bug): VyOS build failing due to repo.saltstack.com * :vytask:`T3673` (feature): BGP large-community del operation missing 2021-10-14 ========== * :vytask:`T3811` (bug): NAT (op_mode): NAT op_mode command fails. * :vytask:`T3801` (feature): containers: do not use podman CLI to create container networks 2021-10-13 ========== * :vytask:`T3904` (bug): NTP pool associations silently fail * :vytask:`T3277` (feature): DNS Forwarding - reverse zones 2021-10-12 ========== * :vytask:`T3216` (bug): Removal of restricted-shell broke configure mode for RADIUS users * :vytask:`T3881` (bug): Wrong description for container section restart * :vytask:`T3868` (bug): Regex and/or wildcard not accepted with large-community-list * :vytask:`T3701` (bug): ipoe server fails to start when configuring radius dynamic-author on ipoe 2021-10-10 ========== * :vytask:`T3750` (bug): pdns-recursor 4.4 issue with dont-query and private DNS servers * :vytask:`T3885` (default): dhcpv6-pd: randomly generated DUID is not persisted * :vytask:`T3899` (enhancment): Add support for hd44780 LCD displays 2021-10-09 ========== * :vytask:`T3894` (bug): Tunnel Commit Failed if system does not have `eth0` 2021-10-08 ========== * :vytask:`T3893` (bug): MGRE Tunnel commit crash If sit tunnel available 2021-10-05 ========== * :vytask:`T3741` (feature): [BGP] default no-ipv4-unicast - by default 2021-10-04 ========== * :vytask:`T3888` (bug): Incorrect warning when poweroff command executed from configure mode. * :vytask:`T3890` (feature): dhcp(v6): provide op-mode commands to retrieve both server and client logfiles * :vytask:`T3889` (feature): Migrate to journalctl when reading daemon logs 2021-10-03 ========== * :vytask:`T3880` (bug): EFI boot shows error on display 2021-10-02 ========== * :vytask:`T3882` (feature): Upgrade PowerDNs recursor to 4.5 series * :vytask:`T3883` (bug): VRF - Delette vrf config on interface 2021-09-30 ========== * :vytask:`T3874` (bug): D-Link Ethernet Interface not working. * :vytask:`T3869` (default): Rewrite vyatta_net_name/vyatta_interface_rescan in Python 2021-09-28 ========== * :vytask:`T3853` (default): nat66 rules gets deleted on reboot in 1.4-rolling-202109240217 2021-09-27 ========== * :vytask:`T3863` (default): nat66: commit fails/hangs on non existing interface 2021-09-26 ========== * :vytask:`T3860` (bug): Error on pppoe, tunnel and wireguard interfaces for IPv6 EUI64 addresses * :vytask:`T3857` (feature): reboot: send wall message to all users for information * :vytask:`T3867` (bug): vxlan: multicast group address is not validated * :vytask:`T3859` (bug): Add "log-adjacency-changes" to ospfv3 process * :vytask:`T3826` (bug): PKI: op-mode - do input validation when listing certificates 2021-09-25 ========== * :vytask:`T3657` (default): BGP neighbors ipv6 not able to establish with IPv6 link-local addresses 2021-09-23 ========== * :vytask:`T3850` (bug): Dots are no longer allowed in SSH public key names 2021-09-21 ========== * :vytask:`T3847` (feature): keepalived/vrrp: migrate to get_config_dict() - cleanup 2021-09-20 ========== * :vytask:`T3823` (bug): strip-private does not filter public IPv6 addresses 2021-09-19 ========== * :vytask:`T3841` (feature): dhcp-server: add ping-check option to CLI * :vytask:`T2738` (bug): Modifying configuration in the "interfaces" section from VRRP transition scripts causes configuration lockup and high CPU utilization * :vytask:`T3840` (feature): dns forwarding: Cache size should allow values > 10k * :vytask:`T3672` (bug): DHCP-FO with multiple subnets results in invalid/non-functioning dhcpd.conf configuration file output 2021-09-18 ========== * :vytask:`T3831` (bug): External traffic stops routing when IPSEC tunnel comes up with interface vti0 * :vytask:`T1968` (default): Allow multiple static routes in dhcp-server * :vytask:`T3838` (feature): dhcp-server - sync cli for name-servers to other subsystems * :vytask:`T3839` (feature): dhcp-server: Allow configuration of a DNS server and domain name on the shared-network level 2021-09-17 ========== * :vytask:`T3830` (bug): ipsec: remote-id no longer included in IKE AUTH if not explicitly specified 2021-09-11 ========== * :vytask:`T3402` (feature): Add VyOS programming library for operational level commands * :vytask:`T3275` (default): Disable conntrack helpers by default 2021-09-10 ========== * :vytask:`T3802` (bug): Commit fails if ethernet interface doesn't support flow control * :vytask:`T3819` (bug): Upgrade Salt Stack 3002.3 -> 3003 release train * :vytask:`T915` (feature): MPLS Support 2021-09-09 ========== * :vytask:`T3812` (bug): Vyos and frr route-map config out of sync * :vytask:`T3814` (bug): wireguard: commit error showing incorrect peer name from the configured name * :vytask:`T3805` (bug): OpenVPN insufficient privileges for rtnetlink when closing TUN/TAP interface * :vytask:`T3815` (bug): pki : the file command 'generate pki wireguard key-pair file' is not working 2021-09-07 ========== * :vytask:`T1894` (bug): FRR config not loaded after daemons segfault or restart * :vytask:`T3807` (bug): Op Command "show interfaces wireguard" does not show the output 2021-09-06 ========== * :vytask:`T3806` (bug): Don't set link local ipv6 address if MTU less then 1280 * :vytask:`T3803` (default): Add source-address option to the ping CLI * :vytask:`T3431` (bug): Show version all bug * :vytask:`T2920` (bug): Commit crash when adding the second mGRE tunnel with the same key 2021-09-05 ========== * :vytask:`T3804` (feature): cli: Migrate and merge "system name-servers-dhcp" into "system name-server" 2021-09-04 ========== * :vytask:`T3619` (bug): Performance Degradation 1.2 --> 1.3 | High ksoftirqd CPU usage 2021-09-03 ========== * :vytask:`T3788` (bug): Keys are not allowed with ipip and sit tunnels * :vytask:`T3634` (feature): Add op command option for ping for do not fragment bit to be set * :vytask:`T3798` (feature): bgp: add support for "neighbor local-as replace-as" option 2021-09-02 ========== * :vytask:`T3792` (bug): login: A hypen present in a username from "system login user" is replaced by an underscore * :vytask:`T3790` (bug): Does not possible to configure PPTP static ip-address to users * :vytask:`T2947` (bug): Nat translation many-many with prefix does not map 1-1. 2021-08-31 ========== * :vytask:`T3789` (feature): Add custom validator for base64 encoded CLI data * :vytask:`T3782` (default): Ingress Shaping with IFB No Longer Functional with 1.3 2021-08-30 ========== * :vytask:`T3768` (default): Remove early syntaxVersion implementation * :vytask:`T2941` (default): Using a non-ASCII character in the description field causes UnicodeDecodeError in configsource.py * :vytask:`T3787` (bug): Remove deprecated UDP fragmentation offloading option 2021-08-29 ========== * :vytask:`T3708` (bug): isisd and gre-bridge commit error * :vytask:`T3783` (bug): "set protocols isis spf-delay-ietf" is not working * :vytask:`T2750` (default): Use m4 as a template processor 2021-08-28 ========== * :vytask:`T3743` (bug): l2tp doesn't work after reboot if outside-address not 0.0.0.0 2021-08-27 ========== * :vytask:`T3182` (bug): Main blocker Task for FRR 7.4/7.5 series update * :vytask:`T3568` (feature): Add XML for firewall conf-mode * :vytask:`T2108` (default): Use minisign/signify instead of GPG for release signing 2021-08-26 ========== * :vytask:`T3776` (default): Rename FRR daemon restart op-mode commands * :vytask:`T3739` (feature): policy: route-map: add EVPN match support 2021-08-25 ========== * :vytask:`T3773` (bug): Delete the "show system integrity" command (to prepare for a re-implementation) * :vytask:`T3775` (bug): Typo in generated Strongswan VPN-config 2021-08-24 ========== * :vytask:`T3772` (bug): VRRP virtual interfaces are not shown in show interfaces 2021-08-23 ========== * :vytask:`T3769` (feature): Containers: Network Bridging 2021-08-22 ========== * :vytask:`T3090` (feature): Move 'adjust-mss' firewall options to the interface section. * :vytask:`T3765` (default): container: additional op-mode commands 2021-08-20 ========== * :vytask:`T1950` (default): Store VyOS configuration syntax version data in JSON file 2021-08-19 ========== * :vytask:`T3751` (bug): pki generate ca add new line after passphrase * :vytask:`T3764` (bug): Unconfigurable IKE and ESP lifetime * :vytask:`T3234` (bug): multi_to_list fails in certain cases, with root cause an element redundancy in XML interface-definitions * :vytask:`T3732` (feature): override-default helper should support adding defaultValues to default less nodes * :vytask:`T3759` (default): [L3VPN] VPNv4/VPNv6 add commands 2021-08-18 ========== * :vytask:`T3752` (bug): generate pki certificate file xxx doesn't touch file 2021-08-16 ========== * :vytask:`T3738` (default): openvpn fails if server and authentication are configured * :vytask:`T1594` (bug): l2tpv3 error on IPv6 local-ip 2021-08-15 ========== * :vytask:`T3756` (default): VyOS generates invalid QR code for wireguard clients * :vytask:`T3757` (default): OSPF: add support to configure the area at an interface level 2021-08-14 ========== * :vytask:`T3745` (feature): op-mode IPSec show vpn ipse sa sorting 2021-08-13 ========== * :vytask:`T3749` (bug): V4/V6 Counters in network container validation aren't being reset * :vytask:`T3728` (bug): FRR not respect configured RD and RT for L3VNI * :vytask:`T3727` (bug): VPN IPsec ESP proposal and ESP presented in config missmatch * :vytask:`T3740` (bug): HTTPs API breaks when the address is IPv6 2021-08-12 ========== * :vytask:`T3731` (bug): verify_accel_ppp_base_service return wrong config error for SSP * :vytask:`T3405` (feature): PPPoE server unit-cache * :vytask:`T2432` (default): dhcpd: Can't create new lease file: Permission denied * :vytask:`T3746` (feature): Inform users logging into the system about a pending reboot * :vytask:`T3744` (default): Dns forwarding statistics formatting missing a new line 2021-08-11 ========== * :vytask:`T3709` (feature): Snmp: Allow enable MIDs/OIDs ipCidrRouteTable 2021-08-09 ========== * :vytask:`T3720` (bug): IPSec set vti secondary address cause interface disable 2021-08-08 ========== * :vytask:`T3705` (bug): IPSec: VTI interface does not honor default-esp-group * :vytask:`T2027` (bug): get_config_dict is failing when the configuration section is empty/missing 2021-08-05 ========== * :vytask:`T3719` (bug): Restart vpn shows some missed files 2021-08-04 ========== * :vytask:`T3704` (feature): Add ability to interact with Areca RAID adapers * :vytask:`T3718` (bug): VPN IPsec IKE group by default not use DH-group 2 2021-08-02 ========== * :vytask:`T3601` (default): Error in ssh keys for vmware cloud-init if ssh keys is left empty. 2021-08-01 ========== * :vytask:`T3707` (bug): Ping incorrect ip host checks 2021-07-31 ========== * :vytask:`T3716` (feature): Linux kernel parameters ignore_routes_with_link_down- ignore disconnected routing connections 2021-07-30 ========== * :vytask:`T1176` (default): FRR - BGP replicating routes * :vytask:`T1210` (feature): About IKEv2 IPSec VPN remote access 2021-07-23 ========== * :vytask:`T3699` (bug): login: verify selected "system login user" name is not already used by the base system. * :vytask:`T3698` (default): Support bridge monitoring 2021-07-13 ========== * :vytask:`T3679` (default): Point the unexpected exception message link to the new rolling release location 2021-07-11 ========== * :vytask:`T3665` (bug): Missing VRF support for VxLAN but already documented 2021-07-10 ========== * :vytask:`T3636` (feature): SSTP / L2TP ipv6 support broken 2021-07-09 ========== * :vytask:`T3667` (bug): brctl is damaged 2021-07-06 ========== * :vytask:`T3660` (feature): Conntrack-Sync configuration command to specify destination udp port for peer 2021-07-03 ========== * :vytask:`T57` (enhancment): Make it possible to disable the entire IPsec peer 2021-07-01 ========== * :vytask:`T3658` (feature): Add support for dhcpdv6 fixed-prefix6 * :vytask:`T2035` (bug): Executing vyos-smoketest multiple times makes ssh test fail on execution 2021-06-29 ========== * :vytask:`T3593` (bug): PPPoE server called-sid format does not work * :vytask:`T1441` (feature): Add support for IPSec XFRM interfaces 2021-06-25 ========== * :vytask:`T3641` (feature): Upgrade base system from Debian Buster -> Debian Bullseye * :vytask:`T3649` (feature): Add bonding additional hash-policy 2021-06-23 ========== * :vytask:`T3647` (feature): Bullseye: gcc defaults to passing --as-needed to linker 2021-06-22 ========== * :vytask:`T3629` (bug): IPoE server shifting address in the range * :vytask:`T3645` (feature): Bullseye: ethtool changed output for ring-buffer information 2021-06-21 ========== * :vytask:`T3563` (default): commit-archive breaks with IPv6 source addresses 2021-06-20 ========== * :vytask:`T3637` (bug): vrf: bind-to-all didn't work properly * :vytask:`T3639` (default): GCC preprocessor clobbers C comments 2021-06-19 ========== * :vytask:`T3633` (feature): Add LRO offload for interface ethernet 2021-06-18 ========== * :vytask:`T3599` (default): Migrate NHRP to XML/Python 2021-06-17 ========== * :vytask:`T3624` (feature): BGP: add support for extended community bandwidth definition 2021-06-16 ========== * :vytask:`T3623` (default): Fix for dummy interface option in the operational command "clear interfaces dummy" * :vytask:`T3630` (feature): op-mode: add "show version kernel" command 2021-06-13 ========== * :vytask:`T3620` (feature): Rename WWAN interface from wirelessmodem to wwan to use QMI interface * :vytask:`T2173` (feature): Add the ability to use VRF on VTI interfaces * :vytask:`T3622` (feature): WWAN: add support for APN authentication * :vytask:`T3606` (bug): SNMP unknown notification OID * :vytask:`T3621` (bug): PPPoE interface does not validate if password is supplied when username is set 2021-06-12 ========== * :vytask:`T3611` (bug): WWAN interface (MC7710) no longer works on Kernel 5.10 * :vytask:`T1534` (bug): IPSec w/ IKEv2 Invalid local-address "any" * :vytask:`T3616` (bug): Update to FastAPI causes regression in vyos-http-api-server 2021-06-11 ========== * :vytask:`T3614` (bug): Container network name with hyphen fail 2021-06-10 ========== * :vytask:`T3250` (bug): PPPoE server: wrong local usernames * :vytask:`T3138` (bug): ddclient improperly updated when apply rfc2136 config * :vytask:`T2645` (default): Editing route-map action requires adding a new rule 2021-06-08 ========== * :vytask:`T3605` (default): Allow to set prefer-global for ipv6-next-hop * :vytask:`T3607` (feature): [route-map] set ipv6 next-hop prefer-global * :vytask:`T3289` (bug): No description for node "service" conf-mode 2021-06-07 ========== * :vytask:`T3461` (bug): OpenConnect Server redundancy check * :vytask:`T3455` (bug): system users can not be added in "edit" * :vytask:`T3588` (default): IPSec: migrate no longer available options from CLI which are now hardcoded/enabled in strongSwan 2021-06-06 ========== * :vytask:`T842` (feature): Adopt VyOS CLI to latest StrongSwan options and deprecated Keywords 2021-06-04 ========== * :vytask:`T3595` (default): Cannot create new VTI interface * :vytask:`T3592` (feature): Set default TTL 64 for tunnels 2021-06-03 ========== * :vytask:`T3384` (feature): Support UDP bandwidth testing 2021-06-02 ========== * :vytask:`T3233` (bug): Interface redirect to dum0 2021-06-01 ========== * :vytask:`T3585` (default): Fix NHRP module for updated interfaces tunnel syntax * :vytask:`T3594` (bug): Disable by default service strongswan-starter 2021-05-30 ========== * :vytask:`T3518` (bug): Warning messages when using SCP commit-archive * :vytask:`T3093` (default): Add xml for vpn ipsec * :vytask:`T1866` (bug): Commit archive over SFTP doesn't work with non-standard ports * :vytask:`T3590` (feature): bgp: add option for limiting maximum number of prefixes to be sent to a peer * :vytask:`T3589` (feature): op-mode: support clearing out logfiles from CLI * :vytask:`T2641` (feature): Rewrite vpn ipsec OP commands in new style XML syntax * :vytask:`T3351` (feature): Installer checking MD5 checksums on the ISO image 2021-05-29 ========== * :vytask:`T1944` (bug): FRR: Invalid route in BGP causes update storm, memory leak, and failure of Zebra * :vytask:`T1888` (feature): Update to StrongSwan 5.9.1 2021-05-27 ========== * :vytask:`T3561` (feature): router-advert: support advertising specific routes * :vytask:`T2669` (bug): DHCP-server overlapping ranges. 2021-05-26 ========== * :vytask:`T3540` (bug): Keepalived memory utilisation issue when constantly getting its state in JSON format 2021-05-24 ========== * :vytask:`T3575` (bug): pseudo-ethernet: must check source-interface MTU * :vytask:`T3571` (bug): Broken Show Tab Complete * :vytask:`T3555` (bug): GRE TAP tunnel does not silent fragment packets / kernel fix available * :vytask:`T3576` (bug): ISIS does not support IPV6 2021-05-23 ========== * :vytask:`T3570` (default): Prevent setting of a larger MTU on child interfaces * :vytask:`T3573` (bug): as-path-prepend Description Invalid * :vytask:`T3572` (feature): Basic Drive Diagnostic Tools 2021-05-22 ========== * :vytask:`T3564` (default): Multiple BGP Confederation Peers Not Allowed 2021-05-21 ========== * :vytask:`T3551` (bug): QoS control failure of VLAN sub interface 2021-05-20 ========== * :vytask:`T3554` (feature): Add area-type stub for ospfv3 * :vytask:`T3565` (feature): sysctl: rewrite in XML and Python and drop from vyatta-cfg-system 2021-05-19 ========== * :vytask:`T3562` (feature): Update Accel-PPP to a newer revision * :vytask:`T3559` (feature): Add restart op-command for OpenConnect Server 2021-05-18 ========== * :vytask:`T3525` (default): VMWare resume script syntax errors 2021-05-15 ========== * :vytask:`T3549` (bug): DHCPv6 "service dhcpv6-server global-parameters name-server" is not correctly exported to dhcpdv6.conf when multiple name-server entries are present * :vytask:`T3532` (bug): Not possible to change ethertype after interface creation * :vytask:`T3550` (bug): Router-advert completion typo * :vytask:`T3547` (feature): conntrackd: remove deprecated config options * :vytask:`T3535` (feature): Rewrite vyatta-conntrack-sync in new XML and Python flavor 2021-05-14 ========== * :vytask:`T3346` (bug): nat 4-to-5 migration script fails when a 'source' or 'destination' node exists but there are no rules * :vytask:`T3248` (default): Deal with VRRP mode-force command that exists in 1.2 but not in 1.3 * :vytask:`T3426` (default): add support for script arguments to vyos-configd 2021-05-13 ========== * :vytask:`T3539` (bug): Typo in RPKI interface definition * :vytask:`T439` (feature): local PBR support * :vytask:`T3544` (feature): DHCP server should validate configuration before applying it * :vytask:`T3543` (feature): Support for setting lacp_rate on LACP bonded interfaces 2021-05-12 ========== * :vytask:`T3302` (default): Make vyos-configd relay stdout from scripts to the user's console * :vytask:`T3542` (bug): udev net.rules not installed in image since may 2nd 2021-05-10 ========== * :vytask:`T3374` (bug): IPv6 GRE Tunnel issues 2021-05-09 ========== * :vytask:`T3530` (bug): BGP peer-group can't contain a hyphen 2021-05-06 ========== * :vytask:`T3523` (bug): VRF BGP daemon route-map command missing * :vytask:`T3519` (bug): Cannot add / assign L2TPv3 to vrf 2021-05-05 ========== * :vytask:`T3520` (bug): Cannot add tunnel interface to isis within vrf * :vytask:`T3335` (bug): Some OSPFv3 show commands do not work 2021-05-04 ========== * :vytask:`T3504` (feature): BGP Per Peer Graceful Restart 2021-05-02 ========== * :vytask:`T3511` (bug): Update libnss-mapuser and libpam-radius packages from CUMULUS Linux 2021-05-01 ========== * :vytask:`T3379` (feature): Add global-parameters name-server for dhcpv6-server * :vytask:`T3491` (default): Change Kernel HZ to 1000 2021-04-29 ========== * :vytask:`T3503` (bug): "route-reflector-client" fails when "remote-as" is "internal" * :vytask:`T3502` (bug): "system ip multipath layer4-hashing" doesn't work 2021-04-28 ========== * :vytask:`T3473` (bug): IPSec op-mode show sa error 2021-04-27 ========== * :vytask:`T2946` (bug): Calling 'stty_size' causes show interfaces API to fail 2021-04-25 ========== * :vytask:`T3490` (bug): priority inversion on PBR "policy route" create, breaks default route from dhcp (live iso) * :vytask:`T3468` (bug): Tunnel interfaces aren't suggested as being available for bridging (regression) * :vytask:`T3497` (bug): Prefix list with rule containing only action is not detected as error during parse * :vytask:`T3492` (bug): BGP Configuration Migration failed (badly!) from rolling 202102240218 to rolling 202104221210 * :vytask:`T1802` (feature): Wireguard QR code in cli for mobile devices 2021-04-24 ========== * :vytask:`T3472` (bug): commit-confirm script not found * :vytask:`T3439` (bug): Commit-archive location not working for scp 2021-04-23 ========== * :vytask:`T3395` (bug): WAN load-balancing fails with nexthop dhcp * :vytask:`T3290` (bug): Disabling GRE conntrack module fails 2021-04-20 ========== * :vytask:`T3488` (bug): Specifying an invalid "interface address" like dhcph leads to commit error 2021-04-18 ========== * :vytask:`T3481` (default): Exclude tag node values from key mangling * :vytask:`T3475` (bug): XML dictionary cache unable to process syntaxVersion elements 2021-04-17 ========== * :vytask:`T3470` (bug): as-override isn't applied to frr 2021-04-15 ========== * :vytask:`T3386` (bug): PPPoE-server don't start with local authentication * :vytask:`T3190` (feature): Unable to subtract value from local-preference in route-map 2021-04-14 ========== * :vytask:`T3398` (bug): Can't commit * :vytask:`T3055` (bug): op-mode incorrect naming for ipsec policy-based tunnels 2021-04-13 ========== * :vytask:`T3436` (feature): Refactoring ospf op-mode for support vrf * :vytask:`T3434` (feature): Refactoring bgp op-mode for support vrf 2021-04-12 ========== * :vytask:`T3454` (enhancment): dhclient reject option * :vytask:`T3328` (bug): Bgp not possible to delete bgp route-map 2021-04-10 ========== * :vytask:`T3460` (bug): bgp, Configuration FRR failed while commiting code 2021-04-09 ========== * :vytask:`T3464` (bug): OSPF: route-map names containing a hypen are not "found" 2021-04-08 ========== * :vytask:`T3462` (default): show ipv6 bgp -- missing * :vytask:`T3463` (bug): Prevent IPv4 Route exchange with IPv6 neighbors 2021-04-05 ========== * :vytask:`T3438` (bug): VRF: removing vif which belongs to a vrf, will delete the entire vrf from the operating system * :vytask:`T3418` (bug): BGP: system wide known interface can not be used as neighbor 2021-04-04 ========== * :vytask:`T3457` (feature): Output the "monitor log" command in a colorful way 2021-03-31 ========== * :vytask:`T3445` (bug): vyos-1x build include not all nodes 2021-03-30 ========== * :vytask:`T3448` (bug): Loading vyos on a system without xdp installed fails 2021-03-29 ========== * :vytask:`T3415` (feature): bridge: add support for isolated interfaces (private-vlan) * :vytask:`T1711` (feature): BGP - migrate from tagNode to node (remove ASN from tagNode) 2021-03-28 ========== * :vytask:`T3440` (bug): HTTP API: give uvicorn time to initialize before restarting Nginx proxy 2021-03-27 ========== * :vytask:`T3423` (bug): Cannot create ipv4 static route for default gateway in vrf 2021-03-26 ========== * :vytask:`T3412` (default): HTTP API: move to FastAPI as web framework * :vytask:`T2397` (feature): HTTP API: export OpenAPI definition 2021-03-24 ========== * :vytask:`T3419` (bug): show interfaces | strip-private fails 2021-03-22 ========== * :vytask:`T3284` (bug): merge/load fail silently if unable to resolve host 2021-03-21 ========== * :vytask:`T3417` (default): ISIS: provide per VRF instance support * :vytask:`T3416` (bug): NTP: when running inside a VRF op-mode commands do not work 2021-03-20 ========== * :vytask:`T3392` (bug): vrrp over dhcp default route bug (unexpected vrf) * :vytask:`T3373` (feature): Upgrade to SaltStack version 3002.5 * :vytask:`T3329` (default): "system conntrack ignore" rules can no longer be created due to an iptables syntax change * :vytask:`T3300` (feature): Add DHCP default route distance * :vytask:`T3306` (feature): Extend set route-map aggregator as to 4 Bytes 2021-03-18 ========== * :vytask:`T3411` (default): Extend the redirect_stdout context manager in vyos-configd to redirect stdout from subprocesses * :vytask:`T3271` (bug): qemu-kvm grub issue 2021-03-17 ========== * :vytask:`T3413` (bug): Configuring invalid IPv6 EUI64 address results in "OSError: illegal IP address string passed to inet_pton" 2021-03-14 ========== * :vytask:`T3345` (default): BGP: add per VRF instance support * :vytask:`T3344` (default): Per VRF dynamic routing support * :vytask:`T3325` (bug): Bgp listen-range wrong commit message * :vytask:`T1513` (default): Move OSPF and RIP interface configuration under protocols 2021-03-13 ========== * :vytask:`T3406` (bug): tunnel: interface no longer supports specifying encaplimit none - or migrator is missing * :vytask:`T3407` (bug): console-server: do not allow to spawn a console-server session on serial port used by "system console" 2021-03-11 ========== * :vytask:`T3305` (bug): Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot * :vytask:`T2927` (bug): isc-dhcpd release and expiry events never execute 2021-03-09 ========== * :vytask:`T3382` (bug): Error creating Console Server 2021-03-08 ========== * :vytask:`T3387` (bug): Command "Monitor vpn ipsec" is not working 2021-03-07 ========== * :vytask:`T3388` (bug): show interfaces doesn't display pppoeX * :vytask:`T3211` (feature): ability to redistribute ISIS into other routing protocols 2021-03-04 ========== * :vytask:`T3377` (bug): show interfaces throws error 2021-03-02 ========== * :vytask:`T3375` (bug): Interface becomes up at boot even when disabled 2021-02-28 ========== * :vytask:`T3370` (bug): dhcp: Invalid domain name "private" * :vytask:`T3369` (feature): VXLAN: add IPv6 underlay support * :vytask:`T3363` (bug): VyOS-Build interactive prompt when using Podman * :vytask:`T3320` (bug): Bgp neighbor peer-group without peer-group fail 2021-02-27 ========== * :vytask:`T3365` (bug): Bgp neighbor interface ordering for remote-as * :vytask:`T3225` (bug): Adding a BGP neighbor with an address on a local interface throws a vyos.frr.CommitError: Configuration FRR failed while committing code: '' * :vytask:`T3368` (feature): macsec: add support for gcm-aes-256 cipher * :vytask:`T3173` (feature): Need 'nopmtudisc' option for tunnel interface 2021-02-26 ========== * :vytask:`T3324` (bug): Bgp space in the password * :vytask:`T3357` (default): HTTP-API redirect from http correct https port * :vytask:`T3323` (bug): Bgp ttl-security and ebgp-multihop fail 2021-02-24 ========== * :vytask:`T3303` (feature): Change welcome message on boot 2021-02-22 ========== * :vytask:`T3322` (bug): Bgp neighbor timers not applyed to FRR config * :vytask:`T3327` (bug): OSPFv3: Cannot add dummy interface 2021-02-21 ========== * :vytask:`T3331` (bug): Bgp unsuppress-map should be as "value leafNode" * :vytask:`T3330` (bug): Bgp capability orf prefix-list fail * :vytask:`T3163` (feature): ethernet ring-buffer can be set with an invalid value 2021-02-19 ========== * :vytask:`T3326` (bug): OSPFv3: Cannot add L2TPv3 interface * :vytask:`T3332` (bug): BGP unnumbered - UnboundLocalError: local variable 'peer_group' referenced before assignment 2021-02-18 ========== * :vytask:`T3259` (default): many dnat rules makes the vyos http api crash, even showConfig op timeouts 2021-02-17 ========== * :vytask:`T3312` (feature): SolarFlare NICs support 2021-02-16 ========== * :vytask:`T3313` (bug): ospfv3 interface missing options * :vytask:`T3318` (feature): Update Linux Kernel to v5.4.208 / 5.10.142 2021-02-15 ========== * :vytask:`T3311` (bug): BGP Error: Remote AS must be set for neighbor or peer-group 2021-02-14 ========== * :vytask:`T2848` (feature): bgp-add-path configuration options 2021-02-12 ========== * :vytask:`T3301` (bug): Wrong format and valueHelp for policy as-path-list regex 2021-02-11 ========== * :vytask:`T3281` (default): Rewrite protocol RIPng [conf-mode] to new XML/Python style * :vytask:`T3282` (default): Add XML for [conf-mode] RIPng * :vytask:`T3279` (default): Rewrite protocol STATIC [op-mode] to new XML/Python style * :vytask:`T3297` (bug): Optimize irrelevant error stack hints 2021-02-08 ========== * :vytask:`T3295` (feature): Update Linux Kernel to v5.4.96 / 5.10.14 2021-02-05 ========== * :vytask:`T3030` (feature): Support ERSPAN Tunnel Protocol 2021-02-04 ========== * :vytask:`T3283` (feature): Support for IPv4 neigh tables * :vytask:`T3280` (default): Add XML for [conf-mode] STATIC 2021-02-03 ========== * :vytask:`T3278` (feature): Add XML for "protocols vrf" [conf-mode] * :vytask:`T3239` (default): XML: override 'defaultValue' for mtu of certain interfaces; remove workarounds * :vytask:`T2910` (feature): XML: generator should support override of variables 2021-02-02 ========== * :vytask:`T3018` (bug): Unclear behaviour when configuring vif and vif-s interfaces * :vytask:`T3255` (default): Rewrite protocol RPKI to new XML/Python style * :vytask:`T3263` (feature): OSPF Hello subsecond timer 2021-01-31 ========== * :vytask:`T3276` (feature): Update Linux Kernel to v5.4.94 / 5.10.12 2021-01-30 ========== * :vytask:`T3240` (feature): Support per-interface DHCPv6 DUIDs * :vytask:`T3273` (default): PPPoE static default-routes deleted on interface down when not added by interface up 2021-01-29 ========== * :vytask:`T3261` (bug): Does not possible to disable pppoe client interface. * :vytask:`T3272` (default): OSPF: interface config is not removed 2021-01-27 ========== * :vytask:`T3257` (feature): tcpdump supporting complete protocol * :vytask:`T3244` (default): Rewrite protocol OSPFv3 to new XML/Python style 2021-01-26 ========== * :vytask:`T3251` (bug): PPPoE client trying to authorize with the wrong username * :vytask:`T3256` (default): Add XML for protocol RPKI [conf-mode] 2021-01-25 ========== * :vytask:`T3249` (feature): Support operation mode forwarding table output 2021-01-24 ========== * :vytask:`T3227` (bug): Latest releases don't work with RPKI (crash) * :vytask:`T3230` (bug): RPKI can't be deleted * :vytask:`T3221` (bug): FRR config * :vytask:`T3245` (default): Add XML for protocol ospfv3 [conf-mode] 2021-01-23 ========== * :vytask:`T3236` (default): Add XML for [conf-mode] OSPF 2021-01-17 ========== * :vytask:`T3222` (bug): Typo in BGP dampening description * :vytask:`T3226` (bug): Repair bridge smoke test damage 2021-01-16 ========== * :vytask:`T3215` (bug): Operational command "show ipv6 route" is broken * :vytask:`T3157` (bug): salt-minion fails to start due to permission error accessing /root/.salt/minion.log * :vytask:`T3137` (feature): Let VLAN aware bridge approach the behavior of professional equipment 2021-01-15 ========== * :vytask:`T3210` (feature): ISIS three-way-handshake * :vytask:`T3184` (feature): Add correct desctiptions for BGP neighbors 2021-01-14 ========== * :vytask:`T3213` (bug): show interface command python error 2021-01-12 ========== * :vytask:`T3205` (bug): Does not possible to configure tunnel mode gre-bridge 2020-12-20 ========== * :vytask:`T3132` (feature): Enable egress flow accounting 2020-11-29 ========== * :vytask:`T2297` (feature): NTP add support for pool configuration