diff options
Diffstat (limited to 'docs/changelog/1.4.rst')
| -rw-r--r-- | docs/changelog/1.4.rst | 1235 | 
1 files changed, 1220 insertions, 15 deletions
| diff --git a/docs/changelog/1.4.rst b/docs/changelog/1.4.rst index a78af273..a1687f87 100644 --- a/docs/changelog/1.4.rst +++ b/docs/changelog/1.4.rst @@ -8,6 +8,1224 @@     _ext/releasenotes.py +2023-01-29 +========== + +* :vytask:`T4965` (default): empty description in firewall group causes configuration error on migration + + +2023-01-28 +========== + +* :vytask:`T4961` (bug): Uncaught configtree error allows ntp migration 1-to-2 to fail silentlly on config.boot.default + + +2023-01-27 +========== + +* :vytask:`T4960` (bug): Bugs in `cc_vyos.py` code (Cloud-Init) + + +2023-01-26 +========== + +* :vytask:`T4886` (feature): Firewall and Policy - Add connection mark +* :vytask:`T4957` (bug): config-mgmt should not attempt to archive config at boot +* :vytask:`T4962` (bug): Fix typo in regex in vyos.config_mgmt compare function +* :vytask:`T4912` (default): Rewrite the IGMP op mode in the new style + + +2023-01-25 +========== + +* :vytask:`T4941` (bug): Accel-ppp IPoE incompatibility with kernel 6.1 + + +2023-01-24 +========== + +* :vytask:`T4947` (feature): Support mounting container volumes as ro or rw + + +2023-01-23 +========== + +* :vytask:`T4798` (default): Migrate the file-exists validator away from Python +* :vytask:`T4683` (enhancment): Add kitty-terminfo package to build +* :vytask:`T4953` (bug): Remove convert_kwargs_to_snake_case decorator in dynamic generation of GraphQL resolvers +* :vytask:`T4875` (default): Replace Python validator 'interface-name' to avoid Python startup cost +* :vytask:`T4664` (bug): Add validation to reject whitespace in tag node value names + + +2023-01-22 +========== + +* :vytask:`T4906` (bug): ipsec connections shows only one connection as up + + +2023-01-21 +========== + +* :vytask:`T4799` (bug): PowerDNS >= 4.7 does not get reloaded by vyos-hostsd +* :vytask:`T4878` (bug): Any interface bonding changes cause interface flapping +* :vytask:`T4387` (default): Create additional smoketests for multiwan PBR & load-balanced configurations  + + +2023-01-20 +========== + +* :vytask:`T4925` (feature): Need to add the possibility to configure Pseudo-Random Functions (PRF) in IKEv2 +* :vytask:`T4551` (bug): IPsec rekeying collisions bug +* :vytask:`T4942` (feature): Rewrite vyatta-config-mgmt to Python/XML + + +2023-01-17 +========== + +* :vytask:`T4938` (bug): Interface input ifb does not work +* :vytask:`T4902` (bug): snmpd: exclude container storage from monitoring +* :vytask:`T4140` (bug): Lack of SNMP IANA mibs + + +2023-01-15 +========== + +* :vytask:`T4832` (feature): dhcp: Add IPv6-only dhcp option support (RFC 8925) +* :vytask:`T4937` (feature): ocserv: upgrade package to version 1.1.6 +* :vytask:`T4918` (bug): Odd show interface behavior +* :vytask:`T3008` (feature): Migrate from ntpd to chronyd + + +2023-01-13 +========== + +* :vytask:`T4911` (default): Rewrite the LLDP op mode in the new format +* :vytask:`T4928` (feature): Upgrade Linux Kernel to 6.1.y (2022 LTS edition) + + +2023-01-12 +========== + +* :vytask:`T4934` (bug): ospf: Fix inter-area route summarization +* :vytask:`T4929` (feature): Update Intel QAT drivers to 4.20.0-00001 + + +2023-01-10 +========== + +* :vytask:`T4880` (feature): Expose 'add/delete container image' in HTTP-API + + +2023-01-09 +========== + +* :vytask:`T4922` (feature): Add ssh-client source-interface CLI option +* :vytask:`T4524` (bug): Squid webproxy not working properly + + +2023-01-08 +========== + +* :vytask:`T4920` (bug): ospf: Fix `passive-interface default` option + + +2023-01-07 +========== + +* :vytask:`T4884` (bug): Missing a community6 in snmpd config + + +2023-01-05 +========== + +* :vytask:`T4904` (feature): Allow multiple ports for high-availability virtual-server +* :vytask:`T4789` (feature): Ability to get L2TP/PPTP/SSTP sessions info in a machine readable format +* :vytask:`T3937` (default): Rewrite "show system memory" in Python to make it usable as a library function + + +2023-01-04 +========== + +* :vytask:`T4848` (bug): Minor bug in OpenConnect server with default route +* :vytask:`T4656` (feature): Support the listen-host config field of openconnect server + + +2023-01-03 +========== + +* :vytask:`T4907` (bug):  nat source translations couldn't show metrics + + +2023-01-02 +========== + +* :vytask:`T4893` (feature): l2tp add ppp-options IPv6 interface identifier +* :vytask:`T4717` (feature): Connect to console server by name +* :vytask:`T725` (feature): Cake and FQ-PIE + + +2022-12-31 +========== + +* :vytask:`T4898` (feature): Add mtu config option for dummy interfaces + + +2022-12-30 +========== + +* :vytask:`T4834` (bug): Limit container network name to 15 characters +* :vytask:`T4901` (bug): Update Podman to v4.3.1 +* :vytask:`T4899` (bug): Podman systemd services not being installed correctly + + +2022-12-28 +========== + +* :vytask:`T4593` (feature): Upgrade strongswan to 5.9.8 + + +2022-12-26 +========== + +* :vytask:`T4511` (bug): IPv6 DNS lookup +* :vytask:`T4809` (feature): radvd: Allow use of AdvRASrcAddress + + +2022-12-25 +========== + +* :vytask:`T3579` (feature): Rewrite vyatta-conntrack in new XML and Python flavour + + +2022-12-24 +========== + +* :vytask:`T4890` (bug): show conntrack table ipv4 fail +* :vytask:`T4879` (bug): IPSec migration failed with missing remote-id +* :vytask:`T4870` (feature): Containers switch to using overlay driver for podman storage + + +2022-12-23 +========== + +* :vytask:`T4792` (feature): Add SSTP VPN client + + +2022-12-21 +========== + +* :vytask:`T4887` (bug): Schema generation from op-mode functions should set default 'false' on boolean arguments + + +2022-12-18 +========== + +* :vytask:`T4882` (bug): Missing ICMPv6 type names in firewall configuration + + +2022-12-15 +========== + +* :vytask:`T4671` (bug): linux-firmware package is missing symlinks defined in WHENCE file + + +2022-12-14 +========== + +* :vytask:`T4881` (bug): Return opmode.Error on openconnect.py show_sessions + + +2022-12-12 +========== + +* :vytask:`T4861` (feature): Openconnect restart on adding users - Aborts all active connections + + +2022-12-09 +========== + +* :vytask:`T4865` (bug): container impossible to generate local image from a file if it requires install some pkgs + + +2022-12-05 +========== + +* :vytask:`T4860` (bug): Openconnect server incorrect unconfigured check +* :vytask:`T4804` (bug): PPPoE server incorrect unconfigured check +* :vytask:`T4854` (feature): BGP-route reflector allows to apply route-maps + + +2022-12-04 +========== + +* :vytask:`T4825` (feature): interfaces veth/veth-pairs -standalone used +* :vytask:`T4805` (bug): PPPoE server does not restart service if pool was changed + + +2022-12-02 +========== + +* :vytask:`T4830` (bug): nat66 - Error in port translation rules +* :vytask:`T4859` (bug): Correct calling of config mode script dependencies from http-api.py +* :vytask:`T4820` (enhancment): Support for inter-config-mode script dependencies +* :vytask:`T4858` (bug): L3VPN- Route Distinguisher notations  +* :vytask:`T1024` (feature): Policy Based Routing by DSCP + + +2022-12-01 +========== + +* :vytask:`T4841` (feature): add fan control +* :vytask:`T4847` (bug): Correct calling of config mode script dependencies from pki.py + + +2022-11-29 +========== + +* :vytask:`T4842` (bug): Routing config broken if mpls config exists +* :vytask:`T4845` (default): Add smoketest to detect cycles in config-mode script dependency calls + + +2022-11-27 +========== + +* :vytask:`T4739` (feature): ISIS and OSPF segment routing being refactored + + +2022-11-24 +========== + +* :vytask:`T4794` (bug): show firewall name <name> - Can't use .items() on a list +* :vytask:`T4714` (feature): Delete unused ipset from the filecaps +* :vytask:`T3541` (bug): Route Map large community set additive is missing + + +2022-11-23 +========== + +* :vytask:`T4836` (feature): Kernel: enable new features like switchdev, ESP in TCP and HSR +* :vytask:`T4835` (bug): SNMPD configuration incorrect for IPv6 +* :vytask:`T4819` (feature): Allow printing Warning messages in multiple lines with \n +* :vytask:`T4807` (feature): Need to fix traceroute help completion +* :vytask:`T4660` (feature): Reorganize route map set community CLI  +* :vytask:`T4526` (bug): keepalived-fifo.py unable to load config +* :vytask:`T4793` (feature): Create warning message about disable-route-autoinstall when ipsec vti is used +* :vytask:`T4492` (bug): Incorrect list of neighbors in help for "show bgp vrf VRF neighbors" +* :vytask:`T4496` (feature): ping vrf help does not list VRFs + + +2022-11-22 +========== + +* :vytask:`T4823` (bug): swanctl.conf is broken when ipsec site-to-site peer set. +* :vytask:`T4706` (bug): NAT and NAT66 issues +* :vytask:`T4670` (feature): policy route - Update matching criteria + + +2022-11-21 +========== + +* :vytask:`T4812` (feature): IPsec ability to show all configured connections +* :vytask:`T4829` (default): Tunnel argument to 'reset_peer' in ipsec.py should have type hint Optional + + +2022-11-20 +========== + +* :vytask:`T4827` (bug): route-map issues , not load configuration FRR + + +2022-11-19 +========== + +* :vytask:`T4826` (bug): Wrong key type is used for SSH SK public keys +* :vytask:`T4720` (feature): Ability to configure SSH HostKeyAlgorithms +* :vytask:`T4828` (default): Raise appropriate op-mode errors in ipsec.py 'reset_peer' + + +2022-11-18 +========== + +* :vytask:`T4821` (bug): Correct calling of config mode script dependencies from firewall.py + + +2022-11-17 +========== + +* :vytask:`T4750` (feature): Support of higher level SSH keys (sk-ssh-ed25519) + + +2022-11-15 +========== + +* :vytask:`T4808` (feature): Add details of configtree operations to migration log + + +2022-11-12 +========== + +* :vytask:`T4814` (bug): Regression in bundled powerdns version + + +2022-11-09 +========== + +* :vytask:`T4800` (bug): undefined var includes_chroot_dir in build-vyos-image  + + +2022-11-08 +========== + +* :vytask:`T4771` (feature): Rewrite protocol BGP op-mode to vyos.opmode format +* :vytask:`T4806` (default): Update FRR to 8.4 in 1.4 version + + +2022-11-06 +========== + +* :vytask:`T4803` (bug): The header 'Authorization' needs to be explictly allowed in http-api CORS middleware + + +2022-11-05 +========== + +* :vytask:`T4802` (feature): Ability to define per container shared-memory size + + +2022-11-01 +========== + +* :vytask:`T4764` (bug): NAT tables vyos_nat  and vyos_static_nat not deleting after deleting nat +* :vytask:`T4177` (bug): Strip-private doesn't work for service monitoring + + +2022-10-31 +========== + +* :vytask:`T4786` (feature): Add package python3-pyhumps +* :vytask:`T1875` (feature): Add the ability to use network address as BGP neighbor (bgp listen range) +* :vytask:`T4785` (feature): snmp: Allow !, @, * and # in community name +* :vytask:`T4787` (feature): ipsec: add support for road-warrior/remote-access RADIUS timeout + + +2022-10-29 +========== + +* :vytask:`T4783` (default): Add support for stunnel +* :vytask:`T4784` (feature): Add description node for static route/route6 tagNodes + + +2022-10-28 +========== + +* :vytask:`T4291` (default): Consolidate component version read/write functions + + +2022-10-27 +========== + +* :vytask:`T4763` (feature): Change XML for Show nat destination statistics +* :vytask:`T4762` (bug): Show nat rules with empty rules incorrect error +* :vytask:`T4778` (bug): Raise error UnconfiguredSubsystem if op-mode ipsec.py fails initialization + + +2022-10-26 +========== + +* :vytask:`T4773` (default): Add camel_case to snake_case conversion utility + + +2022-10-25 +========== + +* :vytask:`T4574` (default): Add token based authentication to GraphQL API + + +2022-10-24 +========== + +* :vytask:`T4772` (default): Return list of dicts in 'raw' output of route.py instead of dict with redundant information + + +2022-10-23 +========== + +* :vytask:`T3723` (bug): op-mode IPSec show vpn ipsec sa output with underscores + + +2022-10-21 +========== + +* :vytask:`T4768` (default): Change name of api child node from 'gql' to 'graphql' + + +2022-10-18 +========== + +* :vytask:`T4684` (feature): Rewrite show ip route by protocol to vyos.opmode format +* :vytask:`T4533` (bug): Radius clients don’t  have simple permissions +* :vytask:`T4753` (enhancment): Extend automatic generation of schema to query SystemStatus + + +2022-10-17 +========== + +* :vytask:`T4725` (bug): Unable to reset vpn IPsec peer + + +2022-10-14 +========== + +* :vytask:`T4672` (bug): RADIUS server disable does not work +* :vytask:`T4749` (enhancment): Use config_dict for conf_mode http-api.py + + +2022-10-13 +========== + +* :vytask:`T4746` (bug): Monitoring nft. table vyos_filter by default does not exist but telegraf checks this table +* :vytask:`T4744` (bug): BGP directly connected neighbors don't compatible with ebgp-multihop +* :vytask:`T4716` (feature): SSH ability to configure RekeyLimit +* :vytask:`T4343` (default): Expose powerdns network-timeout for service dns forwarding +* :vytask:`T4312` (bug): Telegraf configuration doesn't accept IPs for URL +* :vytask:`T4274` (default): Extend OpenConnect RADIUS Timeout to Permit 2FA Entry + + +2022-10-12 +========== + +* :vytask:`T4747` (bug): Monitoring influxdb template input exec plugin does not work +* :vytask:`T4740` (bug): Show conntrack table ipv6 fail +* :vytask:`T4730` (bug): Conntrack-sync error - listen-address is not the correct type in config as it should be + + +2022-10-11 +========== + +* :vytask:`T4742` (bug): Autocomplete in policy route rule x set table / does not show the tables created in the static protocols +* :vytask:`T4741` (bug): set firewall zone Local local-zone failed +* :vytask:`T4680` (bug): Telegraf prometheus-client listen-address invalid format + + +2022-10-10 +========== + +* :vytask:`T538` (feature): Support for network mapping in NAT + + +2022-10-09 +========== + +* :vytask:`T4738` (enhancment): Extend automatic generation of schema definition files to native configsession functions; use single resolver/directive + + +2022-10-08 +========== + +* :vytask:`T4707` (feature): Enable OSPF segment routing + + +2022-10-07 +========== + +* :vytask:`T4736` (bug): Error on JSON output of API query ShowConfig + + +2022-10-04 +========== + +* :vytask:`T4708` (bug): 'show nat destination rules' throwing an error +* :vytask:`T4700` (feature): Firewall - Add interface match criteria +* :vytask:`T4699` (feature): Firewall - Add jump action - Add return action +* :vytask:`T4651` (feature): Firewall - Add options to match packet size +* :vytask:`T4702` (bug): Wireguard peers configuration is not synchronized with CLI +* :vytask:`T4685` (bug): Interface does not exist on boot when used as inbound-interface for local policy route +* :vytask:`T4652` (feature): Upgrade PowerDNS recursor to 4.7 series +* :vytask:`T4582` (default): Router-advert: Preferred lifetime cannot equal valid lifetime in PIOs + + +2022-09-29 +========== + +* :vytask:`T4715` (feature): Auto logout user after a period of inactivity +* :vytask:`T4697` (bug): policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit + + +2022-09-27 +========== + +* :vytask:`T4711` (feature): Ability to terminate user TTY and PTS sessions +* :vytask:`T4557` (feature): fastnetmon: allow configure limits per protocol (tcp, udp, icmp) + + +2022-09-21 +========== + +* :vytask:`T4678` (feature): Rewrite service ipoe-server to get_config_dict +* :vytask:`T4703` (feature): accel-ppp: combine vlan-id and vlan-range into single CLI node + + +2022-09-20 +========== + +* :vytask:`T4693` (bug): ISIS segment routing was broken... + + +2022-09-17 +========== + +* :vytask:`T4666` (bug): EAP-TLS no longer allows TLSv1.0 after T4537, T4584 +* :vytask:`T4665` (bug): Keepalived cannot use same VRID for VRRPv2 and VRRPv3 + + +2022-09-16 +========== + +* :vytask:`T4698` (enhancment): Drop validator name="range" and replace it with numeric +* :vytask:`T4695` (feature): Add 'es' and 'jp106' keymap option keyboard-layout +* :vytask:`T4669` (enhancment): Extend numeric.ml for inversion of values and range values + + +2022-09-15 +========== + +* :vytask:`T4679` (bug): OpenVPN site-to-site incorrect check for IPv6 local and remote address +* :vytask:`T4691` (feature): Upgrade Linux Kernel to latest 5.15.y train +* :vytask:`T4630` (bug): Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time +* :vytask:`T4696` (default): Extend bgp parameters for bgp bestpath peer-type multipath-relax + + +2022-09-12 +========== + +* :vytask:`T4617` (feature): VRF specification is needed for telegraf prometheus-client listen-address <address>  +* :vytask:`T4690` (bug): Update GraphQL resolver for 'SystemStatus' following changes to 'show_uptime' op-mode script +* :vytask:`T4647` (feature): Add Google Virtual NIC (gVNIC) support +* :vytask:`T4170` (feature): Rename "policy ipv6-route" -> "policy route6" + + +2022-09-09 +========== + +* :vytask:`T4682` (feature): Rewrite 'show system storage' in standardized format +* :vytask:`T4681` (feature): Complete standardization of show_uptime.py + + +2022-09-06 +========== + +* :vytask:`T4640` (enhancment): Integrate op-mode exception hierarchy into API +* :vytask:`T4597` (bug): Check bind port before assign service HTTPS API and openconnect +* :vytask:`T4674` (bug): API should show op-mode error message, if present +* :vytask:`T4673` (bug): op-mode bridge.py should raise error on show_fdb for nonexistent bridge interface + + +2022-09-05 +========== + +* :vytask:`T4668` (bug): Adding/removing members from bond doesn't work/results in incorrect interface state +* :vytask:`T4663` (bug): Interface pseudo-ethernet does not change mode +* :vytask:`T4655` (bug): Firewall in 1.4 sets the default action 'accept' instead of 'drop' +* :vytask:`T4628` (bug): ConfigTree() throws ValueError() if tagNode contains whitespaces + + +2022-09-01 +========== + +* :vytask:`T4606` (bug): monitor nat destination translation shows missing script +* :vytask:`T4435` (bug): Policy route and firewall - error when using undefined group +* :vytask:`T4147` (bug): New Firewall Implementation - proposed changes on group implementation + + +2022-08-31 +========== + +* :vytask:`T4650` (feature): Rewire show nat translation to vyos.opmode format +* :vytask:`T4644` (bug): Check bind port before assign vpn sstp +* :vytask:`T4643` (bug): Smoketest exclude either sstp or openconnect from pki-misc default listen port +* :vytask:`T4569` (feature): Rewrite show bridge to new format +* :vytask:`T4547` (bug): Show vpn ipsec sa show unexpected prefix 'B' in packets +* :vytask:`T4367` (bug): NAT - Config tmp file not available + + +2022-08-29 +========== + +* :vytask:`T4645` (bug): show nat source statistics lack argument --family +* :vytask:`T4634` (bug): Bgp neighbor disable-connected-check does not work +* :vytask:`T4631` (feature): Add port and protocol to nat66 +* :vytask:`T4623` (feature): Add show conntrack statistics +* :vytask:`T4595` (bug): DPD interval and timeout do not work in DMVPN +* :vytask:`T4594` (feature): Rewrite op-mode IPsec to vyos.opmode format +* :vytask:`T4508` (bug): Problem with values of the same environment in different event handlers +* :vytask:`T4653` (bug): Interface offload options are not applied correctly +* :vytask:`T4546` (bug): Does not connect Cisco spoke to VyOS hub. +* :vytask:`T4061` (default): Add util function to check for completion of boot config +* :vytask:`T4654` (bug): RPKI cache incorrect description +* :vytask:`T4572` (bug): Add an option to force interface MTU to the value received from DHCP + + +2022-08-26 +========== + +* :vytask:`T4642` (bug): proxy: hyphen not allowed in proxy URL + + +2022-08-25 +========== + +* :vytask:`T4626` (bug): Error showing nat66 source and destination +* :vytask:`T4622` (feature): Firewall allow drop packets by TCP MSS size + + +2022-08-24 +========== + +* :vytask:`T4641` (bug): prefix-list allows ipv6 prefix as input +* :vytask:`T4633` (feature): Change keepalived to v2.2.7 + + +2022-08-23 +========== + +* :vytask:`T4618` (bug): Traffic policy not set on virtual interfaces +* :vytask:`T4538` (bug): Macsec does not work correctly when the interface status changes. + + +2022-08-22 +========== + +* :vytask:`T4089` (bug): Show nat destination rules shows ip address instead of interface 'any' +* :vytask:`T4632` (bug): VLAN-aware bridge not working +* :vytask:`T4637` (feature): Upgrade to podman 4.2.0 + + +2022-08-20 +========== + +* :vytask:`T4596` (bug): "show openconnect-server sessions" command does not work in the openconnect module + + +2022-08-19 +========== + +* :vytask:`T4620` (bug): UPnP does not work due to  incorrect template +* :vytask:`T4619` (bug): Static arp is not set if another entry is present +* :vytask:`T4611` (bug): UPnP rule IP should be a prefix instead of an address +* :vytask:`T4614` (feature): OpenConnect split-dns directive + + +2022-08-18 +========== + +* :vytask:`T4613` (bug): UPnP configuration without listen option fail +* :vytask:`T4570` (bug): Exception when trying to set up VXLAN over Wireguard + + +2022-08-17 +========== + +* :vytask:`T4598` (feature): nat66  - Add exclude options +* :vytask:`T4480` (default): add an ability to configure squid acl safe ports and acl ssl safe ports + + +2022-08-16 +========== + +* :vytask:`T4592` (bug): macsec: can not create two interfaces using the same source-interface +* :vytask:`T4584` (bug): hostap: create custom package build +* :vytask:`T4413` (default): Add an API endpoint with basic system stats +* :vytask:`T4537` (bug): MACsec not working with cipher gcm-aes-256 + + +2022-08-15 +========== + +* :vytask:`T4609` (bug): Unable to Restart Container VyOS 1.4 +* :vytask:`T4565` (bug): vlan aware bridge not working with - Kernel: T3318: update Linux Kernel to v5.4.205 #249  +* :vytask:`T3988` (default): Feature Request: IPsec Multiple local/remote prefix for the tunnel +* :vytask:`T2763` (feature): New SNMP resource request - SNMP over TCP + + +2022-08-14 +========== + +* :vytask:`T4579` (bug): bridge: can not delete member interface CLI option when VLAN is enabled +* :vytask:`T4421` (default): Add support for floating point numbers in the numeric validator +* :vytask:`T3507` (bug): Bond with mode LACP show u/u in show interfaces even if peer is not configured + + +2022-08-12 +========== + +* :vytask:`T4603` (feature): Need a config option to specify NAS-IP-Address for vpn l2tp + + +2022-08-10 +========== + +* :vytask:`T4408` (feature): Add sshguard to protect against brut-forces + + +2022-08-08 +========== + +* :vytask:`T4586` (feature): Add to NAT66: SNAT destination address and DNAT source address. + + +2022-08-04 +========== + +* :vytask:`T4257` (feature): Discussion on changing BGP autonomous system number syntax + + +2022-08-02 +========== + +* :vytask:`T4585` (feature): Rewrite op-mode containers to vyos.opmode  +* :vytask:`T4515` (default): Reduce telegraf binary size + + +2022-08-01 +========== + +* :vytask:`T4581` (bug): 'show system cpu' not working +* :vytask:`T4578` (feature): Rewrite show dns forwarding statistics to new format + + +2022-07-31 +========== + +* :vytask:`T4580` (bug): Handle the case of op-mode file names with hyphens in GraphQL schema/resolver generation + + +2022-07-30 +========== + +* :vytask:`T4575` (feature): vyos.utill add new wrapper "rc_cmd" to get the return code and output +* :vytask:`T4562` (feature): Rewrite show vrf to new format +* :vytask:`T4545` (feature): Rewrite show nat source rules +* :vytask:`T4543` (bug): Show source nat statistics shows incorrect interface +* :vytask:`T4503` (default): Prevent op mode scripts from restarting services if there's a commit in progress +* :vytask:`T4411` (feature): Add migration for service monitoring telegraf influxdb + + +2022-07-29 +========== + +* :vytask:`T4554` (enhancment): Implement GraphQL resolvers for standardized op-mode scripts +* :vytask:`T4518` (feature): Add XML for CLI conf mode load-balancing wan  +* :vytask:`T4544` (enhancment): Generate schema definitions from standardized op-mode scripts + + +2022-07-28 +========== + +* :vytask:`T4531` (bug): NAT op-mode errors with exclude rules +* :vytask:`T3435` (bug): NAT rules show corruption + + +2022-07-27 +========== + +* :vytask:`T4571` (bug): Sflow with vrf configured does not use vrf to validate agent-address IP from vrf-configured interfaces +* :vytask:`T4552` (bug): Unable to reset IPsec IPv6 peer + + +2022-07-26 +========== + +* :vytask:`T4568` (bug): show vpn debug peer doesn't work +* :vytask:`T4556` (feature): fastnetmon: Allow configure white_list_path and populate with hosts/networks that should be ignored. +* :vytask:`T4495` (feature): Combine BGP reset op commands + + +2022-07-25 +========== + +* :vytask:`T4567` (default): Merge experimental branch of GraphQL development +* :vytask:`T4560` (bug): VRF and BGP neighbor local-as error +* :vytask:`T4493` (bug): Incorrect help for "show bgp neighbors" +* :vytask:`T1233` (bug): ipsec vpn sa showing down + + +2022-07-22 +========== + +* :vytask:`T4145` (bug): Conntrack table not showing after firewall rewriting + + +2022-07-21 +========== + +* :vytask:`T4555` (feature): fastnetmon: add IPv6 support +* :vytask:`T4553` (default): Allow to set ban time on ddos-protection configuration + + +2022-07-20 +========== + +* :vytask:`T4056` (bug): Traffic policy not set in live configuration + + +2022-07-18 +========== + +* :vytask:`T4523` (feature): OP-mode Extend conntrack output to get marks, zones and directions +* :vytask:`T4228` (bug): bond: OS error thrown when two bonds use the same member +* :vytask:`T4539` (feature): qat: update Intel QuickAssist release version 1.7.L.4.16.0-00017 +* :vytask:`T4534` (bug): bond: bridge: error out if member interface is assigned to a VRF instance +* :vytask:`T4525` (bug): Delete interface from VRF and add it to bonding error +* :vytask:`T4522` (feature): bond: add ability to specify mii monitor interval via CLI +* :vytask:`T4535` (feature): FRR: upgrade to stable/8.3 version +* :vytask:`T4521` (bug): bond: ARP monitor interval is not configured despite set via CLI +* :vytask:`T4540` (feature): firmware: update to Linux release 20220708 + + +2022-07-17 +========== + +* :vytask:`T4028` (bug): FRR 8.1 routes not being applied to routing table after reboot if an interface has 2 ip addresses + + +2022-07-15 +========== + +* :vytask:`T4494` (bug): Cannot reset BGP peer within VRF +* :vytask:`T4536` (feature): FRR: move to systemd for daemon control + + +2022-07-14 +========== + +* :vytask:`T4491` (bug): Use empty string for internal name of root node of config_tree + + +2022-07-13 +========== + +* :vytask:`T1375` (feature): Add clear  dhcp server  lease function + + +2022-07-12 +========== + +* :vytask:`T4527` (bug): Prevent to create VRF name default +* :vytask:`T4084` (default): Dehardcode the default login banner +* :vytask:`T3948` (feature): IPSec VPN:  Add a new option "none" for the connection-type +* :vytask:`T235` (feature): Ability to configure manual IP Rules + + +2022-07-10 +========== + +* :vytask:`T3836` (bug): Setting a default IPv6 route while getting IPv4 gateway via DHCP removes the IPv4 gateway + + +2022-07-09 +========== + +* :vytask:`T4507` (feature): IPoE-server add multiplier option for shaper +* :vytask:`T4499` (bug): NAT source translation not showing a single output +* :vytask:`T4468` (bug): web-proxy source group cannot start with a number bug +* :vytask:`T4373` (feature): PPPoE-server add multiplier option for shaper +* :vytask:`T3353` (bug): PPPoE server wrong vlan-range generating config +* :vytask:`T3648` (bug): op-mode: nat rules broken +* :vytask:`T4517` (feature): ip: Add options to enable directed broadcast forwarding + + +2022-07-07 +========== + +* :vytask:`T4456` (bug): NTP client in VRF tries to bind to interfaces outside VRF, logs many messages +* :vytask:`T4509` (feature): Feature Request: DNS64 + + +2022-07-06 +========== + +* :vytask:`T4513` (bug): Webproxy monitor commands do not work +* :vytask:`T4299` (feature): Firewall - GeoIP filtering + + +2022-07-05 +========== + +* :vytask:`T4378` (bug): Unable to submit wildcard ("*.example.com") A or AAAA records in dns forwarder +* :vytask:`T2683` (default): no dual stack in system static-host-mapping host-name  +* :vytask:`T478` (feature): Firewall address group (multi and nesting) + + +2022-07-04 +========== + +* :vytask:`T4501` (bug): Syslog-identifier does not work in event handler +* :vytask:`T3600` (bug): DHCP Interface static route breaks PBR +* :vytask:`T4498` (feature): bridge: Add option to enable/disable IGMP/MLD snooping + + +2022-07-01 +========== + +* :vytask:`T2455` (bug): No support for the IPv6 VTI +* :vytask:`T4490` (feature): BGP- warning message that AFI/SAFI is needed to establish the neighborship +* :vytask:`T4489` (bug): MPLS sysctl not persistent for tunnel interfaces + + +2022-06-29 +========== + +* :vytask:`T4477` (feature): router-advert: support RDNSS lifetime option + + +2022-06-28 +========== + +* :vytask:`T4486` (bug): Container can't be deleted +* :vytask:`T4473` (bug): Use container network without network declaration error +* :vytask:`T4458` (feature): Firewall - add support for matching ip ttl in firewall rules +* :vytask:`T3907` (feature): Firewall - Set log levels + + +2022-06-27 +========== + +* :vytask:`T4484` (default): Firewall op-mode summary doesn't correctly handle address group containing ranges + + +2022-06-25 +========== + +* :vytask:`T4482` (bug): dhcp: toggle of "dhcp-options no-default-route" has no effect +* :vytask:`T4483` (feature): Upgrade fastnetmon to v1.2.2 community edition + + +2022-06-22 +========== + +* :vytask:`T1748` (feature): vbash: beautify tab completion output/line breaks + + +2022-06-20 +========== + +* :vytask:`T1856` (feature): Support configuring IPSec SA bytes + + +2022-06-18 +========== + +* :vytask:`T4467` (bug): Validator Does Not Accept Signed Numbers + + +2022-06-17 +========== + +* :vytask:`T4209` (bug): Firewall incorrect handler for recent count and time + + +2022-06-16 +========== + +* :vytask:`T4352` (bug): wan-load balance - priority traffic rule doesn't work  + + +2022-06-15 +========== + +* :vytask:`T4450` (feature): Route-map - Extend options for ip|ipv6 address match +* :vytask:`T4449` (feature): Route-map - Extend options for ip next-hop match +* :vytask:`T990` (feature): Make DNAT/SNAT a valid state in firewall rules.   + + +2022-06-12 +========== + +* :vytask:`T4420` (feature): Feature Request: ocserv: show configured 2FA OTP key +* :vytask:`T4380` (default): Feature Request: ocserv: 2FA OTP key generator in VyOS CLI + + +2022-06-10 +========== + +* :vytask:`T4365` (bug): NAT - Error on setting up tables +* :vytask:`T4465` (feature): node.def generation misses whitespace on multiple use of <path> + + +2022-06-09 +========== + +* :vytask:`T4444` (default): sstp: Feature request. Port number changing support +* :vytask:`T2580` (feature): Support for ip pools for ippoe + + +2022-06-08 +========== + +* :vytask:`T4447` (bug): DHCPv6 prefix delegation `sla-id` limited to 128  + + +2022-05-31 +========== + +* :vytask:`T4212` (default): PermissionError when generating/installing server Certificate (generate pki certificate sign ...) +* :vytask:`T4199` (bug): Commit failed when setting icmpv6 type any +* :vytask:`T4148` (bug): Firewall - Error messages not that clear as it were in old firewall +* :vytask:`T3659` (bug): Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors + + +2022-05-30 +========== + +* :vytask:`T4315` (feature): Telegraf - Output to prometheus + + +2022-05-29 +========== + +* :vytask:`T2473` (feature): Xml for EIGRP [conf_mode] + + +2022-05-28 +========== + +* :vytask:`T4448` (feature): rip: add support for explicit version selection + + +2022-05-26 +========== + +* :vytask:`T4442` (feature): HTTP API add action "reset" + + +2022-05-25 +========== + +* :vytask:`T4410` (feature): Telegraf - Output to Splunk +* :vytask:`T4382` (bug): Replacing legacy loadFile exposes missing steps in migration scripts and other errors + + +2022-05-21 +========== + +* :vytask:`T4437` (bug): flow-accounting: support IPv6 flow collectors + + +2022-05-20 +========== + +* :vytask:`T4418` (feature): Telegraf - output Plugin azure-data-explorer + + +2022-05-19 +========== + +* :vytask:`T4434` (bug): DMVPN: cisco-authentication password length is 8 characters +* :vytask:`T3938` (default): Rewrite the uptime script in Python to allow using it as a library +* :vytask:`T4334` (default): Make the config lexer reentrant + + +2022-05-17 +========== + +* :vytask:`T4424` (bug): policy local-route6 shows ipv4 format + + +2022-05-16 +========== + +* :vytask:`T4377` (default): generate tech-support archive includes previous archives + + +2022-05-12 +========== + +* :vytask:`T4417` (bug): VRRP doesn't start with conntrack-sync +* :vytask:`T4100` (feature): Firewall increase maximum number of rules + + +2022-05-11 +========== + +* :vytask:`T4405` (bug): DHCP client sometimes ignores `no-default-route` option of an interface + + +2022-05-10 +========== + +* :vytask:`T4156` (default): Adding DHCP Option 13 (bootfile-size) +* :vytask:`T1972` (feature): Allow setting interface name for virtual_ipaddress in VRRP VRID + + +2022-05-07 +========== + +* :vytask:`T4361` (bug): `vyos.config.exists()` does not work for nodes with multiple values +* :vytask:`T4354` (bug): Slave interfaces fall out from bonding during configuration change +* :vytask:`T4419` (feature): vrf: support to disable IP forwarding within a given VRF + + +2022-05-06 +========== + +* :vytask:`T4385` (bug): bgp: peer-group member cannot override remote-as of peer-group + + +2022-05-05 +========== + +* :vytask:`T4414` (feature): Add route-map "as-path prepend last-as x" option + + +2022-05-03 +========== + +* :vytask:`T4395` (feature): Extend show vpn debug  + + +2022-05-01 +========== + +* :vytask:`T4369` (bug): OpenVPN: daemon not restarted on changes to "openvpn-option" CLI node +* :vytask:`T4363` (bug): salt-minion: default mine_interval option is not set +* :vytask:`T4353` (feature): Add Jinja2 linter to vyos-1x build process + + +2022-04-29 +========== + +* :vytask:`T4388` (bug): dhcp-server: missing constraint on tftp-server-name option +* :vytask:`T4366` (bug): geneve: interface is removed on changes to e.g. description + + +2022-04-28 +========== + +* :vytask:`T4400` (bug): Container OP mode has delete where show and update should be + + +2022-04-27 +========== + +* :vytask:`T4398` (bug): IPSec site-to-site generates unexpected passthrough option +* :vytask:`T4397` (feature): arp: migrate static ARP entry configuration to get_config_dict() and make it VRF aware +* :vytask:`T4357` (feature): Allow free-form setting of DHCPv6 server options + + +2022-04-26 +========== + +* :vytask:`T4210` (bug): NAT source/destination negated ports throws an error +* :vytask:`T4235` (default): Add config tree diff algorithm + + +2022-04-25 +========== + +* :vytask:`T4390` (feature): op-mode: extend "show log" and "monitor log" with additional daemons/subsystems to read journalctl logs +* :vytask:`T4391` (bug): PPPoE: IPv6 not working after system boot + +  2022-04-24  ========== @@ -29,7 +1247,6 @@  2022-04-21  ========== -* :vytask:`T4385` (bug): bgp: peer-group member cannot override remote-as of peer-group  * :vytask:`T4384` (feature): pppoe: replace default-route CLI option with common CLI nodes already present for DHCP @@ -330,7 +1547,6 @@  * :vytask:`T4164` (bug): PBR: network groups (as well as address and port groups) don't resolve in `nftables_policy.conf`  * :vytask:`T3970` (feature): Add support for op-mode PKI direct install into an active config session  * :vytask:`T3828` (bug): ipsec: Subtle change in "pfs enable" behavior from equuleus -> sagitta -* :vytask:`T4228` (bug): bond: OS error thrown when two bonds use the same member  2022-02-05 @@ -361,12 +1577,6 @@  * :vytask:`T4138` (bug): NAT configuration allows to set incorrect port range and invalid port -2022-01-29 -========== - -* :vytask:`T4153` (bug): Monitor bandwidth-test initiate not working - -  2022-01-28  ========== @@ -461,7 +1671,6 @@  * :vytask:`T4182` (bug): Show vrrp if vrrp not configured bug  * :vytask:`T4179` (feature): Add op-mode CLI for show high-availability virtual-server -* :vytask:`T4177` (bug): Strip-private doesn't work for service monitoring  2022-01-13 @@ -485,7 +1694,6 @@  * :vytask:`T4149` (bug): [Firewall-IPV6] Error delete Fw rules on VIF/INT  * :vytask:`T3950` (bug): CLI backtrace on update if DNS not defined  -* :vytask:`T4170` (feature): Rename "policy ipv6-route" -> "policy route6"  * :vytask:`T4166` (bug): Debug output missing when frr.py called under vyos-configd @@ -561,7 +1769,7 @@  2021-12-28  ========== -* :vytask:`T3380` (bug): Show vpn ike sa with IPv6 remote peer +* :vytask:`T3380` (bug): "show vpn ike sa" does not display IPv6 peers  2021-12-27 @@ -608,7 +1816,6 @@  2021-12-22  ========== -* :vytask:`T4056` (bug): Traffic policy not set in live configuration  * :vytask:`T3678` (bug): VyOS 1.4: Invalid error message while deleting ipsec vpn configuration  * :vytask:`T3356` (feature): Script for remote file transfers @@ -1262,7 +2469,6 @@  * :vytask:`T3764` (bug): Unconfigurable IKE and ESP lifetime  * :vytask:`T3234` (bug): multi_to_list fails in certain cases, with root cause an element redundancy in XML interface-definitions  * :vytask:`T3732` (feature): override-default helper should support adding defaultValues to default less nodes -* :vytask:`T3574` (default): Add constraintGroup for combining validators with logical AND  * :vytask:`T3759` (default): [L3VPN] VPNv4/VPNv6 add commands  @@ -2049,7 +3255,7 @@  ==========  * :vytask:`T3313` (bug): ospfv3 interface missing options -* :vytask:`T3318` (feature): Update Linux Kernel to v5.4.188 / 5.10.111 +* :vytask:`T3318` (feature): Update Linux Kernel to v5.4.208 / 5.10.142  2021-02-15 @@ -2062,7 +3268,6 @@  ==========  * :vytask:`T2848` (feature): bgp-add-path configuration options -* :vytask:`T1875` (feature): Add the ability to use network address as BGP neighbor (bgp listen range)  2021-02-12 | 
