From 499f536d5b6b5f5bc45c649abdab5c007cda30a6 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sun, 29 Dec 2019 04:24:42 +0700 Subject: Add release notes for 1.2.4 --- docs/appendix/releasenotes.rst | 64 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) (limited to 'docs/appendix') diff --git a/docs/appendix/releasenotes.rst b/docs/appendix/releasenotes.rst index 13e8fa1c..d2601c2c 100644 --- a/docs/appendix/releasenotes.rst +++ b/docs/appendix/releasenotes.rst @@ -6,6 +6,70 @@ Release notes 1.2 (Crux) ========== +1.2.4 +----- + +1.2.4 is a maintenance release made in December 2019. + +Resolved issues +^^^^^^^^^^^^^^^ + +* `T258 `_ Can not configure wan load-balancing on vyos-1.2 +* `T818 `_ SNMP v3 - remove required engineid from user node +* `T1030 `_ Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare API v4) +* `T1183 `_ BFD Support via FRR +* `T1299 `_ Allow SNMPd to be extended with custom scripts +* `T1351 `_ accel-pppoe adding CIDR based IP pool option +* `T1391 `_ In route-map set community additive +* `T1394 `_ syslog systemd and host_name.py race condition +* `T1401 `_ Copying files with the FTP protocol fails if the password contains special characters +* `T1421 `_ OpenVPN client push-route stopped working, needs added quotes to fix +* `T1447 `_ Python subprocess called without import in host_name.py +* `T1470 `_ improve output of "show dhcpv6 server leases" +* `T1485 `_ Enable 'AdvIntervalOpt' option in for radvd.conf +* `T1496 `_ Separate rolling release and LTS kernel builds +* `T1560 `_ "set load-balancing wan rule 0" causes segfault and prevents load balancing from starting +* `T1568 `_ strip-private command improvement for additional masking of IPv6 and MAC address +* `T1578 `_ completion offers "show table", but show table does not exist +* `T1593 `_ Support ip6gre +* `T1597 `_ /usr/sbin/rsyslogd after deleting "system syslog" +* `T1638 `_ vyos-hostsd not setting system domain name +* `T1678 `_ hostfile-update missing line feed +* `T1694 `_ NTPd: Do not listen on all interfaces by default +* `T1701 `_ Delete domain-name and domain-search won't work +* `T1705 `_ High CPU usage by bgpd when snmp is active +* `T1707 `_ DHCP static mapping and exclude address not working +* `T1708 `_ Update Rolling Release Kernel to 4.19.76 +* `T1709 `_ Update WireGuard to 0.0.20190913 +* `T1716 `_ Update Intel NIC drivers to recent versions +* `T1726 `_ Update Linux Firmware binaries to a more recent version 2019-03-14 -> 2019-10-07 +* `T1728 `_ Update Linux Kernel to 4.19.79 +* `T1737 `_ SNMP tab completion missing +* `T1738 `_ Copy SNMP configuration from node to node raises exception +* `T1740 `_ Broken OSPFv2 virtual-link authentication +* `T1742 `_ NHRP unable to commit. +* `T1745 `_ dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop +* `T1749 `_ numeric validator doesn't support multiple ranges +* `T1769 `_ Remove complex SNMPv3 Transport Security Model (TSM) +* `T1772 `_ constraints in XML are partially broken +* `T1778 `_ Kilobits/Megabits difference in configuration Vyos/FRR +* `T1780 `_ Adding ipsec ike closeaction +* `T1786 `_ disable-dhcp-nameservers is missed in current host_name.py implementation +* `T1788 `_ Intel QAT (QuickAssist Technology ) implementation +* `T1792 `_ Update WireGuard to Debian release 0.0.20191012-1 +* `T1800 `_ Update Linux Kernel to v4.19.84 +* `T1809 `_ Wireless: SSID scan does not work in AP mode +* `T1811 `_ Upgrade from 1.1.8: Config file migration failed: module=l2tp +* `T1812 `_ DHCP: hostnames of clients not resolving after update v1.2.3 -> 1.2-rolling +* `T1819 `_ Reboot kills SNMPv3 configuration +* `T1822 `_ Priority inversion wireless interface dhcpv6 +* `T1836 `_ import-conf-mode-commands in vyos-1x/scripts fails to create an xml +* `T1839 `_ LLDP shows "VyOS unknown" instead of "VyOS" +* `T1841 `_ PPP ipv6-up.d direcotry missing +* `T1893 `_ igmp-proxy: Do not allow adding unknown interface +* `T1904 `_ update eth1 and eth2 link files for the vep4600 + + 1.2.3 ----- -- cgit v1.2.3 From 207aceac28624c445c21ec81c6a9f8a3924abefc Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 29 Dec 2019 10:37:31 +0100 Subject: release-notes: Migrate all tasks to new vytask command --- docs/appendix/releasenotes.rst | 316 +++++++++++++++++++++++------------------ 1 file changed, 181 insertions(+), 135 deletions(-) (limited to 'docs/appendix') diff --git a/docs/appendix/releasenotes.rst b/docs/appendix/releasenotes.rst index d2601c2c..6f85c103 100644 --- a/docs/appendix/releasenotes.rst +++ b/docs/appendix/releasenotes.rst @@ -1,6 +1,7 @@ -.. _releasenotes: +.. _release-notes: -Release notes +############# +Release Notes ############# 1.2 (Crux) @@ -14,61 +15,71 @@ Release notes Resolved issues ^^^^^^^^^^^^^^^ -* `T258 `_ Can not configure wan load-balancing on vyos-1.2 -* `T818 `_ SNMP v3 - remove required engineid from user node -* `T1030 `_ Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare API v4) -* `T1183 `_ BFD Support via FRR -* `T1299 `_ Allow SNMPd to be extended with custom scripts -* `T1351 `_ accel-pppoe adding CIDR based IP pool option -* `T1391 `_ In route-map set community additive -* `T1394 `_ syslog systemd and host_name.py race condition -* `T1401 `_ Copying files with the FTP protocol fails if the password contains special characters -* `T1421 `_ OpenVPN client push-route stopped working, needs added quotes to fix -* `T1447 `_ Python subprocess called without import in host_name.py -* `T1470 `_ improve output of "show dhcpv6 server leases" -* `T1485 `_ Enable 'AdvIntervalOpt' option in for radvd.conf -* `T1496 `_ Separate rolling release and LTS kernel builds -* `T1560 `_ "set load-balancing wan rule 0" causes segfault and prevents load balancing from starting -* `T1568 `_ strip-private command improvement for additional masking of IPv6 and MAC address -* `T1578 `_ completion offers "show table", but show table does not exist -* `T1593 `_ Support ip6gre -* `T1597 `_ /usr/sbin/rsyslogd after deleting "system syslog" -* `T1638 `_ vyos-hostsd not setting system domain name -* `T1678 `_ hostfile-update missing line feed -* `T1694 `_ NTPd: Do not listen on all interfaces by default -* `T1701 `_ Delete domain-name and domain-search won't work -* `T1705 `_ High CPU usage by bgpd when snmp is active -* `T1707 `_ DHCP static mapping and exclude address not working -* `T1708 `_ Update Rolling Release Kernel to 4.19.76 -* `T1709 `_ Update WireGuard to 0.0.20190913 -* `T1716 `_ Update Intel NIC drivers to recent versions -* `T1726 `_ Update Linux Firmware binaries to a more recent version 2019-03-14 -> 2019-10-07 -* `T1728 `_ Update Linux Kernel to 4.19.79 -* `T1737 `_ SNMP tab completion missing -* `T1738 `_ Copy SNMP configuration from node to node raises exception -* `T1740 `_ Broken OSPFv2 virtual-link authentication -* `T1742 `_ NHRP unable to commit. -* `T1745 `_ dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop -* `T1749 `_ numeric validator doesn't support multiple ranges -* `T1769 `_ Remove complex SNMPv3 Transport Security Model (TSM) -* `T1772 `_ constraints in XML are partially broken -* `T1778 `_ Kilobits/Megabits difference in configuration Vyos/FRR -* `T1780 `_ Adding ipsec ike closeaction -* `T1786 `_ disable-dhcp-nameservers is missed in current host_name.py implementation -* `T1788 `_ Intel QAT (QuickAssist Technology ) implementation -* `T1792 `_ Update WireGuard to Debian release 0.0.20191012-1 -* `T1800 `_ Update Linux Kernel to v4.19.84 -* `T1809 `_ Wireless: SSID scan does not work in AP mode -* `T1811 `_ Upgrade from 1.1.8: Config file migration failed: module=l2tp -* `T1812 `_ DHCP: hostnames of clients not resolving after update v1.2.3 -> 1.2-rolling -* `T1819 `_ Reboot kills SNMPv3 configuration -* `T1822 `_ Priority inversion wireless interface dhcpv6 -* `T1836 `_ import-conf-mode-commands in vyos-1x/scripts fails to create an xml -* `T1839 `_ LLDP shows "VyOS unknown" instead of "VyOS" -* `T1841 `_ PPP ipv6-up.d direcotry missing -* `T1893 `_ igmp-proxy: Do not allow adding unknown interface -* `T1904 `_ update eth1 and eth2 link files for the vep4600 - +* :vytask:`T258` Can not configure wan load-balancing on vyos-1.2 +* :vytask:`T818` SNMP v3 - remove required engineid from user node +* :vytask:`T1030` Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare + API v4) +* :vytask:`T1183` BFD Support via FRR +* :vytask:`T1299` Allow SNMPd to be extended with custom scripts +* :vytask:`T1351` accel-pppoe adding CIDR based IP pool option +* :vytask:`T1391` In route-map set community additive +* :vytask:`T1394` syslog systemd and host_name.py race condition +* :vytask:`T1401` Copying files with the FTP protocol fails if the password + contains special characters +* :vytask:`T1421` OpenVPN client push-route stopped working, needs added quotes + to fix +* :vytask:`T1447` Python subprocess called without import in host_name.py +* :vytask:`T1470` improve output of "show dhcpv6 server leases" +* :vytask:`T1485` Enable 'AdvIntervalOpt' option in for radvd.conf +* :vytask:`T1496` Separate rolling release and LTS kernel builds +* :vytask:`T1560` "set load-balancing wan rule 0" causes segfault and prevents + load balancing from starting +* :vytask:`T1568` strip-private command improvement for additional masking of + IPv6 and MAC address +* :vytask:`T1578` completion offers "show table", but show table does not exist +* :vytask:`T1593` Support ip6gre +* :vytask:`T1597` /usr/sbin/rsyslogd after deleting "system syslog" +* :vytask:`T1638` vyos-hostsd not setting system domain name +* :vytask:`T1678` hostfile-update missing line feed +* :vytask:`T1694` NTPd: Do not listen on all interfaces by default +* :vytask:`T1701` Delete domain-name and domain-search won't work +* :vytask:`T1705` High CPU usage by bgpd when snmp is active +* :vytask:`T1707` DHCP static mapping and exclude address not working +* :vytask:`T1708` Update Rolling Release Kernel to 4.19.76 +* :vytask:`T1709` Update WireGuard to 0.0.20190913 +* :vytask:`T1716` Update Intel NIC drivers to recent versions +* :vytask:`T1726` Update Linux Firmware binaries to a more recent version + 2019-03-14 -> 2019-10-07 +* :vytask:`T1728` Update Linux Kernel to 4.19.79 +* :vytask:`T1737` SNMP tab completion missing +* :vytask:`T1738` Copy SNMP configuration from node to node raises exception +* :vytask:`T1740` Broken OSPFv2 virtual-link authentication +* :vytask:`T1742` NHRP unable to commit. +* :vytask:`T1745` dhcp-server commit fails with "DHCP range stop address x must + be greater or equal to the range start address y!" when static mapping has + same IP as range stop +* :vytask:`T1749` numeric validator doesn't support multiple ranges +* :vytask:`T1769` Remove complex SNMPv3 Transport Security Model (TSM) +* :vytask:`T1772` constraints in XML are partially broken +* :vytask:`T1778` Kilobits/Megabits difference in configuration Vyos/FRR +* :vytask:`T1780` Adding ipsec ike closeaction +* :vytask:`T1786` disable-dhcp-nameservers is missed in current host_name.py + implementation +* :vytask:`T1788` Intel QAT (QuickAssist Technology ) implementation +* :vytask:`T1792` Update WireGuard to Debian release 0.0.20191012-1 +* :vytask:`T1800` Update Linux Kernel to v4.19.84 +* :vytask:`T1809` Wireless: SSID scan does not work in AP mode +* :vytask:`T1811` Upgrade from 1.1.8: Config file migration failed: module=l2tp +* :vytask:`T1812` DHCP: hostnames of clients not resolving after update + v1.2.3 -> 1.2-rolling +* :vytask:`T1819` Reboot kills SNMPv3 configuration +* :vytask:`T1822` Priority inversion wireless interface dhcpv6 +* :vytask:`T1836` import-conf-mode-commands in vyos-1x/scripts fails to create + an xml +* :vytask:`T1839` LLDP shows "VyOS unknown" instead of "VyOS" +* :vytask:`T1841` PPP ipv6-up.d direcotry missing +* :vytask:`T1893` igmp-proxy: Do not allow adding unknown interface +* :vytask:`T1904` update eth1 and eth2 link files for the vep4600 1.2.3 ----- @@ -79,47 +90,59 @@ New features ^^^^^^^^^^^^ * HTTP API -* "set service dns forwarding allow-from " option for limiting queries to specific client networks (T1524) -* Functions for checking if a commit is in progress (T1503) -* "set system contig-mangement commit-archive source-address" option (T1543) -* Intel NIC drivers now support receive side scaling and multiqueue (T1554) +* :vytask:`T1524` "set service dns forwarding allow-from " + option for limiting queries to specific client networks +* :vytask:`T1503` Functions for checking if a commit is in progress +* :vytask:`T1543` "set system contig-mangement commit-archive source-address" + option +* :vytask:`T1554` Intel NIC drivers now support receive side scaling and + multiqueue Resolved issues ^^^^^^^^^^^^^^^ -* OSPF max-metric values over 100 no longer causes commit errors (T1209) -* Fixes issue with DNS forwarding not performing recursive lookups on domain specific forwarders (T1333) -* Special characters in VRRP passwords are handled correctly (T1362) -* BGP weight is applied properly (T1377) -* Fixed permission for log files (T1420) -* Wireguard interfaces now support /31 addresses (T1425) -* Wireguard correctly handles firewall marks (T1428) -* DHCPv6 static mappings now work correctly (T1439) -* Flood ping commands now works correctly (T1450) -* Op mode "show firewall" commands now support counters longer than 8 digits (T1460) -* Fixed priority inversion in VTI commands (T1465) -* Fixed remote-as check in the BGP route-reflector-client option (T1468) -* It's now possible to re-create VRRP groups with RFC compatibility mode enabled (T1472) -* Fixed a typo in DHCPv6 server help strings (T1527) -* Unnumbered BGP peers now support VLAN interfaces (T1529) -* Fixed "set system syslog global archive file" command (T1530) -* Multiple fixes in cluster configuration scripts (T1531) -* Fixed missing help text for "service dns" (T1537) -* Fixed input validation in DHCPv6 relay options (T1541) -* It's now possible to create a QinQ interface and a firewall assigned to it in one commit (T1551) -* URL filtering now uses correct rule database path and works again (T1559) -* "show log vpn ipsec" command works again (T1579) -* "show arp interface " command works again (T1576) -* Fixed regression in L2TP/IPsec server (T1605) -* Netflow/sFlow captures IPv6 traffic correctly (T1613) -* "renew dhcpv6" command now works from op mode (T1616) -* BGP remove-private-as option iBGP vs eBGP check works correctly now (T1642) -* Multiple improvements in name servers and hosts configuration handling (T1540, T1360, T1264, T1623) +* :vytask:`T1209` OSPF max-metric values over 100 no longer causes commit + errors +* :vytask:`T1333` Fixes issue with DNS forwarding not performing recursive + lookups on domain specific forwarders +* :vytask:`T1362` Special characters in VRRP passwords are handled correctly +* :vytask:`T1377` BGP weight is applied properly +* :vytask:`T1420` Fixed permission for log files +* :vytask:`T1425` Wireguard interfaces now support /31 addresses +* :vytask:`T1428` Wireguard correctly handles firewall marks +* :vytask:`T1439` DHCPv6 static mappings now work correctly +* :vytask:`T1450` Flood ping commands now works correctly +* :vytask:`T1460` Op mode "show firewall" commands now support counters longer + than 8 digits (T1460) +* :vytask:`T1465` Fixed priority inversion in VTI commands +* :vytask:`T1468` Fixed remote-as check in the BGP route-reflector-client option +* :vytask:`T1472` It's now possible to re-create VRRP groups with RFC + compatibility mode enabled +* :vytask:`T1527` Fixed a typo in DHCPv6 server help strings +* :vytask:`T1529` Unnumbered BGP peers now support VLAN interfaces +* :vytask:`T1530` Fixed "set system syslog global archive file" command +* :vytask:`T1531` Multiple fixes in cluster configuration scripts +* :vytask:`T1537` Fixed missing help text for "service dns" +* :vytask:`T1541` Fixed input validation in DHCPv6 relay options +* :vytask:`T1551` It's now possible to create a QinQ interface and a firewall + assigned to it in one commit +* :vytask:`T1559` URL filtering now uses correct rule database path and works + again +* :vytask:`T1579` "show log vpn ipsec" command works again +* :vytask:`T1576` "show arp interface " command works again +* :vytask:`T1605` Fixed regression in L2TP/IPsec server +* :vytask:`T1613` Netflow/sFlow captures IPv6 traffic correctly +* :vytask:`T1616` "renew dhcpv6" command now works from op mode +* :vytask:`T1642` BGP remove-private-as option iBGP vs eBGP check works + correctly now +* :vytask:`T1540`, :vytask:`T1360`, :vytask:`T1264`, :vytask:`T1623` Multiple + improvements in name servers and hosts configuration handling Internals ^^^^^^^^^ -/etc/resolv.conf and /etc/hosts files are now managed by the vyos-hostsd service that listens on a ZMQ socket for update messages. +``/etc/resolv.conf`` and ``/etc/hosts`` files are now managed by the +*vyos-hostsd* service that listens on a ZMQ socket for update messages. 1.2.2 ----- @@ -132,7 +155,8 @@ New features * Options for per-interface MSS clamping. * BGP extended next-hop capability * Relaxed BGP multipath option -* Internal and external options for "remote-as" (accept any AS as long as it's the same to this router or different, respectively) +* Internal and external options for "remote-as" (accept any AS as long as it's + the same to this router or different, respectively) * "Unnumbered" (interface-based) BGP peers * BGP no-prepend option * Additive BGP community option @@ -144,21 +168,28 @@ Resolved issues ^^^^^^^^^^^^^^^ * Linux kernel 4.19.54, including a fix for the TCP SACK vulnerability -* VRRP health-check scripts now can use arguments (T1371) -* DNS server addresses coming from a DHCP server are now correctly propagated to resolv.conf (T1497) -* Domain-specific name servers in DNS forwarding are now used for recursive queries (T1469) -* “run show dhcpv6 server leases” now display leases correctly (T1433) -* Deleting “firewall options” node no longer causes errors (T1461) -* Correct hostname is sent to remote syslog again (T1458) -* Board serial number from DMI is correctly displayed in “show version” (T1438) -* Multiple corrections in remote syslog config (T1358, T1355, T1294) -* Fixed missing newline in /etc/hosts (T1255) -* “system domain-name” is correctly included in /etc/resolv.conf (T1174) -* Fixed priority inversion in “interfaces vti vtiX ip” settings (T1465) -* Fixed errors when installing with RAID1 on UEFI machines (T1446) -* Fixed an error on disabling an interfaces that has no address (T1387) -* Fixed deleting VLAN interface with non-default MTU (T1367) -* vyos.config return_effective_values() function now correctly returns a list rather than a string (T1505) +* :vytask:`T1371` VRRP health-check scripts now can use arguments +* :vytask:`T1497` DNS server addresses coming from a DHCP server are now + correctly propagated to resolv.conf +* :vytask:`T1469` Domain-specific name servers in DNS forwarding are now used + for recursive queries +* :vytask:`T1433` ``run show dhcpv6 server leases`` now display leases correctly +* :vytask:`T1461` Deleting ``firewall options`` node no longer causes errors +* :vytask:`T1458` Correct hostname is sent to remote syslog again +* :vytask:`T1438` Board serial number from DMI is correctly displayed in + ``show version`` +* :vytask:`T1358`, :vytask:`T1355`, :vytask:`T1294` Multiple corrections in + remote syslog config +* :vytask:`T1255` Fixed missing newline in ``/etc/hosts`` +* :vytask:`T1174` ``system domain-name`` is correctly included in + ``/etc/resolv.conf`` +* :vytask:`T1465` Fixed priority inversion in ``interfaces vti vtiX ip`` + settings +* :vytask:`T1446` Fixed errors when installing with RAID1 on UEFI machines +* :vytask:`T1387` Fixed an error on disabling an interfaces that has no address +* :vytask:`T1367` Fixed deleting VLAN interface with non-default MTU +* :vytask:`T1505` vyos.config ``return_effective_values()`` function now + correctly returns a list rather than a string 1.2.1 ----- @@ -168,35 +199,50 @@ VyOS 1.2.1 is a maintenance release made in April 2019. Resolved issues ^^^^^^^^^^^^^^^ -* Package updates: kernel 4.19.32, open-vm-tools 10.3, latest Intel NIC drivers. -* The kernel now includes drivers for various USB serial adapters, which allows people to add a serial console to a machine without onboard RS232, or connect to something else from the router (`T1326 `_). -* The collection of network card firmware is now much more extensive. -* VRRP now correctly uses a virtual rather than physical MAC addresses in the RFC-compliant mode (`T1271 `_). -* DHCP WPAD URL option works correctly again (`T1330 `_) -* Many to many NAT rules now can use source/destination and translation networks of non-matching size (`T1312 `_). If 1:1 network bits translation is desired, it’s now user’s responsibility to check if prefix length matches. -* IPv6 network prefix translation is fixed (`T1290 `_). -* Non-alphanumeric characters such as “>” can now be safely used in PPPoE passwords (`T1308 `_). -* “show | commands” no longer fails when a config section ends with a leaf node such as “timezone” in “show system | commands” (`T1305 `_). -* “show | commands” correctly works in config mode now (`T1235 `_). -* VTI is now compatible with the DHCP-interface IPsec option (`T1298 `_). -* “show dhcp server statistics” command was broken in latest Crux (`T1277 `_). -* An issue with TFTP server refusing to listen on addresses other than loopback was fixed (`T1261 `_). -* Template issue that might cause UDP broadcast relay fail to start is fixed (`T1224 `_). -* VXLAN value validation is improved (`T1067 `_). -* Blank hostnames in DHCP updates no longer can crash DNS forwarding (`T1211 `_). -* Correct configuration is now generated for DHCPv6 relays with more than one upstream interface (`T1322 `_). -* “relay-agents-packets” option works correctly now (`T1234 `_). -* Dynamic DNS data is now cleaned on configuration change (`T1231 `_). -* Remote Syslog can now use a fully qualified domain name (`T1282 `_). -* ACPI power off works again (`T1279 `_). -* Negation in WAN load balancing rules works again (`T1247 `_). -* FRR’s staticd now starts on boot correctly (`T1218 `_). -* The installer now correctly detects SD card devices (`T1296 `_). -* Wireguard peers can be disabled now (`T1225 `_). -* The issue with wireguard interfaces impossible to delete is fixed (`T1217 `_). -* Unintended IPv6 access is fixed in SNMP configuration (`T1160 `_). -* It’s now possible to exclude hosts from the transparent web proxy (`T1060 `_). -* An issue with rules impossible to delete from the zone-based firewall is fixed (`T484 `_). +* Package updates: kernel 4.19.32, open-vm-tools 10.3, latest Intel NIC drivers +* :vytask:`T1326` The kernel now includes drivers for various USB serial + adapters, which allows people to add a serial console to a machine without + onboard RS232, or connect to something else from the router +* The collection of network card firmware is now much more extensive +* :vytask:`T1271` VRRP now correctly uses a virtual rather than physical MAC + addresses in the RFC-compliant mode +* :vytask:`T1330` DHCP WPAD URL option works correctly again +* :vytask:`T1312` Many to many NAT rules now can use source/destination and + translation networks of non-matching size. If 1:1 network bits translation is + desired, it's now users responsibility to check if prefix length matches. +* :vytask:`T1290` IPv6 network prefix translation is fixed +* :vytask:`T1308` Non-alphanumeric characters such as ``>`` can now be safely + used in PPPoE passwords +* :vytask:`T1305` ``show | commands`` no longer fails when a config section ends + with a leaf node such as ``timezone`` in ``show system | commands`` +* :vytask:`T1235` ``show | commands`` correctly works in config mode now +* :vytask:`T1298` VTI is now compatible with the DHCP-interface IPsec option +* :vytask:`T1277` ``show dhcp server statistics`` command was broken in latest + Crux +* :vytask:`T1261` An issue with TFTP server refusing to listen on addresses + other than loopback was fixed +* :vytask:`T1224` Template issue that might cause UDP broadcast relay fail to + start is fixed +* :vytask:`T1067` VXLAN value validation is improved +* :vytask:`T1211` Blank hostnames in DHCP updates no longer can crash DNS + forwarding +* :vytask:`T1322` Correct configuration is now generated for DHCPv6 relays with + more than one upstream interface +* :vytask:`T1234` ``relay-agents-packets`` option works correctly now +* :vytask:`T1231` Dynamic DNS data is now cleaned on configuration change +* :vytask:`T1282` Remote Syslog can now use a fully qualified domain name +* :vytask:`T1279` ACPI power off works again +* :vytask:`T1247` Negation in WAN load balancing rules works again +* :vytask:`T1218` FRR staticd now starts on boot correctly +* :vytask:`T1296` The installer now correctly detects SD card devices +* :vytask:`T1225` Wireguard peers can be disabled now +* :vytask:`T1217` The issue with Wireguard interfaces impossible to delete + is fixed +* :vytask:`T1160` Unintended IPv6 access is fixed in SNMP configuration +* :vytask:`T1060` It's now possible to exclude hosts from the transparent + web proxy +* :vytask:`T484` An issue with rules impossible to delete from the zone-based + firewall is fixed Earlier releases ================ -- cgit v1.2.3 From 3918aefbeeeac4ab9844e3528995ae689a9bd952 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 29 Dec 2019 10:41:33 +0100 Subject: vytask: migrate all task references to new command --- docs/appendix/vyos-on-baremetal.rst | 6 ++---- docs/contributing/development.rst | 3 +-- docs/routing/ospf.rst | 4 +--- 3 files changed, 4 insertions(+), 9 deletions(-) (limited to 'docs/appendix') diff --git a/docs/appendix/vyos-on-baremetal.rst b/docs/appendix/vyos-on-baremetal.rst index 76b5e210..5f20a03f 100644 --- a/docs/appendix/vyos-on-baremetal.rst +++ b/docs/appendix/vyos-on-baremetal.rst @@ -107,7 +107,7 @@ VyOS 1.2 (crux) --------------- Depending on the VyOS versions you intend to install there is a difference in -the serial port settings (T1327_). +the serial port settings (:vytask:`T1327`). Create a bootable USB pendrive using e.g. Rufus_ on a Windows machine. @@ -190,7 +190,7 @@ VyOS 1.2 (rolling) ------------------ Installing the rolling release on an APU2 board does not require any change -on the serial console from your host side as T1327_ was successfully +on the serial console from your host side as :vytask:`T1327` was successfully implemented. Simply proceed with a regular image installation as described in @@ -246,8 +246,6 @@ Desktop :alt: APU4C4 desktop back .. _Rufus: https://rufus.ie/ -.. _T1327: https://phabricator.vyos.net/T1327 - Qotom Q355G4 ************ diff --git a/docs/contributing/development.rst b/docs/contributing/development.rst index 1c257772..35b9e17a 100644 --- a/docs/contributing/development.rst +++ b/docs/contributing/development.rst @@ -486,7 +486,7 @@ GNU Preprocessor ---------------- XML interface definition files use the `xml.in` file extension which was -implemented in T1843_. XML interface definitions tend to have a lot of +implemented in :vytask:`T1843`. XML interface definitions tend to have a lot of duplicated code in areas such as: * VIF (incl. VIF-S/VIF-C) @@ -698,7 +698,6 @@ http://dev.packages.vyos.net/repositories/. .. _Phabricator: https://phabricator.vyos.net/ .. _Jenkins: https://jenkins.io/ .. _Dockerhub: https://hub.docker.com/u/vyos/ -.. _T1843: https://phabricator.vyos.net/T1843 .. _`IPv4, IPv6 and DHCP(v6)`: https://github.com/vyos/vyos-1x/tree/current/interface-definitions/include/address-ipv4-ipv6-dhcp.xml.i .. _`IPv4, IPv6`: https://github.com/vyos/vyos-1x/tree/current/interface-definitions/include/address-ipv4-ipv6.xml.i .. _`VLAN (VIF)`: https://github.com/vyos/vyos-1x/tree/current/interface-definitions/include/vif.xml.i diff --git a/docs/routing/ospf.rst b/docs/routing/ospf.rst index bee70895..acffb7b3 100644 --- a/docs/routing/ospf.rst +++ b/docs/routing/ospf.rst @@ -90,7 +90,7 @@ A typical configuration using 2 nodes. .. note:: You can not easily redistribute IPv6 routes via OSPFv3 on a WireGuard interface link. This requires you to configure link-local addresses manually - on the WireGuard interfaces, see Phabricator task T1483_. + on the WireGuard interfaces, see :vytask:`T1483`. Example configuration for WireGuard interfaces: @@ -136,5 +136,3 @@ Example configuration for WireGuard interfaces: Neighbor ID Pri DeadTime State/IfState Duration I/F[State] 192.168.0.1 1 00:00:39 Full/PointToPoint 00:19:44 wg01[PointToPoint] -.. _T1483: https://phabricator.vyos.net/T1483 - -- cgit v1.2.3 From 37850e2f6f9efed96c9e807fd98623465337d330 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 30 Dec 2019 11:28:52 +0100 Subject: remove all enclosing '' from cfgcmd/opcmd --- docs/appendix/examples/dmvpn.rst | 4 ++-- docs/configuration-overview.rst | 2 +- docs/interfaces/dummy.rst | 8 ++++---- docs/interfaces/ethernet.rst | 30 +++++++++++++++--------------- docs/routing/bgp.rst | 10 +++++----- docs/routing/static.rst | 32 ++++++++++++++++---------------- docs/services/dhcp.rst | 26 +++++++++++++------------- docs/services/ssh.rst | 10 +++++----- docs/services/tftp.rst | 2 +- docs/services/udp-broadcast-relay.rst | 8 ++++---- docs/system/config-management.rst | 2 +- docs/system/default-route.rst | 4 ++-- docs/system/flow-accounting.rst | 30 +++++++++++++++--------------- docs/system/host-information.rst | 10 +++++----- docs/system/ntp.rst | 8 ++++---- docs/system/proxy.rst | 8 ++++---- docs/system/serial-console.rst | 6 +++--- docs/system/task-scheduler.rst | 8 ++++---- docs/system/time-zone.rst | 2 +- docs/system/user-management.rst | 26 +++++++++++++------------- 20 files changed, 118 insertions(+), 118 deletions(-) (limited to 'docs/appendix') diff --git a/docs/appendix/examples/dmvpn.rst b/docs/appendix/examples/dmvpn.rst index cbb9f300..49b1fcaa 100644 --- a/docs/appendix/examples/dmvpn.rst +++ b/docs/appendix/examples/dmvpn.rst @@ -17,7 +17,7 @@ Configuration set interfaces tunnel tun100 multicast 'enable' set interfaces tunnel tun100 parameters ip key '1' - set protocols nhrp tunnel tun100 cisco-authentication '' + set protocols nhrp tunnel tun100 cisco-authentication set protocols nhrp tunnel tun100 holding-time '300' set protocols nhrp tunnel tun100 multicast 'dynamic' set protocols nhrp tunnel tun100 redirect @@ -43,7 +43,7 @@ Configuration set vpn ipsec ipsec-interfaces interface 'eth0' set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret' - set vpn ipsec profile NHRPVPN authentication pre-shared-secret '' + set vpn ipsec profile NHRPVPN authentication pre-shared-secret set vpn ipsec profile NHRPVPN bind tunnel 'tun100' set vpn ipsec profile NHRPVPN esp-group 'ESP-HUB' set vpn ipsec profile NHRPVPN ike-group 'IKE-HUB' diff --git a/docs/configuration-overview.rst b/docs/configuration-overview.rst index 646f4dea..0ee4e0f5 100644 --- a/docs/configuration-overview.rst +++ b/docs/configuration-overview.rst @@ -109,7 +109,7 @@ added through a collection of :cfgcmd:`set` and :cfgcmd:`delete` commands. set service ssh port '22' set system config-management commit-revisions '20' set system console device ttyS0 speed '9600' - set system login user vyos authentication encrypted-password '' + set system login user vyos authentication encrypted-password '$6$Vt68...QzF0' set system login user vyos level 'admin' set system ntp server '0.pool.ntp.org' set system ntp server '1.pool.ntp.org' diff --git a/docs/interfaces/dummy.rst b/docs/interfaces/dummy.rst index 1b35cefd..c74e5f48 100644 --- a/docs/interfaces/dummy.rst +++ b/docs/interfaces/dummy.rst @@ -16,7 +16,7 @@ Configuration Address ------- -.. cfgcmd:: set interfaces dummy '' address
+.. cfgcmd:: set interfaces dummy address
Configure dummy interface `` with one or more interface addresses. @@ -40,12 +40,12 @@ Address Link Administration ------------------- -.. cfgcmd:: set interfaces dummy '' description '' +.. cfgcmd:: set interfaces dummy description Assign given `` to interface. Description will also be passed to SNMP monitoring systems. -.. cfgcmd:: set interfaces dummy '' disable +.. cfgcmd:: set interfaces dummy disable Disable given ``. It will be placed in administratively down state. @@ -65,7 +65,7 @@ Operation --------- ---------- --- ----------- dum0 172.18.254.201/32 u/u -.. opcmd:: show interfaces dummy '' +.. opcmd:: show interfaces dummy Show detailed information on given `` diff --git a/docs/interfaces/ethernet.rst b/docs/interfaces/ethernet.rst index d0537b41..693634fb 100644 --- a/docs/interfaces/ethernet.rst +++ b/docs/interfaces/ethernet.rst @@ -10,7 +10,7 @@ Configuration Address ------- -.. cfgcmd:: set interfaces ethernet '' address
+.. cfgcmd:: set interfaces ethernet address
Configure ethernet interface `` with one or more interface addresses. @@ -31,7 +31,7 @@ Address set interfaces ethernet eth0 address 2001:db8::ffff/64 set interfaces ethernet eth0 address 2001:db8:100::ffff/64 -.. cfgcmd:: set interfaces ethernet '' ipv6 address autoconf +.. cfgcmd:: set interfaces ethernet ipv6 address autoconf :abbr:`SLAAC (Stateless Address Autoconfiguration)` :rfc:`4862`. IPv6 hosts can configure themselves automatically when connected @@ -45,7 +45,7 @@ Address .. note:: This method automatically disables IPv6 traffic forwarding on the interface in question. -.. cfgcmd:: set interfaces ethernet '' ipv6 address eui64 '' +.. cfgcmd:: set interfaces ethernet ipv6 address eui64 :abbr:`EUI-64 (64-Bit Extended Unique Identifier)` as specified in :rfc:`4291` allows a host to assign iteslf a unique 64-Bit IPv6 address. @@ -57,7 +57,7 @@ Address Speed/Duplex ------------ -.. cfgcmd:: set interfaces ethernet '' duplex +.. cfgcmd:: set interfaces ethernet duplex Configure physical interface duplex setting. @@ -67,7 +67,7 @@ Speed/Duplex VyOS default will be `auto`. -.. cfgcmd:: set interfaces ethernet '' speed +.. cfgcmd:: set interfaces ethernet speed Configure physical interface speed setting. @@ -88,27 +88,27 @@ Speed/Duplex Link Administration ------------------- -.. cfgcmd:: set interfaces ethernet '' description '' +.. cfgcmd:: set interfaces ethernet description Assign given `` to interface. Description will also be passed to SNMP monitoring systems. -.. cfgcmd:: set interfaces ethernet '' disable +.. cfgcmd:: set interfaces ethernet disable Disable given ``. It will be placed in administratively down state. -.. cfgcmd:: set interfaces ethernet '' disable-flow-control +.. cfgcmd:: set interfaces ethernet disable-flow-control Disable Ethernet flow control (pause frames). -.. cfgcmd:: set interfaces ethernet '' mac '' +.. cfgcmd:: set interfaces ethernet mac Configure user defined :abbr:`MAC (Media Access Control)` address on given ``. -.. cfgcmd:: set interfaces ethernet '' mtu '' +.. cfgcmd:: set interfaces ethernet mtu Configure :abbr:`MTU (Maximum Transmission Unit)` on given ``. It is the size (in bytes) of the largest ethernet frame sent on this link. @@ -119,11 +119,11 @@ Router Advertisements Router advertisements are described in :rfc:`4861#section-4.6.2`. They are part of what is known as :abbr:`SLAAC (Stateless Address Autoconfiguration)`. -.. cfgcmd:: set interfaces ethernet '' ipv6 router-advert send-advert +.. cfgcmd:: set interfaces ethernet ipv6 router-advert send-advert Enable or disable router advertisements in this ``. -.. cfgcmd:: set interfaces ethernet '' ipv6 router-advert prefix '' +.. cfgcmd:: set interfaces ethernet ipv6 router-advert prefix Prefix information is described in :rfc:`4861#section-4.6.2`. @@ -144,7 +144,7 @@ Operation eth1 172.18.202.11/24 u/u WAN eth2 - u/D -.. opcmd:: show interfaces ethernet '' +.. opcmd:: show interfaces ethernet Show detailed information on given `` @@ -161,7 +161,7 @@ Operation TX: bytes packets errors dropped carrier collisions 5601460 62595 0 0 0 0 -.. opcmd:: show interfaces ethernet '' physical +.. opcmd:: show interfaces ethernet physical Show information about physical `` @@ -200,7 +200,7 @@ Operation supports-register-dump: yes supports-priv-flags: no -.. opcmd:: show interfaces ethernet '' transceiver +.. opcmd:: show interfaces ethernet transceiver Show transceiver information from plugin modules, e.g SFP+, QSFP diff --git a/docs/routing/bgp.rst b/docs/routing/bgp.rst index d8860e15..14ea1238 100644 --- a/docs/routing/bgp.rst +++ b/docs/routing/bgp.rst @@ -159,14 +159,14 @@ BGP Router Configuration ASN and Router ID ----------------- -.. cfgcmd:: set protocols bgp '' +.. cfgcmd:: set protocols bgp First of all you must configure BGP router with the :abbr:`ASN (Autonomous System Number)`. The AS number is an identifier for the autonomous system. The BGP protocol uses the AS number for detecting whether the BGP connection is internal or external. -.. cfgcmd:: set protocols bgp '' parameters router-id +.. cfgcmd:: set protocols bgp parameters router-id This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address. @@ -174,19 +174,19 @@ ASN and Router ID Route Selection --------------- -.. cfgcmd:: set protocols bgp '' parameters bestpath as-path confed +.. cfgcmd:: set protocols bgp parameters bestpath as-path confed This command specifies that the length of confederation path sets and sequences should should be taken into account during the BGP best path decision process. -.. cfgcmd:: set protocols bgp '' parameters bestpath as-path multipath-relax +.. cfgcmd:: set protocols bgp parameters bestpath as-path multipath-relax This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation. -.. cfgcmd:: set protocols bgp '' parameters bestpath as-path ignore +.. cfgcmd:: set protocols bgp parameters bestpath as-path ignore Ignore AS_PATH length when selecting a route diff --git a/docs/routing/static.rst b/docs/routing/static.rst index cebe42fa..52a73354 100644 --- a/docs/routing/static.rst +++ b/docs/routing/static.rst @@ -18,32 +18,32 @@ used to determine the forwarding table used for unicast packet forwarding. Static Routes ############# -.. cfgcmd:: set protocols static route '' next-hop '
' +.. cfgcmd:: set protocols static route next-hop
Configure next-hop `
` for an IPv4 static route. Multiple static routes can be created. -.. cfgcmd:: set protocols static route '' next-hop '
' disable +.. cfgcmd:: set protocols static route next-hop
disable Disable this IPv4 static route entry. -.. cfgcmd:: set protocols static route '' next-hop '
' distance '' +.. cfgcmd:: set protocols static route next-hop
distance Defines next-hop distance for this route, routes with smaller administrative distance are elected prior those with a higher distance. Range is 1 to 255, default is 1. -.. cfgcmd:: set protocols static route6 '' next-hop '
' +.. cfgcmd:: set protocols static route6 next-hop
Configure next-hop `
` for an IPv6 static route. Multiple static routes can be created. -.. cfgcmd:: set protocols static route6 '' next-hop '
' disable +.. cfgcmd:: set protocols static route6 next-hop
disable Disable this IPv6 static route entry. -.. cfgcmd:: set protocols static route6 '' next-hop '
' distance '' +.. cfgcmd:: set protocols static route6 next-hop
distance Defines next-hop distance for this route, routes with smaller administrative distance are elected prior those with a higher distance. @@ -57,34 +57,34 @@ Static Routes Interface Routes ================ -.. cfgcmd:: set protocols static interface-route '' next-hop-interface '' +.. cfgcmd:: set protocols static interface-route next-hop-interface Allows you to configure the next-hop interface for an interface-based IPv4 static route. `` will be the next-hop interface where trafic is routed for the given ``. -.. cfgcmd:: set protocols static interface-route '' next-hop-interface '' disable +.. cfgcmd:: set protocols static interface-route next-hop-interface disable Disables interface-based IPv4 static route. -.. cfgcmd:: set protocols static interface-route '' next-hop-interface '' distance '' +.. cfgcmd:: set protocols static interface-route next-hop-interface distance Defines next-hop distance for this route, routes with smaller administrative distance are elected prior those with a higher distance. Range is 1 to 255, default is 1. -.. cfgcmd:: set protocols static interface-route6 '' next-hop-interface '' +.. cfgcmd:: set protocols static interface-route6 next-hop-interface Allows you to configure the next-hop interface for an interface-based IPv6 static route. `` will be the next-hop interface where trafic is routed for the given ``. -.. cfgcmd:: set protocols static interface-route6 '' next-hop-interface '' disable +.. cfgcmd:: set protocols static interface-route6 next-hop-interface disable Disables interface-based IPv6 static route. -.. cfgcmd:: set protocols static interface-route6 '' next-hop-interface '' distance '' +.. cfgcmd:: set protocols static interface-route6 next-hop-interface distance Defines next-hop distance for this route, routes with smaller administrative distance are elected prior those with a higher distance. @@ -95,7 +95,7 @@ Interface Routes Blackhole ========= -.. cfgcmd:: set protocols static route '' blackhole +.. cfgcmd:: set protocols static route blackhole Use this command to configure a "black-hole" route on the router. A black-hole route is a route for which the system silently discard packets @@ -103,12 +103,12 @@ Blackhole it does not prevent them from being used as a more specific route inside your network. -.. cfgcmd:: set protocols static route '' blackhole distance '' +.. cfgcmd:: set protocols static route blackhole distance Defines blackhole distance for this route, routes with smaller administrative distance are elected prior those with a higher distance. -.. cfgcmd:: set protocols static route6 '' blackhole +.. cfgcmd:: set protocols static route6 blackhole Use this command to configure a "black-hole" route on the router. A black-hole route is a route for which the system silently discard packets @@ -116,7 +116,7 @@ Blackhole it does not prevent them from being used as a more specific route inside your network. -.. cfgcmd:: set protocols static route6 '' blackhole distance '' +.. cfgcmd:: set protocols static route6 blackhole distance Defines blackhole distance for this route, routes with smaller administrative distance are elected prior those with a higher distance. diff --git a/docs/services/dhcp.rst b/docs/services/dhcp.rst index 94efeaf1..bcadb673 100644 --- a/docs/services/dhcp.rst +++ b/docs/services/dhcp.rst @@ -146,23 +146,23 @@ inside the subnet definition but can be outside of the range statement. DHCP Options ------------ -.. cfgcmd:: set service dhcp-server shared-network-name '' subnet 192.0.2.0/24 default-router '
' +.. cfgcmd:: set service dhcp-server shared-network-name subnet 192.0.2.0/24 default-router
Specify the default routers IPv4 address which should be used in this subnet. This can - of course - be a VRRP address (DHCP option 003). -.. cfgcmd:: set service dhcp-server shared-network-name '' subnet 192.0.2.0/24 dns-server '
' +.. cfgcmd:: set service dhcp-server shared-network-name subnet 192.0.2.0/24 dns-server
Specify the DNS nameservers used (Option 006). This option may be used mulltiple times to specify additional DNS nameservers. -.. cfgcmd:: set service dhcp-server shared-network-name '' subnet 192.0.2.0/24 domain-name '' +.. cfgcmd:: set service dhcp-server shared-network-name subnet 192.0.2.0/24 domain-name The domain-name parameter should be the domain name that will be appended to the client's hostname to form a fully-qualified domain-name (FQDN) (DHCP Option 015). -.. cfgcmd:: set service dhcp-server shared-network-name '' subnet 192.0.2.0/24 domain-search '' +.. cfgcmd:: set service dhcp-server shared-network-name subnet 192.0.2.0/24 domain-search The domain-name parameter should be the domain name used when completing DNS request where no full FQDN is passed. This option can be given multiple times @@ -401,41 +401,41 @@ Configuration Options Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``. -.. cfgcmd:: set service dhcpv6-server shared-network-name '' subnet '' lease-time {default | maximum | minimum} +.. cfgcmd:: set service dhcpv6-server shared-network-name subnet lease-time {default | maximum | minimum} The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds. -.. cfgcmd:: set service dhcpv6-server shared-network-name '' subnet '' nis-domain '' +.. cfgcmd:: set service dhcpv6-server shared-network-name subnet nis-domain A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients. -.. cfgcmd:: set service dhcpv6-server shared-network-name '' subnet '' nisplus-domain '' +.. cfgcmd:: set service dhcpv6-server shared-network-name subnet nisplus-domain The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one: -.. cfgcmd:: set service dhcpv6-server shared-network-name '' subnet '' nis-server '
' +.. cfgcmd:: set service dhcpv6-server shared-network-name subnet nis-server
Specify a NIS server address for DHCPv6 clients. -.. cfgcmd:: set service dhcpv6-server shared-network-name '' subnet '' nisplus-server '
' +.. cfgcmd:: set service dhcpv6-server shared-network-name subnet nisplus-server
Specify a NIS+ server address for DHCPv6 clients. -.. cfgcmd:: set service dhcpv6-server shared-network-name '' subnet '' sip-server-address '
' +.. cfgcmd:: set service dhcpv6-server shared-network-name subnet sip-server-address
Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address for all DHCPv6 clients. -.. cfgcmd:: set service dhcpv6-server shared-network-name '' subnet '' sip-server-name '' +.. cfgcmd:: set service dhcpv6-server shared-network-name subnet sip-server-name Specify a :abbr:`SIP (Session Initiation Protocol)` server by FQDN for all DHCPv6 clients. -.. cfgcmd:: set service dhcpv6-server shared-network-name '' subnet '' sntp-server-address '
' +.. cfgcmd:: set service dhcpv6-server shared-network-name subnet sntp-server-address
A SNTP server address can be specified for DHCPv6 clients. @@ -570,7 +570,7 @@ https://wiki.vyos.net/wiki/Network_address_setup. Configuration ------------- -.. cfgcmd:: set service dhcp-relay interface '' +.. cfgcmd:: set service dhcp-relay interface Enable the DHCP relay service on the given interface. diff --git a/docs/services/ssh.rst b/docs/services/ssh.rst index fde575ea..1dd996d4 100644 --- a/docs/services/ssh.rst +++ b/docs/services/ssh.rst @@ -30,17 +30,17 @@ and integrity of data over an unsecured network, such as the Internet. Configuration ============= -.. cfgcmd:: set service ssh port '' +.. cfgcmd:: set service ssh port -Enabling SSH only requires you to specify the port ```` you want SSH to +Enabling SSH only requires you to specify the port ```` you want SSH to listen on. By default, SSH runs on port 22. -.. cfgcmd:: set service ssh listen-address '
' +.. cfgcmd:: set service ssh listen-address
Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined. -.. cfgcmd:: set service ssh ciphers '' +.. cfgcmd:: set service ssh ciphers Define allowed ciphers used for the SSH connection. A number of allowed ciphers can be specified, use multiple occurrences to allow multiple ciphers. @@ -71,7 +71,7 @@ security! Disable the host validation through reverse DNS lookups - can speedup login time when reverse lookup is not possible. -.. cfgcmd:: set service ssh macs '' +.. cfgcmd:: set service ssh macs Specifies the available :abbr:`MAC (Message Authentication Code)` algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. diff --git a/docs/services/tftp.rst b/docs/services/tftp.rst index 8647dfa8..ce87011c 100644 --- a/docs/services/tftp.rst +++ b/docs/services/tftp.rst @@ -22,7 +22,7 @@ files. content on image upgrades. Any directory under ``/config`` is save at this will be migrated. -.. cfgcmd:: set service tftp-server listen-address '
' +.. cfgcmd:: set service tftp-server listen-address
Configure the IPv4 or IPv6 listen address of the TFTP server. Multiple IPv4 and IPv6 addresses can be given. There will be one TFTP server instances listening diff --git a/docs/services/udp-broadcast-relay.rst b/docs/services/udp-broadcast-relay.rst index 10939c9d..f9e1b03e 100644 --- a/docs/services/udp-broadcast-relay.rst +++ b/docs/services/udp-broadcast-relay.rst @@ -17,23 +17,23 @@ support 99 IDs! Configuration ------------- -.. cfgcmd:: set service broadcast-relay id '' description '' +.. cfgcmd:: set service broadcast-relay id description A description can be added for each and every unique relay ID. This is usefull to distinguish between multiple different ports/appliactions. -.. cfgcmd:: set service broadcast-relay id '' interface '' +.. cfgcmd:: set service broadcast-relay id interface The interface used to receive and relay individual broadcast packets. If you want to receive/relay packets on both `eth1` and `eth2` both interfaces need to be added. -.. cfgcmd:: set service broadcast-relay id '' port '' +.. cfgcmd:: set service broadcast-relay id port The UDP port number used by your apllication. It is mandatory for this kind of operation. -.. cfgcmd:: set service broadcast-relay id '' disable +.. cfgcmd:: set service broadcast-relay id disable Each broadcast relay instance can be individually disabled without deleting the configured node by using the following command: diff --git a/docs/system/config-management.rst b/docs/system/config-management.rst index df2a80aa..9d65adb3 100644 --- a/docs/system/config-management.rst +++ b/docs/system/config-management.rst @@ -13,7 +13,7 @@ stored on a remote host for archiving/backup reasons. Change the number of commit revisions to ``, the default setting for this value is to store 20 revisions locally. -.. cfgcmd:: set system config-management commit-archive location '' +.. cfgcmd:: set system config-management commit-archive location If you want to save all config changes to a remote destination. Set the commit-archive location. Every time a commit is successfully the diff --git a/docs/system/default-route.rst b/docs/system/default-route.rst index a46790e4..27c74188 100644 --- a/docs/system/default-route.rst +++ b/docs/system/default-route.rst @@ -5,13 +5,13 @@ Default Gateway/Route ##################### In the past (VyOS 1.1) used a gateway-address configured under the system tree -(:cfgcmd:`set system gateway-address '
'`), this is no longer supported +(:cfgcmd:`set system gateway-address
`), this is no longer supported and existing configurations are migrated to the new CLI command. Configuration ============= -.. cfgcmd:: set protocols static route 0.0.0.0/0 next-hop '
' +.. cfgcmd:: set protocols static route 0.0.0.0/0 next-hop
Specify static route into the routing table sending all non local traffic to the nexthop address `
`. diff --git a/docs/system/flow-accounting.rst b/docs/system/flow-accounting.rst index 52a2a18d..df58e1f3 100644 --- a/docs/system/flow-accounting.rst +++ b/docs/system/flow-accounting.rst @@ -45,7 +45,7 @@ Configururation In order for flow accounting information to be collected and displayed for an interface, the interface must be configured for flow accounting. -.. cfgcmd:: set system flow-accounting interface '' +.. cfgcmd:: set system flow-accounting interface Configure and enable collection of flow information for the interface identified by ``. @@ -68,12 +68,12 @@ you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command: -.. cfgcmd:: set system flow-accounting buffer-size '' +.. cfgcmd:: set system flow-accounting buffer-size In case, if you need to catch some logs from flow-accounting daemon, you may configure logging facility: -.. cfgcmd:: set system flow-accounting syslog-facility '' +.. cfgcmd:: set system flow-accounting syslog-facility Flow Export @@ -85,7 +85,7 @@ exported them to a collection server. NetFlow ^^^^^^^ -.. cfgcmd:: set system flow-accounting netflow version '' +.. cfgcmd:: set system flow-accounting netflow version There are multiple versions available for the NetFlow data. The `` used in the exported flow data can be configured here. The following @@ -95,20 +95,20 @@ NetFlow * **9** - NetFlow version 9 (default) * **10** - :abbr:`IPFIX (IP Flow Information Export)` as per :rfc:`3917` -.. cfgcmd:: set system flow-accounting netflow server '
' +.. cfgcmd:: set system flow-accounting netflow server
Configure address of NetFlow collector. NetFlow server at `
` can be both listening on an IPv4 or IPv6 address. -.. cfgcmd:: set system flow-accounting netflow source-ip '
' +.. cfgcmd:: set system flow-accounting netflow source-ip
IPv4 or IPv6 source address of NetFlow packets -.. cfgcmd:: set system flow-accounting netflow engine-id '' +.. cfgcmd:: set system flow-accounting netflow engine-id NetFlow engine-id which will appear in NetFlow data. The range is 0 to 255. -.. cfgcmd:: set system flow-accounting netflow sampling-rate '' +.. cfgcmd:: set system flow-accounting netflow sampling-rate Use this command to configure the sampling rate for flow accounting. The system samples one in every `` packets, where `` is the value @@ -120,7 +120,7 @@ NetFlow Per default every packet is sampled (that is, the sampling rate is 1). -.. cfgcmd:: set system flow-accounting netflow timeout expiry interval '' +.. cfgcmd:: set system flow-accounting netflow timeout expiry interval Specifies the interval at which Netflow data will be sent to a collector. As per default, Netflow data will be sent every 60 seconds. @@ -128,24 +128,24 @@ NetFlow You may also additionally configure timeouts for different types of connections. -.. cfgcmd:: set system flow-accounting netflow max-flows '' +.. cfgcmd:: set system flow-accounting netflow max-flows If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192). sFlow ^^^^^ -.. cfgcmd:: set system flow-accounting sflow server '
' +.. cfgcmd:: set system flow-accounting sflow server
Configure address of sFlow collector. sFlow server at `
` can be an IPv4 or IPv6 address. But you cannot export to both IPv4 and IPv6 collectors at the same time! -.. cfgcmd:: set system flow-accounting sflow sampling-rate '' +.. cfgcmd:: set system flow-accounting sflow sampling-rate Enable sampling of packets, which will be transmitted to sFlow collectors. -.. cfgcmd:: set system flow-accounting sflow agent-address '
' +.. cfgcmd:: set system flow-accounting sflow agent-address
Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By @@ -169,7 +169,7 @@ Operation Once flow accounting is configured on an interfaces it provides the ability to display captured network traffic information for all configured interfaces. -.. opcmd:: show flow-accounting interface '' +.. opcmd:: show flow-accounting interface Show flow accounting information for given ``. @@ -186,7 +186,7 @@ display captured network traffic information for all configured interfaces. eth0 00:53:01:b2:22:48 00:53:02:58:a2:92 192.0.2.100 192.0.2.14 40006 22 tcp 16 146 1 9444 eth0 00:53:01:b2:22:48 00:53:02:58:a2:92 192.0.2.100 192.0.2.14 0 0 icmp 192 27 1 4455 -.. opcmd:: show flow-accounting interface '' host '
' +.. opcmd:: show flow-accounting interface host
Show flow accounting information for given `` for a specific host only. diff --git a/docs/system/host-information.rst b/docs/system/host-information.rst index e4cbd584..30efe01e 100644 --- a/docs/system/host-information.rst +++ b/docs/system/host-information.rst @@ -20,7 +20,7 @@ network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt. -.. cfgcmd:: set system host-name '' +.. cfgcmd:: set system host-name Set system hostname. The hostname can be up to 63 characters. A hostname must start and end with a letter or digit, and have as interior characters @@ -36,7 +36,7 @@ unique. VyOS appends the domain name as a suffix to any unqualified name. For example, if you set the domain name `example.com`, and you would ping the unqualified name of `crux`, then VyOS qualifies the name to `crux.example.com`. -.. cfgcmd:: set system domain-name '' +.. cfgcmd:: set system domain-name Configure system domain name. A domain name must start and end with a letter or digit, and have as interior characters only letters, digits, or a hyphen. @@ -48,16 +48,16 @@ How an IP address is assigned to an interface in :ref:`ethernet-interface`. This section shows how to statically map an IP address to a hostname for local (meaning on this VyOS instance) name resolution. -.. cfgcmd:: set system static-host-mapping host-name '' inet '
' +.. cfgcmd:: set system static-host-mapping host-name inet
Create a static hostname mapping which will always resolve the name `` to IP address `
`. -.. cfgcmd:: set system static-host-mapping host-name '' alias '' +.. cfgcmd:: set system static-host-mapping host-name alias Create named `` for the configured static mapping for ``. Thus the address configured as :cfgcmd:`set system static-host-mapping - host-name '' inet '
'` can be reached via multiple names. + host-name inet
` can be reached via multiple names. Multiple aliases can pe specified per host-name. diff --git a/docs/system/ntp.rst b/docs/system/ntp.rst index 0836f2fa..5fd1837f 100644 --- a/docs/system/ntp.rst +++ b/docs/system/ntp.rst @@ -33,9 +33,9 @@ in :rfc:`1305`. Configuration ============= -.. cfgcmd:: set system ntp server '
' +.. cfgcmd:: set system ntp server
- Configure one or more servers for synchronisation. Server name cen be either + Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`. There are 3 default NTP server set. You are able to change them. @@ -44,13 +44,13 @@ Configuration * 1.pool.ntp.org * 2.pool.ntp.org -.. cfgcmd:: set system ntp listen-address '
' +.. cfgcmd:: set system ntp listen-address
Setup VyOS as an NTP responder, you must specify the `
` and optionally the permitted clients. Multiple listen addresses can be configured. -.. cfgcmd:: set system ntp allow-clients address '
' +.. cfgcmd:: set system ntp allow-clients address
List of networks or client addresses permitted to contact this NTP server. Multiple networks can be configured. diff --git a/docs/system/proxy.rst b/docs/system/proxy.rst index 40bdf998..8e0339a7 100644 --- a/docs/system/proxy.rst +++ b/docs/system/proxy.rst @@ -8,21 +8,21 @@ Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`). -.. cfgcmd:: set system proxy url '' +.. cfgcmd:: set system proxy url Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp). -.. cfgcmd:: set system proxy port '' +.. cfgcmd:: set system proxy port Configure proxy port if it does not listen to the default port 80. -.. cfgcmd:: set system proxy username '' +.. cfgcmd:: set system proxy username Some proxys require/support the "basic" HTTP authentication scheme as per :rfc:`7617`, thus a username can be configured. -.. cfgcmd:: set system proxy password '' +.. cfgcmd:: set system proxy password Some proxys require/support the "basic" HTTP authentication scheme as per :rfc:`7617`, thus a password can be configured. diff --git a/docs/system/serial-console.rst b/docs/system/serial-console.rst index cd27fa21..309c6ad2 100644 --- a/docs/system/serial-console.rst +++ b/docs/system/serial-console.rst @@ -16,7 +16,7 @@ access to the console is the only way to diagnose and correct software failures. Major upgrades to the installed distribution may also require console access. -.. cfgcmd:: set system console device '' +.. cfgcmd:: set system console device Defines the specified device as a system console. Available console devices can be (see completion helper): @@ -25,7 +25,7 @@ Major upgrades to the installed distribution may also require console access. * ``ttyUSBX`` - USB Serial device name * ``hvc0`` - Xen console -.. cfgcmd:: set system console device '' speed '' +.. cfgcmd:: set system console device speed The speed (baudrate) of the console device. Supported values are: @@ -44,6 +44,6 @@ Network Console TBD. -.. cfgcmd:: set system console network '' +.. cfgcmd:: set system console network ... and many more commands ... \ No newline at end of file diff --git a/docs/system/task-scheduler.rst b/docs/system/task-scheduler.rst index 869a0600..382da39f 100644 --- a/docs/system/task-scheduler.rst +++ b/docs/system/task-scheduler.rst @@ -11,7 +11,7 @@ use of UNIX cron_. be dangerous. Together with :ref:`command-scripting` this can be used for automating (re-)configuration. -.. cfgcmd:: set system task-scheduler task '' interval '' +.. cfgcmd:: set system task-scheduler task interval Specify the time interval when `` should be executed. The interval is specified as number with one of the following suffixes: @@ -23,17 +23,17 @@ use of UNIX cron_. .. note:: If suffix is omitted, minutes are implied. -.. cfgcmd:: set system task-scheduler task '' crontab-spec '' +.. cfgcmd:: set system task-scheduler task crontab-spec Set execution time in common cron_ time format. A cron `` of ``30 */6 * * *`` would execute the `` at minute 30 past every 6th hour. -.. cfgcmd:: set system task-scheduler task '' executable path '' +.. cfgcmd:: set system task-scheduler task executable path Specify absolute `` to script which will be run when `` is executed. -.. cfgcmd:: set system task-scheduler task '' executable arguments '' +.. cfgcmd:: set system task-scheduler task executable arguments Arguments which will be passed to the executable. diff --git a/docs/system/time-zone.rst b/docs/system/time-zone.rst index d65e1d78..025c4376 100644 --- a/docs/system/time-zone.rst +++ b/docs/system/time-zone.rst @@ -8,7 +8,7 @@ Time Zone setting is very important as e.g all your logfile entries will be based on the configured zone. Without proper time zone configuration it will be very difficult to compare logfiles from different systems. -.. cfgcmd:: set system time-zone '' +.. cfgcmd:: set system time-zone Specify the systems `` as the Region/Location that best defines your location. For example, specifying US/Pacific sets the time zone to US diff --git a/docs/system/user-management.rst b/docs/system/user-management.rst index b2dd3d08..bb9a6e90 100644 --- a/docs/system/user-management.rst +++ b/docs/system/user-management.rst @@ -15,23 +15,23 @@ Authentication Dial-In User Service)` accounts are supported. Local ===== -.. cfgcmd:: set system login user '' full-name "" +.. cfgcmd:: set system login user full-name "" Create new system user with username `` and real-name specified by ``. -.. cfgcmd:: set system login user '' authentication plaintext-password '' +.. cfgcmd:: set system login user authentication plaintext-password Specify the plaintext password user by user `` on this system. The plaintext password will be automatically transferred into a secure hashed password and not saved anywhere in plaintext. -.. cfgcmd:: set system login user '' authentication encrypted-password '' +.. cfgcmd:: set system login user authentication encrypted-password Setup encrypted password for given username. This is usefull for transferring a hashed password from system to system. -.. cfgcmd:: set system login user '' group '' +.. cfgcmd:: set system login user group Specify additional group membership for given username ``. @@ -55,12 +55,12 @@ and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference. -.. cfgcmd:: set system login user '' authentication public-keys '' key '' +.. cfgcmd:: set system login user authentication public-keys key Assign the SSH public key portion `` identified by per-key `` to the local user ``. -.. cfgcmd:: set system login user '' authentication public-keys '' type '' +.. cfgcmd:: set system login user authentication public-keys type Every SSH public key portion referenced by `` requires the configuration of the `` of public-key used. This type can be any of: @@ -75,7 +75,7 @@ The third part is simply an identifier, and is for your own reference. .. note:: You can assign multiple keys to the same user by using a unique identifier per SSH key. -.. cfgcmd:: loadkey '' '' +.. cfgcmd:: loadkey SSH keys can not only be specified on the command-line but also loaded for a given user with `` from a file pointed to by `.` Keys @@ -113,17 +113,17 @@ Dial-In User Service)` servers as backend for user authentication. Configuration ------------- -.. cfgcmd:: set system login radius server '
' secret '' +.. cfgcmd:: set system login radius server
secret Specify the `
` of the RADIUS server user with the pre-shared-secret given in ``. Multiple servers can be specified. -.. cfgcmd:: set system login radius server '
' port '' +.. cfgcmd:: set system login radius server
port Configure the discrete port under which the RADIUS server can be reached. This defaults to 1812. -.. cfgcmd:: set system login radius server '
' timeout '' +.. cfgcmd:: set system login radius server
timeout Setup the `` in seconds when querying the RADIUS server. @@ -132,7 +132,7 @@ Configuration the attribute you will only get regular, non privilegued, system users. -.. cfgcmd:: set system login radius source-address '
' +.. cfgcmd:: set system login radius source-address
RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be @@ -148,12 +148,12 @@ Login Banner You are able to set post-login or pre-login banner messages to display certain information for this system. -.. cfgcmd:: set system login banner pre-login '' +.. cfgcmd:: set system login banner pre-login Configure `` which is shown during SSH connect and before a user is logged in. -.. cfgcmd:: set system login banner post-login '' +.. cfgcmd:: set system login banner post-login Configure `` which is shown after user has logged in to the system. -- cgit v1.2.3 From 03c76ba9f37eb6b4d4142a458e32bfdc41f1286b Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Wed, 1 Jan 2020 21:36:37 +0700 Subject: Re-generate 1.2.4 release notes --- docs/appendix/releasenotes.rst | 123 +++++++++++++++++++---------------------- 1 file changed, 58 insertions(+), 65 deletions(-) (limited to 'docs/appendix') diff --git a/docs/appendix/releasenotes.rst b/docs/appendix/releasenotes.rst index 6f85c103..bbc930c8 100644 --- a/docs/appendix/releasenotes.rst +++ b/docs/appendix/releasenotes.rst @@ -15,71 +15,64 @@ Release Notes Resolved issues ^^^^^^^^^^^^^^^ -* :vytask:`T258` Can not configure wan load-balancing on vyos-1.2 -* :vytask:`T818` SNMP v3 - remove required engineid from user node -* :vytask:`T1030` Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare - API v4) -* :vytask:`T1183` BFD Support via FRR -* :vytask:`T1299` Allow SNMPd to be extended with custom scripts -* :vytask:`T1351` accel-pppoe adding CIDR based IP pool option -* :vytask:`T1391` In route-map set community additive -* :vytask:`T1394` syslog systemd and host_name.py race condition -* :vytask:`T1401` Copying files with the FTP protocol fails if the password - contains special characters -* :vytask:`T1421` OpenVPN client push-route stopped working, needs added quotes - to fix -* :vytask:`T1447` Python subprocess called without import in host_name.py -* :vytask:`T1470` improve output of "show dhcpv6 server leases" -* :vytask:`T1485` Enable 'AdvIntervalOpt' option in for radvd.conf -* :vytask:`T1496` Separate rolling release and LTS kernel builds -* :vytask:`T1560` "set load-balancing wan rule 0" causes segfault and prevents - load balancing from starting -* :vytask:`T1568` strip-private command improvement for additional masking of - IPv6 and MAC address -* :vytask:`T1578` completion offers "show table", but show table does not exist -* :vytask:`T1593` Support ip6gre -* :vytask:`T1597` /usr/sbin/rsyslogd after deleting "system syslog" -* :vytask:`T1638` vyos-hostsd not setting system domain name -* :vytask:`T1678` hostfile-update missing line feed -* :vytask:`T1694` NTPd: Do not listen on all interfaces by default -* :vytask:`T1701` Delete domain-name and domain-search won't work -* :vytask:`T1705` High CPU usage by bgpd when snmp is active -* :vytask:`T1707` DHCP static mapping and exclude address not working -* :vytask:`T1708` Update Rolling Release Kernel to 4.19.76 -* :vytask:`T1709` Update WireGuard to 0.0.20190913 -* :vytask:`T1716` Update Intel NIC drivers to recent versions -* :vytask:`T1726` Update Linux Firmware binaries to a more recent version - 2019-03-14 -> 2019-10-07 -* :vytask:`T1728` Update Linux Kernel to 4.19.79 -* :vytask:`T1737` SNMP tab completion missing -* :vytask:`T1738` Copy SNMP configuration from node to node raises exception -* :vytask:`T1740` Broken OSPFv2 virtual-link authentication -* :vytask:`T1742` NHRP unable to commit. -* :vytask:`T1745` dhcp-server commit fails with "DHCP range stop address x must - be greater or equal to the range start address y!" when static mapping has - same IP as range stop -* :vytask:`T1749` numeric validator doesn't support multiple ranges -* :vytask:`T1769` Remove complex SNMPv3 Transport Security Model (TSM) -* :vytask:`T1772` constraints in XML are partially broken -* :vytask:`T1778` Kilobits/Megabits difference in configuration Vyos/FRR -* :vytask:`T1780` Adding ipsec ike closeaction -* :vytask:`T1786` disable-dhcp-nameservers is missed in current host_name.py - implementation -* :vytask:`T1788` Intel QAT (QuickAssist Technology ) implementation -* :vytask:`T1792` Update WireGuard to Debian release 0.0.20191012-1 -* :vytask:`T1800` Update Linux Kernel to v4.19.84 -* :vytask:`T1809` Wireless: SSID scan does not work in AP mode -* :vytask:`T1811` Upgrade from 1.1.8: Config file migration failed: module=l2tp -* :vytask:`T1812` DHCP: hostnames of clients not resolving after update - v1.2.3 -> 1.2-rolling -* :vytask:`T1819` Reboot kills SNMPv3 configuration -* :vytask:`T1822` Priority inversion wireless interface dhcpv6 -* :vytask:`T1836` import-conf-mode-commands in vyos-1x/scripts fails to create - an xml -* :vytask:`T1839` LLDP shows "VyOS unknown" instead of "VyOS" -* :vytask:`T1841` PPP ipv6-up.d direcotry missing -* :vytask:`T1893` igmp-proxy: Do not allow adding unknown interface -* :vytask:`T1904` update eth1 and eth2 link files for the vep4600 +* `T258 `_ Can not configure wan load-balancing on vyos-1.2 +* `T818 `_ SNMP v3 - remove required engineid from user node +* `T1030 `_ Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare API v4) +* `T1183 `_ BFD Support via FRR +* `T1299 `_ Allow SNMPd to be extended with custom scripts +* `T1351 `_ accel-pppoe adding CIDR based IP pool option +* `T1391 `_ In route-map set community additive +* `T1394 `_ syslog systemd and host_name.py race condition +* `T1401 `_ Copying files with the FTP protocol fails if the password contains special characters +* `T1421 `_ OpenVPN client push-route stopped working, needs added quotes to fix +* `T1430 `_ Add options for custom DHCP client-id and hostname +* `T1447 `_ Python subprocess called without import in host_name.py +* `T1470 `_ improve output of "show dhcpv6 server leases" +* `T1485 `_ Enable 'AdvIntervalOpt' option in for radvd.conf +* `T1496 `_ Separate rolling release and LTS kernel builds +* `T1560 `_ "set load-balancing wan rule 0" causes segfault and prevents load balancing from starting +* `T1568 `_ strip-private command improvement for additional masking of IPv6 and MAC address +* `T1578 `_ completion offers "show table", but show table does not exist +* `T1593 `_ Support ip6gre +* `T1597 `_ /usr/sbin/rsyslogd after deleting "system syslog" +* `T1638 `_ vyos-hostsd not setting system domain name +* `T1678 `_ hostfile-update missing line feed +* `T1694 `_ NTPd: Do not listen on all interfaces by default +* `T1701 `_ Delete domain-name and domain-search won't work +* `T1705 `_ High CPU usage by bgpd when snmp is active +* `T1707 `_ DHCP static mapping and exclude address not working +* `T1708 `_ Update Rolling Release Kernel to 4.19.76 +* `T1709 `_ Update WireGuard to 0.0.20190913 +* `T1716 `_ Update Intel NIC drivers to recent versions +* `T1726 `_ Update Linux Firmware binaries to a more recent version 2019-03-14 -> 2019-10-07 +* `T1728 `_ Update Linux Kernel to 4.19.79 +* `T1737 `_ SNMP tab completion missing +* `T1738 `_ Copy SNMP configuration from node to node raises exception +* `T1740 `_ Broken OSPFv2 virtual-link authentication +* `T1742 `_ NHRP unable to commit. +* `T1745 `_ dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop +* `T1749 `_ numeric validator doesn't support multiple ranges +* `T1769 `_ Remove complex SNMPv3 Transport Security Model (TSM) +* `T1772 `_ constraints in XML are partially broken +* `T1778 `_ Kilobits/Megabits difference in configuration Vyos/FRR +* `T1780 `_ Adding ipsec ike closeaction +* `T1786 `_ disable-dhcp-nameservers is missed in current host_name.py implementation +* `T1788 `_ Intel QAT (QuickAssist Technology ) implementation +* `T1792 `_ Update WireGuard to Debian release 0.0.20191012-1 +* `T1800 `_ Update Linux Kernel to v4.19.84 +* `T1809 `_ Wireless: SSID scan does not work in AP mode +* `T1811 `_ Upgrade from 1.1.8: Config file migration failed: module=l2tp +* `T1812 `_ DHCP: hostnames of clients not resolving after update v1.2.3 -> 1.2-rolling +* `T1819 `_ Reboot kills SNMPv3 configuration +* `T1822 `_ Priority inversion wireless interface dhcpv6 +* `T1825 `_ Improve DHCP configuration error message +* `T1836 `_ import-conf-mode-commands in vyos-1x/scripts fails to create an xml +* `T1839 `_ LLDP shows "VyOS unknown" instead of "VyOS" +* `T1841 `_ PPP ipv6-up.d direcotry missing +* `T1893 `_ igmp-proxy: Do not allow adding unknown interface +* `T1903 `_ Implementation udev predefined interface naming +* `T1904 `_ update eth1 and eth2 link files for the vep4600 + 1.2.3 ----- -- cgit v1.2.3 From f352db0d0d53e073b5dd6f966ff1411c363b9869 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 2 Jan 2020 22:05:03 +0100 Subject: rename releasenotes -> release-notes --- docs/appendix/release-notes.rst | 243 ++++++++++++++++++++++++++++++++++++++++ docs/appendix/releasenotes.rst | 243 ---------------------------------------- docs/index.rst | 2 +- 3 files changed, 244 insertions(+), 244 deletions(-) create mode 100644 docs/appendix/release-notes.rst delete mode 100644 docs/appendix/releasenotes.rst (limited to 'docs/appendix') diff --git a/docs/appendix/release-notes.rst b/docs/appendix/release-notes.rst new file mode 100644 index 00000000..bbc930c8 --- /dev/null +++ b/docs/appendix/release-notes.rst @@ -0,0 +1,243 @@ +.. _release-notes: + +############# +Release Notes +############# + +1.2 (Crux) +========== + +1.2.4 +----- + +1.2.4 is a maintenance release made in December 2019. + +Resolved issues +^^^^^^^^^^^^^^^ + +* `T258 `_ Can not configure wan load-balancing on vyos-1.2 +* `T818 `_ SNMP v3 - remove required engineid from user node +* `T1030 `_ Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare API v4) +* `T1183 `_ BFD Support via FRR +* `T1299 `_ Allow SNMPd to be extended with custom scripts +* `T1351 `_ accel-pppoe adding CIDR based IP pool option +* `T1391 `_ In route-map set community additive +* `T1394 `_ syslog systemd and host_name.py race condition +* `T1401 `_ Copying files with the FTP protocol fails if the password contains special characters +* `T1421 `_ OpenVPN client push-route stopped working, needs added quotes to fix +* `T1430 `_ Add options for custom DHCP client-id and hostname +* `T1447 `_ Python subprocess called without import in host_name.py +* `T1470 `_ improve output of "show dhcpv6 server leases" +* `T1485 `_ Enable 'AdvIntervalOpt' option in for radvd.conf +* `T1496 `_ Separate rolling release and LTS kernel builds +* `T1560 `_ "set load-balancing wan rule 0" causes segfault and prevents load balancing from starting +* `T1568 `_ strip-private command improvement for additional masking of IPv6 and MAC address +* `T1578 `_ completion offers "show table", but show table does not exist +* `T1593 `_ Support ip6gre +* `T1597 `_ /usr/sbin/rsyslogd after deleting "system syslog" +* `T1638 `_ vyos-hostsd not setting system domain name +* `T1678 `_ hostfile-update missing line feed +* `T1694 `_ NTPd: Do not listen on all interfaces by default +* `T1701 `_ Delete domain-name and domain-search won't work +* `T1705 `_ High CPU usage by bgpd when snmp is active +* `T1707 `_ DHCP static mapping and exclude address not working +* `T1708 `_ Update Rolling Release Kernel to 4.19.76 +* `T1709 `_ Update WireGuard to 0.0.20190913 +* `T1716 `_ Update Intel NIC drivers to recent versions +* `T1726 `_ Update Linux Firmware binaries to a more recent version 2019-03-14 -> 2019-10-07 +* `T1728 `_ Update Linux Kernel to 4.19.79 +* `T1737 `_ SNMP tab completion missing +* `T1738 `_ Copy SNMP configuration from node to node raises exception +* `T1740 `_ Broken OSPFv2 virtual-link authentication +* `T1742 `_ NHRP unable to commit. +* `T1745 `_ dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop +* `T1749 `_ numeric validator doesn't support multiple ranges +* `T1769 `_ Remove complex SNMPv3 Transport Security Model (TSM) +* `T1772 `_ constraints in XML are partially broken +* `T1778 `_ Kilobits/Megabits difference in configuration Vyos/FRR +* `T1780 `_ Adding ipsec ike closeaction +* `T1786 `_ disable-dhcp-nameservers is missed in current host_name.py implementation +* `T1788 `_ Intel QAT (QuickAssist Technology ) implementation +* `T1792 `_ Update WireGuard to Debian release 0.0.20191012-1 +* `T1800 `_ Update Linux Kernel to v4.19.84 +* `T1809 `_ Wireless: SSID scan does not work in AP mode +* `T1811 `_ Upgrade from 1.1.8: Config file migration failed: module=l2tp +* `T1812 `_ DHCP: hostnames of clients not resolving after update v1.2.3 -> 1.2-rolling +* `T1819 `_ Reboot kills SNMPv3 configuration +* `T1822 `_ Priority inversion wireless interface dhcpv6 +* `T1825 `_ Improve DHCP configuration error message +* `T1836 `_ import-conf-mode-commands in vyos-1x/scripts fails to create an xml +* `T1839 `_ LLDP shows "VyOS unknown" instead of "VyOS" +* `T1841 `_ PPP ipv6-up.d direcotry missing +* `T1893 `_ igmp-proxy: Do not allow adding unknown interface +* `T1903 `_ Implementation udev predefined interface naming +* `T1904 `_ update eth1 and eth2 link files for the vep4600 + + +1.2.3 +----- + +1.2.3 is a maintenance and feature backport release made in September 2019. + +New features +^^^^^^^^^^^^ + +* HTTP API +* :vytask:`T1524` "set service dns forwarding allow-from " + option for limiting queries to specific client networks +* :vytask:`T1503` Functions for checking if a commit is in progress +* :vytask:`T1543` "set system contig-mangement commit-archive source-address" + option +* :vytask:`T1554` Intel NIC drivers now support receive side scaling and + multiqueue + +Resolved issues +^^^^^^^^^^^^^^^ + +* :vytask:`T1209` OSPF max-metric values over 100 no longer causes commit + errors +* :vytask:`T1333` Fixes issue with DNS forwarding not performing recursive + lookups on domain specific forwarders +* :vytask:`T1362` Special characters in VRRP passwords are handled correctly +* :vytask:`T1377` BGP weight is applied properly +* :vytask:`T1420` Fixed permission for log files +* :vytask:`T1425` Wireguard interfaces now support /31 addresses +* :vytask:`T1428` Wireguard correctly handles firewall marks +* :vytask:`T1439` DHCPv6 static mappings now work correctly +* :vytask:`T1450` Flood ping commands now works correctly +* :vytask:`T1460` Op mode "show firewall" commands now support counters longer + than 8 digits (T1460) +* :vytask:`T1465` Fixed priority inversion in VTI commands +* :vytask:`T1468` Fixed remote-as check in the BGP route-reflector-client option +* :vytask:`T1472` It's now possible to re-create VRRP groups with RFC + compatibility mode enabled +* :vytask:`T1527` Fixed a typo in DHCPv6 server help strings +* :vytask:`T1529` Unnumbered BGP peers now support VLAN interfaces +* :vytask:`T1530` Fixed "set system syslog global archive file" command +* :vytask:`T1531` Multiple fixes in cluster configuration scripts +* :vytask:`T1537` Fixed missing help text for "service dns" +* :vytask:`T1541` Fixed input validation in DHCPv6 relay options +* :vytask:`T1551` It's now possible to create a QinQ interface and a firewall + assigned to it in one commit +* :vytask:`T1559` URL filtering now uses correct rule database path and works + again +* :vytask:`T1579` "show log vpn ipsec" command works again +* :vytask:`T1576` "show arp interface " command works again +* :vytask:`T1605` Fixed regression in L2TP/IPsec server +* :vytask:`T1613` Netflow/sFlow captures IPv6 traffic correctly +* :vytask:`T1616` "renew dhcpv6" command now works from op mode +* :vytask:`T1642` BGP remove-private-as option iBGP vs eBGP check works + correctly now +* :vytask:`T1540`, :vytask:`T1360`, :vytask:`T1264`, :vytask:`T1623` Multiple + improvements in name servers and hosts configuration handling + +Internals +^^^^^^^^^ + +``/etc/resolv.conf`` and ``/etc/hosts`` files are now managed by the +*vyos-hostsd* service that listens on a ZMQ socket for update messages. + +1.2.2 +----- + +1.2.2 is a maintenance release made in July 2019. + +New features +^^^^^^^^^^^^ + +* Options for per-interface MSS clamping. +* BGP extended next-hop capability +* Relaxed BGP multipath option +* Internal and external options for "remote-as" (accept any AS as long as it's + the same to this router or different, respectively) +* "Unnumbered" (interface-based) BGP peers +* BGP no-prepend option +* Additive BGP community option +* OSPFv3 network type option +* Custom arguments for VRRP scripts +* A script for querying values from config files + +Resolved issues +^^^^^^^^^^^^^^^ + +* Linux kernel 4.19.54, including a fix for the TCP SACK vulnerability +* :vytask:`T1371` VRRP health-check scripts now can use arguments +* :vytask:`T1497` DNS server addresses coming from a DHCP server are now + correctly propagated to resolv.conf +* :vytask:`T1469` Domain-specific name servers in DNS forwarding are now used + for recursive queries +* :vytask:`T1433` ``run show dhcpv6 server leases`` now display leases correctly +* :vytask:`T1461` Deleting ``firewall options`` node no longer causes errors +* :vytask:`T1458` Correct hostname is sent to remote syslog again +* :vytask:`T1438` Board serial number from DMI is correctly displayed in + ``show version`` +* :vytask:`T1358`, :vytask:`T1355`, :vytask:`T1294` Multiple corrections in + remote syslog config +* :vytask:`T1255` Fixed missing newline in ``/etc/hosts`` +* :vytask:`T1174` ``system domain-name`` is correctly included in + ``/etc/resolv.conf`` +* :vytask:`T1465` Fixed priority inversion in ``interfaces vti vtiX ip`` + settings +* :vytask:`T1446` Fixed errors when installing with RAID1 on UEFI machines +* :vytask:`T1387` Fixed an error on disabling an interfaces that has no address +* :vytask:`T1367` Fixed deleting VLAN interface with non-default MTU +* :vytask:`T1505` vyos.config ``return_effective_values()`` function now + correctly returns a list rather than a string + +1.2.1 +----- + +VyOS 1.2.1 is a maintenance release made in April 2019. + +Resolved issues +^^^^^^^^^^^^^^^ + +* Package updates: kernel 4.19.32, open-vm-tools 10.3, latest Intel NIC drivers +* :vytask:`T1326` The kernel now includes drivers for various USB serial + adapters, which allows people to add a serial console to a machine without + onboard RS232, or connect to something else from the router +* The collection of network card firmware is now much more extensive +* :vytask:`T1271` VRRP now correctly uses a virtual rather than physical MAC + addresses in the RFC-compliant mode +* :vytask:`T1330` DHCP WPAD URL option works correctly again +* :vytask:`T1312` Many to many NAT rules now can use source/destination and + translation networks of non-matching size. If 1:1 network bits translation is + desired, it's now users responsibility to check if prefix length matches. +* :vytask:`T1290` IPv6 network prefix translation is fixed +* :vytask:`T1308` Non-alphanumeric characters such as ``>`` can now be safely + used in PPPoE passwords +* :vytask:`T1305` ``show | commands`` no longer fails when a config section ends + with a leaf node such as ``timezone`` in ``show system | commands`` +* :vytask:`T1235` ``show | commands`` correctly works in config mode now +* :vytask:`T1298` VTI is now compatible with the DHCP-interface IPsec option +* :vytask:`T1277` ``show dhcp server statistics`` command was broken in latest + Crux +* :vytask:`T1261` An issue with TFTP server refusing to listen on addresses + other than loopback was fixed +* :vytask:`T1224` Template issue that might cause UDP broadcast relay fail to + start is fixed +* :vytask:`T1067` VXLAN value validation is improved +* :vytask:`T1211` Blank hostnames in DHCP updates no longer can crash DNS + forwarding +* :vytask:`T1322` Correct configuration is now generated for DHCPv6 relays with + more than one upstream interface +* :vytask:`T1234` ``relay-agents-packets`` option works correctly now +* :vytask:`T1231` Dynamic DNS data is now cleaned on configuration change +* :vytask:`T1282` Remote Syslog can now use a fully qualified domain name +* :vytask:`T1279` ACPI power off works again +* :vytask:`T1247` Negation in WAN load balancing rules works again +* :vytask:`T1218` FRR staticd now starts on boot correctly +* :vytask:`T1296` The installer now correctly detects SD card devices +* :vytask:`T1225` Wireguard peers can be disabled now +* :vytask:`T1217` The issue with Wireguard interfaces impossible to delete + is fixed +* :vytask:`T1160` Unintended IPv6 access is fixed in SNMP configuration +* :vytask:`T1060` It's now possible to exclude hosts from the transparent + web proxy +* :vytask:`T484` An issue with rules impossible to delete from the zone-based + firewall is fixed + +Earlier releases +================ + +See `the wiki `_. diff --git a/docs/appendix/releasenotes.rst b/docs/appendix/releasenotes.rst deleted file mode 100644 index bbc930c8..00000000 --- a/docs/appendix/releasenotes.rst +++ /dev/null @@ -1,243 +0,0 @@ -.. _release-notes: - -############# -Release Notes -############# - -1.2 (Crux) -========== - -1.2.4 ------ - -1.2.4 is a maintenance release made in December 2019. - -Resolved issues -^^^^^^^^^^^^^^^ - -* `T258 `_ Can not configure wan load-balancing on vyos-1.2 -* `T818 `_ SNMP v3 - remove required engineid from user node -* `T1030 `_ Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare API v4) -* `T1183 `_ BFD Support via FRR -* `T1299 `_ Allow SNMPd to be extended with custom scripts -* `T1351 `_ accel-pppoe adding CIDR based IP pool option -* `T1391 `_ In route-map set community additive -* `T1394 `_ syslog systemd and host_name.py race condition -* `T1401 `_ Copying files with the FTP protocol fails if the password contains special characters -* `T1421 `_ OpenVPN client push-route stopped working, needs added quotes to fix -* `T1430 `_ Add options for custom DHCP client-id and hostname -* `T1447 `_ Python subprocess called without import in host_name.py -* `T1470 `_ improve output of "show dhcpv6 server leases" -* `T1485 `_ Enable 'AdvIntervalOpt' option in for radvd.conf -* `T1496 `_ Separate rolling release and LTS kernel builds -* `T1560 `_ "set load-balancing wan rule 0" causes segfault and prevents load balancing from starting -* `T1568 `_ strip-private command improvement for additional masking of IPv6 and MAC address -* `T1578 `_ completion offers "show table", but show table does not exist -* `T1593 `_ Support ip6gre -* `T1597 `_ /usr/sbin/rsyslogd after deleting "system syslog" -* `T1638 `_ vyos-hostsd not setting system domain name -* `T1678 `_ hostfile-update missing line feed -* `T1694 `_ NTPd: Do not listen on all interfaces by default -* `T1701 `_ Delete domain-name and domain-search won't work -* `T1705 `_ High CPU usage by bgpd when snmp is active -* `T1707 `_ DHCP static mapping and exclude address not working -* `T1708 `_ Update Rolling Release Kernel to 4.19.76 -* `T1709 `_ Update WireGuard to 0.0.20190913 -* `T1716 `_ Update Intel NIC drivers to recent versions -* `T1726 `_ Update Linux Firmware binaries to a more recent version 2019-03-14 -> 2019-10-07 -* `T1728 `_ Update Linux Kernel to 4.19.79 -* `T1737 `_ SNMP tab completion missing -* `T1738 `_ Copy SNMP configuration from node to node raises exception -* `T1740 `_ Broken OSPFv2 virtual-link authentication -* `T1742 `_ NHRP unable to commit. -* `T1745 `_ dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop -* `T1749 `_ numeric validator doesn't support multiple ranges -* `T1769 `_ Remove complex SNMPv3 Transport Security Model (TSM) -* `T1772 `_ constraints in XML are partially broken -* `T1778 `_ Kilobits/Megabits difference in configuration Vyos/FRR -* `T1780 `_ Adding ipsec ike closeaction -* `T1786 `_ disable-dhcp-nameservers is missed in current host_name.py implementation -* `T1788 `_ Intel QAT (QuickAssist Technology ) implementation -* `T1792 `_ Update WireGuard to Debian release 0.0.20191012-1 -* `T1800 `_ Update Linux Kernel to v4.19.84 -* `T1809 `_ Wireless: SSID scan does not work in AP mode -* `T1811 `_ Upgrade from 1.1.8: Config file migration failed: module=l2tp -* `T1812 `_ DHCP: hostnames of clients not resolving after update v1.2.3 -> 1.2-rolling -* `T1819 `_ Reboot kills SNMPv3 configuration -* `T1822 `_ Priority inversion wireless interface dhcpv6 -* `T1825 `_ Improve DHCP configuration error message -* `T1836 `_ import-conf-mode-commands in vyos-1x/scripts fails to create an xml -* `T1839 `_ LLDP shows "VyOS unknown" instead of "VyOS" -* `T1841 `_ PPP ipv6-up.d direcotry missing -* `T1893 `_ igmp-proxy: Do not allow adding unknown interface -* `T1903 `_ Implementation udev predefined interface naming -* `T1904 `_ update eth1 and eth2 link files for the vep4600 - - -1.2.3 ------ - -1.2.3 is a maintenance and feature backport release made in September 2019. - -New features -^^^^^^^^^^^^ - -* HTTP API -* :vytask:`T1524` "set service dns forwarding allow-from " - option for limiting queries to specific client networks -* :vytask:`T1503` Functions for checking if a commit is in progress -* :vytask:`T1543` "set system contig-mangement commit-archive source-address" - option -* :vytask:`T1554` Intel NIC drivers now support receive side scaling and - multiqueue - -Resolved issues -^^^^^^^^^^^^^^^ - -* :vytask:`T1209` OSPF max-metric values over 100 no longer causes commit - errors -* :vytask:`T1333` Fixes issue with DNS forwarding not performing recursive - lookups on domain specific forwarders -* :vytask:`T1362` Special characters in VRRP passwords are handled correctly -* :vytask:`T1377` BGP weight is applied properly -* :vytask:`T1420` Fixed permission for log files -* :vytask:`T1425` Wireguard interfaces now support /31 addresses -* :vytask:`T1428` Wireguard correctly handles firewall marks -* :vytask:`T1439` DHCPv6 static mappings now work correctly -* :vytask:`T1450` Flood ping commands now works correctly -* :vytask:`T1460` Op mode "show firewall" commands now support counters longer - than 8 digits (T1460) -* :vytask:`T1465` Fixed priority inversion in VTI commands -* :vytask:`T1468` Fixed remote-as check in the BGP route-reflector-client option -* :vytask:`T1472` It's now possible to re-create VRRP groups with RFC - compatibility mode enabled -* :vytask:`T1527` Fixed a typo in DHCPv6 server help strings -* :vytask:`T1529` Unnumbered BGP peers now support VLAN interfaces -* :vytask:`T1530` Fixed "set system syslog global archive file" command -* :vytask:`T1531` Multiple fixes in cluster configuration scripts -* :vytask:`T1537` Fixed missing help text for "service dns" -* :vytask:`T1541` Fixed input validation in DHCPv6 relay options -* :vytask:`T1551` It's now possible to create a QinQ interface and a firewall - assigned to it in one commit -* :vytask:`T1559` URL filtering now uses correct rule database path and works - again -* :vytask:`T1579` "show log vpn ipsec" command works again -* :vytask:`T1576` "show arp interface " command works again -* :vytask:`T1605` Fixed regression in L2TP/IPsec server -* :vytask:`T1613` Netflow/sFlow captures IPv6 traffic correctly -* :vytask:`T1616` "renew dhcpv6" command now works from op mode -* :vytask:`T1642` BGP remove-private-as option iBGP vs eBGP check works - correctly now -* :vytask:`T1540`, :vytask:`T1360`, :vytask:`T1264`, :vytask:`T1623` Multiple - improvements in name servers and hosts configuration handling - -Internals -^^^^^^^^^ - -``/etc/resolv.conf`` and ``/etc/hosts`` files are now managed by the -*vyos-hostsd* service that listens on a ZMQ socket for update messages. - -1.2.2 ------ - -1.2.2 is a maintenance release made in July 2019. - -New features -^^^^^^^^^^^^ - -* Options for per-interface MSS clamping. -* BGP extended next-hop capability -* Relaxed BGP multipath option -* Internal and external options for "remote-as" (accept any AS as long as it's - the same to this router or different, respectively) -* "Unnumbered" (interface-based) BGP peers -* BGP no-prepend option -* Additive BGP community option -* OSPFv3 network type option -* Custom arguments for VRRP scripts -* A script for querying values from config files - -Resolved issues -^^^^^^^^^^^^^^^ - -* Linux kernel 4.19.54, including a fix for the TCP SACK vulnerability -* :vytask:`T1371` VRRP health-check scripts now can use arguments -* :vytask:`T1497` DNS server addresses coming from a DHCP server are now - correctly propagated to resolv.conf -* :vytask:`T1469` Domain-specific name servers in DNS forwarding are now used - for recursive queries -* :vytask:`T1433` ``run show dhcpv6 server leases`` now display leases correctly -* :vytask:`T1461` Deleting ``firewall options`` node no longer causes errors -* :vytask:`T1458` Correct hostname is sent to remote syslog again -* :vytask:`T1438` Board serial number from DMI is correctly displayed in - ``show version`` -* :vytask:`T1358`, :vytask:`T1355`, :vytask:`T1294` Multiple corrections in - remote syslog config -* :vytask:`T1255` Fixed missing newline in ``/etc/hosts`` -* :vytask:`T1174` ``system domain-name`` is correctly included in - ``/etc/resolv.conf`` -* :vytask:`T1465` Fixed priority inversion in ``interfaces vti vtiX ip`` - settings -* :vytask:`T1446` Fixed errors when installing with RAID1 on UEFI machines -* :vytask:`T1387` Fixed an error on disabling an interfaces that has no address -* :vytask:`T1367` Fixed deleting VLAN interface with non-default MTU -* :vytask:`T1505` vyos.config ``return_effective_values()`` function now - correctly returns a list rather than a string - -1.2.1 ------ - -VyOS 1.2.1 is a maintenance release made in April 2019. - -Resolved issues -^^^^^^^^^^^^^^^ - -* Package updates: kernel 4.19.32, open-vm-tools 10.3, latest Intel NIC drivers -* :vytask:`T1326` The kernel now includes drivers for various USB serial - adapters, which allows people to add a serial console to a machine without - onboard RS232, or connect to something else from the router -* The collection of network card firmware is now much more extensive -* :vytask:`T1271` VRRP now correctly uses a virtual rather than physical MAC - addresses in the RFC-compliant mode -* :vytask:`T1330` DHCP WPAD URL option works correctly again -* :vytask:`T1312` Many to many NAT rules now can use source/destination and - translation networks of non-matching size. If 1:1 network bits translation is - desired, it's now users responsibility to check if prefix length matches. -* :vytask:`T1290` IPv6 network prefix translation is fixed -* :vytask:`T1308` Non-alphanumeric characters such as ``>`` can now be safely - used in PPPoE passwords -* :vytask:`T1305` ``show | commands`` no longer fails when a config section ends - with a leaf node such as ``timezone`` in ``show system | commands`` -* :vytask:`T1235` ``show | commands`` correctly works in config mode now -* :vytask:`T1298` VTI is now compatible with the DHCP-interface IPsec option -* :vytask:`T1277` ``show dhcp server statistics`` command was broken in latest - Crux -* :vytask:`T1261` An issue with TFTP server refusing to listen on addresses - other than loopback was fixed -* :vytask:`T1224` Template issue that might cause UDP broadcast relay fail to - start is fixed -* :vytask:`T1067` VXLAN value validation is improved -* :vytask:`T1211` Blank hostnames in DHCP updates no longer can crash DNS - forwarding -* :vytask:`T1322` Correct configuration is now generated for DHCPv6 relays with - more than one upstream interface -* :vytask:`T1234` ``relay-agents-packets`` option works correctly now -* :vytask:`T1231` Dynamic DNS data is now cleaned on configuration change -* :vytask:`T1282` Remote Syslog can now use a fully qualified domain name -* :vytask:`T1279` ACPI power off works again -* :vytask:`T1247` Negation in WAN load balancing rules works again -* :vytask:`T1218` FRR staticd now starts on boot correctly -* :vytask:`T1296` The installer now correctly detects SD card devices -* :vytask:`T1225` Wireguard peers can be disabled now -* :vytask:`T1217` The issue with Wireguard interfaces impossible to delete - is fixed -* :vytask:`T1160` Unintended IPv6 access is fixed in SNMP configuration -* :vytask:`T1060` It's now possible to exclude hosts from the transparent - web proxy -* :vytask:`T484` An issue with rules impossible to delete from the zone-based - firewall is fixed - -Earlier releases -================ - -See `the wiki `_. diff --git a/docs/index.rst b/docs/index.rst index affde670..0b9138a4 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -52,7 +52,7 @@ VyOS User Guide :name: appendix :maxdepth: 2 - appendix/releasenotes + appendix/release-notes appendix/examples/index appendix/commandtree/index appendix/vyos-on-vmware -- cgit v1.2.3 From 432f13801f90622b154b214d050516dad2a320c6 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 2 Jan 2020 22:06:49 +0100 Subject: release-notes: use new vytask command --- docs/appendix/release-notes.rst | 114 ++++++++++++++++++++-------------------- 1 file changed, 57 insertions(+), 57 deletions(-) (limited to 'docs/appendix') diff --git a/docs/appendix/release-notes.rst b/docs/appendix/release-notes.rst index bbc930c8..b9c5ccbe 100644 --- a/docs/appendix/release-notes.rst +++ b/docs/appendix/release-notes.rst @@ -15,63 +15,63 @@ Release Notes Resolved issues ^^^^^^^^^^^^^^^ -* `T258 `_ Can not configure wan load-balancing on vyos-1.2 -* `T818 `_ SNMP v3 - remove required engineid from user node -* `T1030 `_ Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare API v4) -* `T1183 `_ BFD Support via FRR -* `T1299 `_ Allow SNMPd to be extended with custom scripts -* `T1351 `_ accel-pppoe adding CIDR based IP pool option -* `T1391 `_ In route-map set community additive -* `T1394 `_ syslog systemd and host_name.py race condition -* `T1401 `_ Copying files with the FTP protocol fails if the password contains special characters -* `T1421 `_ OpenVPN client push-route stopped working, needs added quotes to fix -* `T1430 `_ Add options for custom DHCP client-id and hostname -* `T1447 `_ Python subprocess called without import in host_name.py -* `T1470 `_ improve output of "show dhcpv6 server leases" -* `T1485 `_ Enable 'AdvIntervalOpt' option in for radvd.conf -* `T1496 `_ Separate rolling release and LTS kernel builds -* `T1560 `_ "set load-balancing wan rule 0" causes segfault and prevents load balancing from starting -* `T1568 `_ strip-private command improvement for additional masking of IPv6 and MAC address -* `T1578 `_ completion offers "show table", but show table does not exist -* `T1593 `_ Support ip6gre -* `T1597 `_ /usr/sbin/rsyslogd after deleting "system syslog" -* `T1638 `_ vyos-hostsd not setting system domain name -* `T1678 `_ hostfile-update missing line feed -* `T1694 `_ NTPd: Do not listen on all interfaces by default -* `T1701 `_ Delete domain-name and domain-search won't work -* `T1705 `_ High CPU usage by bgpd when snmp is active -* `T1707 `_ DHCP static mapping and exclude address not working -* `T1708 `_ Update Rolling Release Kernel to 4.19.76 -* `T1709 `_ Update WireGuard to 0.0.20190913 -* `T1716 `_ Update Intel NIC drivers to recent versions -* `T1726 `_ Update Linux Firmware binaries to a more recent version 2019-03-14 -> 2019-10-07 -* `T1728 `_ Update Linux Kernel to 4.19.79 -* `T1737 `_ SNMP tab completion missing -* `T1738 `_ Copy SNMP configuration from node to node raises exception -* `T1740 `_ Broken OSPFv2 virtual-link authentication -* `T1742 `_ NHRP unable to commit. -* `T1745 `_ dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop -* `T1749 `_ numeric validator doesn't support multiple ranges -* `T1769 `_ Remove complex SNMPv3 Transport Security Model (TSM) -* `T1772 `_ constraints in XML are partially broken -* `T1778 `_ Kilobits/Megabits difference in configuration Vyos/FRR -* `T1780 `_ Adding ipsec ike closeaction -* `T1786 `_ disable-dhcp-nameservers is missed in current host_name.py implementation -* `T1788 `_ Intel QAT (QuickAssist Technology ) implementation -* `T1792 `_ Update WireGuard to Debian release 0.0.20191012-1 -* `T1800 `_ Update Linux Kernel to v4.19.84 -* `T1809 `_ Wireless: SSID scan does not work in AP mode -* `T1811 `_ Upgrade from 1.1.8: Config file migration failed: module=l2tp -* `T1812 `_ DHCP: hostnames of clients not resolving after update v1.2.3 -> 1.2-rolling -* `T1819 `_ Reboot kills SNMPv3 configuration -* `T1822 `_ Priority inversion wireless interface dhcpv6 -* `T1825 `_ Improve DHCP configuration error message -* `T1836 `_ import-conf-mode-commands in vyos-1x/scripts fails to create an xml -* `T1839 `_ LLDP shows "VyOS unknown" instead of "VyOS" -* `T1841 `_ PPP ipv6-up.d direcotry missing -* `T1893 `_ igmp-proxy: Do not allow adding unknown interface -* `T1903 `_ Implementation udev predefined interface naming -* `T1904 `_ update eth1 and eth2 link files for the vep4600 +* :vytask:`T258` Can not configure wan load-balancing on vyos-1.2 +* :vytask:`T818` SNMP v3 - remove required engineid from user node +* :vytask:`T1030` Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare API v4) +* :vytask:`T1183` BFD Support via FRR +* :vytask:`T1299` Allow SNMPd to be extended with custom scripts +* :vytask:`T1351` accel-pppoe adding CIDR based IP pool option +* :vytask:`T1391` In route-map set community additive +* :vytask:`T1394` syslog systemd and host_name.py race condition +* :vytask:`T1401` Copying files with the FTP protocol fails if the password contains special characters +* :vytask:`T1421` OpenVPN client push-route stopped working, needs added quotes to fix +* :vytask:`T1430` Add options for custom DHCP client-id and hostname +* :vytask:`T1447` Python subprocess called without import in host_name.py +* :vytask:`T1470` improve output of "show dhcpv6 server leases" +* :vytask:`T1485` Enable 'AdvIntervalOpt' option in for radvd.conf +* :vytask:`T1496` Separate rolling release and LTS kernel builds +* :vytask:`T1560` "set load-balancing wan rule 0" causes segfault and prevents load balancing from starting +* :vytask:`T1568` strip-private command improvement for additional masking of IPv6 and MAC address +* :vytask:`T1578` completion offers "show table", but show table does not exist +* :vytask:`T1593` Support ip6gre +* :vytask:`T1597` /usr/sbin/rsyslogd after deleting "system syslog" +* :vytask:`T1638` vyos-hostsd not setting system domain name +* :vytask:`T1678` hostfile-update missing line feed +* :vytask:`T1694` NTPd: Do not listen on all interfaces by default +* :vytask:`T1701` Delete domain-name and domain-search won't work +* :vytask:`T1705` High CPU usage by bgpd when snmp is active +* :vytask:`T1707` DHCP static mapping and exclude address not working +* :vytask:`T1708` Update Rolling Release Kernel to 4.19.76 +* :vytask:`T1709` Update WireGuard to 0.0.20190913 +* :vytask:`T1716` Update Intel NIC drivers to recent versions +* :vytask:`T1726` Update Linux Firmware binaries to a more recent version 2019-03-14 -> 2019-10-07 +* :vytask:`T1728` Update Linux Kernel to 4.19.79 +* :vytask:`T1737` SNMP tab completion missing +* :vytask:`T1738` Copy SNMP configuration from node to node raises exception +* :vytask:`T1740` Broken OSPFv2 virtual-link authentication +* :vytask:`T1742` NHRP unable to commit. +* :vytask:`T1745` dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop +* :vytask:`T1749` numeric validator doesn't support multiple ranges +* :vytask:`T1769` Remove complex SNMPv3 Transport Security Model (TSM) +* :vytask:`T1772` constraints in XML are partially broken +* :vytask:`T1778` Kilobits/Megabits difference in configuration Vyos/FRR +* :vytask:`T1780` Adding ipsec ike closeaction +* :vytask:`T1786` disable-dhcp-nameservers is missed in current host_name.py implementation +* :vytask:`T1788` Intel QAT (QuickAssist Technology ) implementation +* :vytask:`T1792` Update WireGuard to Debian release 0.0.20191012-1 +* :vytask:`T1800` Update Linux Kernel to v4.19.84 +* :vytask:`T1809` Wireless: SSID scan does not work in AP mode +* :vytask:`T1811` Upgrade from 1.1.8: Config file migration failed: module=l2tp +* :vytask:`T1812` DHCP: hostnames of clients not resolving after update v1.2.3 -> 1.2-rolling +* :vytask:`T1819` Reboot kills SNMPv3 configuration +* :vytask:`T1822` Priority inversion wireless interface dhcpv6 +* :vytask:`T1825` Improve DHCP configuration error message +* :vytask:`T1836` import-conf-mode-commands in vyos-1x/scripts fails to create an xml +* :vytask:`T1839` LLDP shows "VyOS unknown" instead of "VyOS" +* :vytask:`T1841` PPP ipv6-up.d direcotry missing +* :vytask:`T1893` igmp-proxy: Do not allow adding unknown interface +* :vytask:`T1903` Implementation udev predefined interface naming +* :vytask:`T1904` update eth1 and eth2 link files for the vep4600 1.2.3 -- cgit v1.2.3