############ 1.5 Circinus ############ .. Please don't add anything by hand. This file is managed by the script: _ext/releasenotes.py 2024-01-12 ========== * :vytask:`T5925` ``(feature): Containers change systemd KillMode`` * :vytask:`T5919` ``(bug): Firewall - opmode for ipv6`` * :vytask:`T5306` ``(default): bgp config migration failed with v6only option configured with peer-group`` * :vytask:`T3429` ``(bug): Hyper-V integration services not working on VyOS 1.4 (sagitta/current)`` 2024-01-11 ========== * :vytask:`T5713` ``(bug): strip-private doesn't strip string after "secret"`` * :vytask:`T5532` ``(bug): After add system image the boot stuck and works again after the second reboot`` * :vytask:`T5814` ``(bug): VyOS 1.3 to 1.4 LTS Firewall ruleset migration script breaks configuration`` * :vytask:`T3191` ``(bug): PAM RADIUS freezing when accounting does not configured on RADIUS server`` * :vytask:`T5917` ``(feature): Restore annotations of (running)/(default boot) in select image list`` * :vytask:`T5916` ``(default): Added segment routing check for index size and SRGB size`` * :vytask:`T5913` ``(feature): Allow for Peer-Groups in ipv4-labeled-unicast SAFI`` 2024-01-10 ========== * :vytask:`T5918` ``(bug): Verification problem for `set vpn ipsec interface``` * :vytask:`T5911` ``(bug): pki: service update ignored if certificate name contains a hyphen (-)`` * :vytask:`T5886` ``(feature): Add support for ACME protocol (LetsEncrypt)`` * :vytask:`T5766` ``(bug): http: rewrite conf-mode script to get_config_dict()`` * :vytask:`T4256` ``(feature): Display static DHCP server leases in the operational command output`` * :vytask:`T5902` ``(bug): http: remove virtual-host configuration in webserver`` * :vytask:`T3316` ``(feature): Use Kea DHCP(v6) instead of ISC DHCP(v6)`` * :vytask:`T5791` ``(default): Update dynamic dns configuration path to be consistent with other areas of VyOS`` * :vytask:`T5708` ``(default): Additional dynamic dns improvements to align with ddclient 3.11.1 release`` * :vytask:`T5573` ``(bug): Fix ddclient cache entries`` * :vytask:`T5614` ``(default): Add conntrack helper matching on firewall`` 2024-01-09 ========== * :vytask:`T5898` ``(bug): Replace partprobe with partx due to unable to install VyOS`` * :vytask:`T5862` ``(bug): Default MTU is not acceptable in some environments`` * :vytask:`T5840` ``(feature): Upgrade Kea to 2.4.x`` * :vytask:`T5838` ``(feature): Add Infiniband kernel modules`` * :vytask:`T5785` ``(bug): API output of show container image broken`` * :vytask:`T5249` ``(feature): Add rollback-soft feature to rollback without a reboot`` * :vytask:`T2511` ``(feature): Migrate vyatta-op-quagga to new XML format`` * :vytask:`T5905` ``(bug): pki: IPsec and VTI interface priority inversion when using x509 site-to-site peer`` 2024-01-08 ========== * :vytask:`T5888` ``(bug): Firewall upgrade fails because of icmpv6`` * :vytask:`T5844` ``(bug): HTTPS API doesn't start without configured keys even when GraphQL authentication type is set to token`` * :vytask:`T5904` ``(feature): op-mode: add "show ipv6 route vrf " command`` 2024-01-07 ========== * :vytask:`T5899` ``(feature): VyOS vm images use bookworm repo`` * :vytask:`T5887` ``(feature): Upgrade Linux Kernel to 6.6.y (2023 LTS edition)`` 2024-01-06 ========== * :vytask:`T3214` ``(bug): OpenVPN IPv6 fixes`` 2024-01-05 ========== * :vytask:`T5894` ``(feature): Extend get_config_dict() with additional parameter with_pki that defaults to False`` 2024-01-03 ========== * :vytask:`T5880` ``(bug): verify_source_interface should not allow dynamic interfaces like ppp, l2tp, ipoe or sstpc client interfaces`` * :vytask:`T5879` ``(bug): tunnel: sourceing from dynamic pppoe0 interface will fail on reboots`` 2024-01-02 ========== * :vytask:`T5885` ``(default): image-tools: relax restriction on image-name length from 32 to 64`` 2024-01-01 ========== * :vytask:`T5883` ``(bug): Preserve file ownership in /config subdirs on add system image`` * :vytask:`T5474` ``(feature): Establish common file name pattern for XML conf mode commands`` 2023-12-30 ========== * :vytask:`T5875` ``(bug): login: removing and re-adding a user keeps the home directory but UID will change, thus SSH keys no longer work`` * :vytask:`T5653` ``(feature): Command to display fingerprint`` 2023-12-29 ========== * :vytask:`T5829` ``(bug): Can't Add IPv6 Address to Containers`` * :vytask:`T5852` ``(bug): Reboots fail with eapol WAN interface`` * :vytask:`T5869` ``(bug): vyos.template.first_host_address() does not honor RFC4291 section 2.6.1`` 2023-12-28 ========== * :vytask:`T5827` ``(bug): image-tools: 'show system image' Command Not in Order`` * :vytask:`T4163` ``(feature): [BMP-BGP] Routing monitoring feature`` * :vytask:`T5867` ``(feature): Upgrade podman to Debian Trixie version 4.7.x`` * :vytask:`T5866` ``(feature): Add op-mode command to restart IPv6 RA daemon`` * :vytask:`T5861` ``(bug): Flavor build system fails with third-party packages`` * :vytask:`T5854` ``(feature): Extend override-default script to allow embedded defaultValue settings`` * :vytask:`T5566` ``(feature): Be able to disable 802.3az/EEE (energy efficient ethernet) for a particular interface`` * :vytask:`T5792` ``(default): Upgrade ddclient 3.11.2 release`` 2023-12-25 ========== * :vytask:`T5855` ``(feature): Migrate "set service lldp snmp enable" -> `set service lldp snmp"`` * :vytask:`T5837` ``(bug): vyos.configdict.node_changed does not return keys per adding`` * :vytask:`T5856` ``(bug): SNMP service removal fails`` 2023-12-23 ========== * :vytask:`T5678` ``(feature): Improvements in PPPoE configuration`` 2023-12-22 ========== * :vytask:`T5804` ``(bug): SNAT "any" interface error`` 2023-12-21 ========== * :vytask:`T5807` ``(bug): NAT66 op-mode bugs`` * :vytask:`T5778` ``(bug): The show dhcp server leases operation mode command does not work as expected`` * :vytask:`T5775` ``(default): Migrated Firewall Global State Policy ineffective on latest firewall zone config`` * :vytask:`T5676` ``(bug): NAT66 source rule with negation source/destination prefix causes TypeError`` * :vytask:`T5637` ``(bug): Firewall default-action log`` * :vytask:`T5796` ``(bug): Openconnect - HTTPS security headers are missing`` 2023-12-20 ========== * :vytask:`T5823` ``(feature): Protocol BGP add default values for config dictionary`` * :vytask:`T5798` ``(enhancment): reverse-proxy load-balancing service should support multiple certificates for frontend`` 2023-12-19 ========== * :vytask:`T5828` ``(default): Fix GRUB installation on arm64`` 2023-12-18 ========== * :vytask:`T5751` ``(feature): Adjust new image tools for non-interactive use`` * :vytask:`T5831` ``(feature): show system image should reverse order by addition date`` * :vytask:`T5825` ``(bug): image-tools: restore authentication on 'add system image'`` * :vytask:`T5821` ``(bug): image-tools: restore vrf-aware 'add system image'`` * :vytask:`T5819` ``(bug): Don't echo password on install image`` * :vytask:`T5806` ``(bug): Clear old raid data on new install image`` * :vytask:`T5789` ``(bug): image-tools should copy ssh host keys on image update`` * :vytask:`T5758` ``(default): Restore scanning configs when live installing`` 2023-12-15 ========== * :vytask:`T5824` ``(bug): busybox cannot connect some websites from initramfs`` * :vytask:`T5770` ``(bug): MACsec not encrypting`` * :vytask:`T5803` ``(default): git/github: Adjust configuration for safe and baseline defaults`` 2023-12-14 ========== * :vytask:`T5773` ``(bug): Unable to load config via HTTP`` * :vytask:`T5816` ``(bug): BGP Large Community List Validation Broken`` * :vytask:`T5812` ``(bug): rollback check max revision number does not work`` * :vytask:`T5749` ``(feature): Show MAC address VRF and MTU by default for "show interfaces"`` * :vytask:`T5774` ``(bug): commit-archive to FTP server broken after update (VyOS 1.5-rolling)`` * :vytask:`T5826` ``(default): Add dmicode as an explicit dependency`` * :vytask:`T5793` ``(default): mdns-repeater: Cleanup avahi-daemon configuration in /etc`` 2023-12-13 ========== * :vytask:`T591` ``(feature): Support SRv6`` 2023-12-12 ========== * :vytask:`T5815` ``(enhancment): Add load_config module`` 2023-12-11 ========== * :vytask:`T5741` ``(bug): WAN Load Balancing failover route tables aren't created`` 2023-12-10 ========== * :vytask:`T5658` ``(default): Add VRF support for mtr`` 2023-12-09 ========== * :vytask:`T5808` ``(bug): op-mode: ipv6 ospfv3 graceful-restart description contains incorrect info`` * :vytask:`T5802` ``(bug): ping (ip or hostname) interface produces error`` * :vytask:`T5747` ``(feature): op-mode add MAC VRF and MTU for show interfaces summary`` * :vytask:`T3983` ``(bug): show pki certificate Doesnt show x509 certificates`` 2023-12-08 ========== * :vytask:`T5782` ``(enhancment): Use a single config mode script for https and http-api`` * :vytask:`T5768` ``(enhancment): Remove auxiliary http-api.conf for simplification of http-api config mode script`` 2023-12-04 ========== * :vytask:`T5769` ``(bug): VTI tunnels lose their v6 Link Local addresses when set down/up`` 2023-12-03 ========== * :vytask:`T5753` ``(feature): Add VXLAN vnifilter support`` * :vytask:`T5759` ``(feature): Change VXLAN default MTU to 1500 bytes`` 2023-11-27 ========== * :vytask:`T5763` ``(bug): Fix imprecise check for remote file name in vyos-load-config.py`` * :vytask:`T5783` ``(feature): frr: smoketests must notice any daemon crash`` 2023-11-26 ========== * :vytask:`T5760` ``(feature): DHCP client custom dhcp-options`` * :vytask:`T2405` ``(feature): archive to GIT or other platform`` 2023-11-25 ========== * :vytask:`T5655` ``(bug): commit-archive: Ctrl+C should not eror out with stack trace, signal should be cought`` 2023-11-24 ========== * :vytask:`T5776` ``(feature): Enable VFIO support`` * :vytask:`T5402` ``(bug): VRRP router with rfc3768-compatibility sends multiple ARP replies`` 2023-11-23 ========== * :vytask:`T5659` ``(bug): VPP cannot add interface to dataplane if it already has an address configured`` 2023-11-22 ========== * :vytask:`T5767` ``(feature): Add reboot and poweroff the system via API`` * :vytask:`T5729` ``(bug): Firewall, nat and policy route - Switch to valueless`` * :vytask:`T5681` ``(feature): Interface match - Simplified and unified cli`` * :vytask:`T5643` ``(feature): NAT - Allow interface groups on nat rules`` * :vytask:`T5616` ``(feature): Firewall mark - Add capabilities for matching firewall mark`` * :vytask:`T5590` ``(default): Firewall "log enable" logs every packet`` 2023-11-21 ========== * :vytask:`T5762` ``(bug): http: api: smoketests fail as they can not establish IPv6 connection to uvicorn backend server`` 2023-11-18 ========== * :vytask:`T1354` ``(feature): Add support for VLAN-Aware bridges`` 2023-11-16 ========== * :vytask:`T5726` ``(bug): HTTPS API image cannot be updated`` * :vytask:`T5738` ``(feature): Extend XML building blocks`` * :vytask:`T5736` ``(feature): igmp: migrate "protocols igmp" to "protocols pim"`` * :vytask:`T5733` ``(feature): pim(6): rewrite FRR PIM daemon configuration to get_config_dict() and add missing IGMP features`` * :vytask:`T5689` ``(default): FRR 9.0.1 in VyOS current segfaults on show rpki prefix $prefix`` * :vytask:`T5595` ``(feature): Multicast - PIM bfd feature enable`` 2023-11-15 ========== * :vytask:`T5695` ``(feature): Build FRR with LUA scripts --enable-scripting option`` * :vytask:`T5677` ``(bug): show lldp neighbors generates TypeError when neighbor has no `descr``` * :vytask:`T5728` ``(bug): Improve compatibility between OpenVPN on VyOS 1.5 and OpenVPN Connect Client`` * :vytask:`T5732` ``(bug): generate firewall rule-resequence drops geoip country-code from output`` * :vytask:`T5661` ``(enhancment): Add show show ssh dynamic-protection attacker and show log ssh dynamic-protection`` 2023-11-13 ========== * :vytask:`T5698` ``(feature): EVPN ESI Multihoming`` * :vytask:`T5563` ``(bug): container: Container environment variable cannot be set`` * :vytask:`T5706` ``(bug): Systemd-udevd high CPU utilization for multiple dynamic ppp/l2tp/ipoe interfaces`` 2023-11-10 ========== * :vytask:`T5727` ``(bug): validator: Use native URL validator instead of regex-based validator`` 2023-11-08 ========== * :vytask:`T5720` ``(bug): PPPoE-server adding new interface does not work`` * :vytask:`T5716` ``(bug): PPPoE-server shaper template bug down-limiter option does not rely on fwmark`` * :vytask:`T5702` ``(feature): Add ability to set include_ifmib_iface_prefix and ifmib_max_num_ifaces for SNMP`` * :vytask:`T5693` ``(feature): Adding variable vyos_persistence_dir (and improve variable vyos_rootfs_dir)`` * :vytask:`T5648` ``(bug): ldpd neighbour template errors`` * :vytask:`T5564` ``(bug): Both show firewall group and show firewall summary fails`` * :vytask:`T5559` ``(feature): Selective proxy-arp/proxy-ndp when doing SNAT/DNAT`` * :vytask:`T5541` ``(bug): Zone-Based Firewalling in VyOS Sagitta 1.4`` 2023-11-07 ========== * :vytask:`T5586` ``(feature): Disable by default SNMP for Keepalived VRRP`` 2023-11-06 ========== * :vytask:`T5705` ``(bug): rsyslog - Not working when using facility=all`` * :vytask:`T5704` ``(feature): PPPoE-server add max-starting option`` * :vytask:`T5707` ``(bug): Wireguard peer public key update leaves redundant peers and breaks connectivity`` 2023-11-03 ========== * :vytask:`T5700` ``(bug): Monitoring telegraf deprecated plugins inputs outputs`` 2023-11-02 ========== * :vytask:`T5701` ``(feature): Update telegraf package`` 2023-11-01 ========== * :vytask:`T5690` ``(bug): Change to definition of environment variable 'vyos_rootfs_dir' is incorrect`` 2023-10-31 ========== * :vytask:`T5699` ``(feature): vxlan: migrate "external" CLI know to "parameters external"`` * :vytask:`T5668` ``(feature): Disable VXLAN bridge learning and enable neigh_suppress when using EVPN`` 2023-10-27 ========== * :vytask:`T5663` ``(bug): pmacct package contains unwanted data`` * :vytask:`T5652` ``(bug): Config migrate to image upgrade does not properly generate home directory`` 2023-10-26 ========== * :vytask:`T5683` ``(bug): reverse-proxy pki filenames mismatch`` * :vytask:`T5600` ``(bug): Firewall - Remove or extend constraint on 'interface-name'`` * :vytask:`T5598` ``(bug): unknown parameter 'nf_conntrack_helper' ignored`` * :vytask:`T5571` ``(bug): Firewall does not delete networks from the table raw`` * :vytask:`T4903` ``(bug): conntrack ignore does not suppotr IPv6 addresses`` * :vytask:`T4309` ``(feature): Support network/address-groups and ipv6-network/ipv6-address-groups in conntrack ignore`` * :vytask:`T5594` ``(bug): VRRP - Error if using IPv6 Link Local as hello source address`` * :vytask:`T5606` ``(feature): IPSec VPN: Allow multiple CAs certificates`` * :vytask:`T5568` ``(default): Install image from live ISO always defaults boot to KVM entry`` * :vytask:`T5558` ``(default): Update config test to check resulting migrations`` 2023-10-23 ========== * :vytask:`T5299` ``(bug): QoS shaper ceiling does not work`` * :vytask:`T5667` ``(feature): BGP label-unicast - enable ecmp`` 2023-10-22 ========== * :vytask:`T5254` ``(bug): Modification of any interface setting sets MTU back to default when MTU has been inherited from a bond`` * :vytask:`T5671` ``(feature): vxlan: change port to IANA assigned default port`` 2023-10-21 ========== * :vytask:`T5670` ``(bug): bridge: missing member interface validator`` * :vytask:`T5617` ``(feature): Add an option to exclude single values to the numeric validator`` 2023-10-20 ========== * :vytask:`T5233` ``(bug): Op-mode flow-accounting netflow with disable-imt errors`` * :vytask:`T5232` ``(bug): Flow-accounting uacctd.service cannot restart correctly`` 2023-10-19 ========== * :vytask:`T4913` ``(default): Rewrite the wireless op mode in the new style`` 2023-10-18 ========== * :vytask:`T5642` ``(bug): op cmd: generate tech-support archive: does not work`` * :vytask:`T5521` ``(bug): Home owner directory changed to vyos for the user after reboot`` 2023-10-17 ========== * :vytask:`T5662` ``(bug): Fix indexing error in configdep script organization`` * :vytask:`T5644` ``(bug): Firewall groups deletion can break config`` 2023-10-16 ========== * :vytask:`T5165` ``(feature): Policy local-route ability set protocol and port`` 2023-10-14 ========== * :vytask:`T5629` ``(bug): Policy local-route bug after migration to destination node address`` 2023-10-12 ========== * :vytask:`T5649` ``(bug): vyos-1x should generate XML cache after building command templates for less cryptic error on typo`` 2023-10-10 ========== * :vytask:`T5589` ``(bug): Nonstripped binaries exists in VyOS`` * :vytask:`T5489` ``(feature): Change to BBR as TCP congestion control, or at least make it an config option`` 2023-10-08 ========== * :vytask:`T5630` ``(feature): pppoe: allow to specify MRU in addition to already configurable MTU`` 2023-10-06 ========== * :vytask:`T5576` ``(feature): Add bgp remove-private-as all option`` 2023-10-05 ========== * :vytask:`T4320` ``(default): Remove legacy version files in vyatta-cfg-system/cfg-version`` 2023-10-04 ========== * :vytask:`T5632` ``(feature): Add jq package to parse JSON files`` * :vytask:`T3655` ``(bug): NAT Problem with VRF`` * :vytask:`T5585` ``(bug): Fix file access mode for dynamic dns configuration`` 2023-10-03 ========== * :vytask:`T5618` ``(bug): Flow-accounting crushes when IMT is enabled`` * :vytask:`T5579` ``(bug): Log firewall - Wrong command after firewall refactor`` * :vytask:`T5561` ``(feature): NAT - Inbound or outbound interface should not be mandatory`` * :vytask:`T5626` ``(feature): Only select required Kernel CGROUP controllers`` * :vytask:`T5628` ``(feature): op-mode: login: DeprecationWarning: 'spwd'`` 2023-09-28 ========== * :vytask:`T5596` ``(feature): bgp: add new features from FRR 9`` * :vytask:`T5412` ``(feature): Add support for extending config-mode dependencies in supplemental package`` 2023-09-24 ========== * :vytask:`T5604` ``(bug): List of debian archives is out of date (non-free-firmware is missing)`` * :vytask:`T5591` ``(feature): Cleanup of FRR daemons-file and various FRR fixes`` 2023-09-22 ========== * :vytask:`T5602` ``(feature): For reverse-proxy type of load-balancing feature, support "backup" option in backends configuration`` * :vytask:`T5609` ``(enhancment): Add util to get drive device name from id`` * :vytask:`T5608` ``(enhancment): Rewrite add/delete raid member to Python and remove from vyatta-op`` * :vytask:`T5607` ``(bug): Adjust RAID smoketest for non-deterministic SCSI device probing`` 2023-09-20 ========== * :vytask:`T5588` ``(bug): Add kernel conntrack_bridge module`` * :vytask:`T5241` ``(feature): Support veth interfaces to working with netns`` * :vytask:`T5592` ``(feature): salt: upgrade minion to 3005.2`` 2023-09-19 ========== * :vytask:`T5597` ``(feature): isis: add new features from FRR 9.`` 2023-09-18 ========== * :vytask:`T5575` ``(bug): ARP/NDP table-size isnt set properly`` 2023-09-15 ========== * :vytask:`T5587` ``(bug): Firwall can not pass the smoketest`` * :vytask:`T5581` ``(feature): Add "show ip nht" op-mode command (IPv4 nexthop tracking table)`` 2023-09-11 ========== * :vytask:`T5562` ``(bug): Smoketests fail for vyos:current (test_netns.py)`` * :vytask:`T5551` ``(bug): Missing check for boot_configuration_complete raises error in vyos-save-config.py`` * :vytask:`T5353` ``(bug): config-mgmt: normalize archive updates and commit log entries`` 2023-09-10 ========== * :vytask:`T5555` ``(bug): Fix timezone migrator (system 13-to-14)`` 2023-09-09 ========== * :vytask:`T5423` ``(bug): ipsec: no output for op-cmd "show vpn ike secrets"`` 2023-09-08 ========== * :vytask:`T5560` ``(bug): VyOS version in current branch should be changed from 1.4 to 1.5`` 2023-09-07 ========== * :vytask:`T5556` ``(bug): reboot now and poweroff does not work`` 2023-09-06 ========== * :vytask:`T5548` ``(bug): HAProxy renders timeouts incorrectly``