1.4 Sagitta

2023-11-18

T1354 (feature): Add support for VLAN-Aware bridges

2023-11-16

T5726 (bug): HTTPS API image cannot be updated
T5738 (feature): Extend XML building blocks
T5736 (feature): igmp: migrate "protocols igmp" to "protocols pim"
T5733 (feature): pim(6): rewrite FRR PIM daemon configuration to get_config_dict() and add missing IGMP features
T5689 (default): FRR 9.0.1 in VyOS current segfaults on show rpki prefix $prefix
T5595 (feature): Multicast - PIM bfd feature enable
T3638 (bug): Passwords With Dollar Sign Set Incorrectly

2023-11-15

T5695 (feature): Build FRR with LUA scripts --enable-scripting option
T5665 (bug): radius user not working
T5728 (bug): Improve compatibility between OpenVPN on VyOS 1.5 and OpenVPN Connect Client
T5732 (bug): generate firewall rule-resequence drops geoip country-code from output
T5661 (enhancment): Add show show ssh dynamic-protection attacker and show log ssh dynamic-protection
T1276 (bug): dhcp relay + VLAN fails

2023-11-13

T5698 (feature): EVPN ESI Multihoming
T5563 (bug): container: Container environment variable cannot be set
T5706 (bug): Systemd-udevd high CPU utilization for multiple dynamic ppp/l2tp/ipoe interfaces

2023-11-10

T5727 (bug): validator: Use native URL validator instead of regex-based validator

2023-11-08

T5720 (bug): PPPoE-server adding new interface does not work
T5716 (bug): PPPoE-server shaper template bug down-limiter option does not rely on fwmark
T5702 (feature): Add ability to set include_ifmib_iface_prefix and ifmib_max_num_ifaces for SNMP
T5648 (bug): ldpd neighbour template errors
T5564 (bug): Both show firewall group and show firewall summary fails
T5559 (feature): Selective proxy-arp/proxy-ndp when doing SNAT/DNAT
T5541 (bug): Zone-Based Firewalling in VyOS Sagitta 1.4
T5513 (bug): Anomalies in show firewall command after refactoring
T4864 (bug): `show firewall` command errors

2023-11-07

T5586 (feature): Disable by default SNMP for Keepalived VRRP

2023-11-06

T5705 (bug): rsyslog - Not working when using facility=all
T5704 (feature): PPPoE-server add max-starting option
T5707 (bug): Wireguard peer public key update leaves redundant peers and breaks connectivity
T4269 (feature): node.def generator should automatically add default values

2023-11-05

T4020 (feature): Add ability to control FRR daemons options

2023-11-03

T5700 (bug): Monitoring telegraf deprecated plugins inputs outputs
T5018 (bug): Redirect to IFB removed after change in qos policy

2023-11-02

T5701 (feature): Update telegraf package

2023-11-01

T5690 (bug): Change to definition of environment variable 'vyos_rootfs_dir' is incorrect

2023-10-31

T5699 (feature): vxlan: migrate "external" CLI know to "parameters external"
T5668 (feature): Disable VXLAN bridge learning and enable neigh_suppress when using EVPN

2023-10-27

T5652 (bug): Config migrate to image upgrade does not properly generate home directory
T4057 (bug): Commit time for deleting sflow configuration ~1.5 min

2023-10-26

T5683 (bug): reverse-proxy pki filenames mismatch
T4903 (bug): conntrack ignore does not suppotr IPv6 addresses
T4309 (feature): Support network/address-groups and ipv6-network/ipv6-address-groups in conntrack ignore
T5606 (feature): IPSec VPN: Allow multiple CAs certificates
T5650 (default): Progressbars suffer from staircasing effect
T5568 (default): Install image from live ISO always defaults boot to KVM entry
T3509 (default): No BCP38 for IPv6 on VyOS

2023-10-23

T5299 (bug): QoS shaper ceiling does not work
T5667 (feature): BGP label-unicast - enable ecmp
T5337 (bug): MPLS/BGP: Route leak does not happen from the VPNv4 table to specific vrf

2023-10-22

T5254 (bug): Modification of any interface setting sets MTU back to default when MTU has been inherited from a bond
T5671 (feature): vxlan: change port to IANA assigned default port

2023-10-21

T5670 (bug): bridge: missing member interface validator
T5617 (feature): Add an option to exclude single values to the numeric validator
T5414 (bug): dhcp-server does not allow valid bootfile-names
T5261 (feature): Add AWS gateway load-balanceing tunnel handler (gwlbtun)
T5260 (bug): Python3 module crypt is deprecated
T5191 (default): Replace underscores with hyphens in command-line options generated by vyos.opmode
T5172 (default): Set Python3 version dependency for vyos-1x to 3.10
T4956 (default): 'show hardware cpu' issue on arm64
T4837 (default): Expose "show ip route summary" in the op mode API
T4770 (feature): Rewrite OpenVPN op-mode to vyos.opmode format
T4657 (bug): op-mode scripts with type hints in `return` do not work
T4604 (bug): bgpd eats huge amount of memory (about 500Megs a day)
T4432 (default): Display load average normalized according to the number of CPU cores
T4416 (default): Convert 'traceroute' operation to the new syntax and expand available options using python
T4402 (bug): OpenVPN client-ip-pool option is broken
T3433 (default): A review of the use of racist language in VyOS
T2719 (feature): Standardized op mode script structure

2023-10-20

T5233 (bug): Op-mode flow-accounting netflow with disable-imt errors
T5232 (bug): Flow-accounting uacctd.service cannot restart correctly

2023-10-19

T4913 (default): Rewrite the wireless op mode in the new style

2023-10-18

T5642 (bug): op cmd: generate tech-support archive: does not work
T5521 (bug): Home owner directory changed to vyos for the user after reboot

2023-10-17

T5662 (bug): Fix indexing error in configdep script organization
T5235 (bug): SSH keys with special characters cannot be applied via Cloud-init

2023-10-16

T5165 (feature): Policy local-route ability set protocol and port

2023-10-14

T5629 (bug): Policy local-route bug after migration to destination node address

2023-10-13

T5227 (feature): mDNS reflector should allow additional domains to browse and allow filtering services
T5166 (feature): Remove local minisign package from build repo for 1.4
T5118 (bug): Cleanup vestigial ntp completion script
T5115 (default): Support custom port for name servers for forwarding zones
T5113 (default): PDNS: Support custom port for DNS forwarders
T5112 (feature): Enable support for Network Time Security (NTS) for chrony
T5143 (enhancment): Apply constraint on powerdns forward-zones configuration

2023-10-12

T5649 (bug): vyos-1x should generate XML cache after building command templates for less cryptic error on typo

2023-10-10

T5489 (feature): Change to BBR as TCP congestion control, or at least make it an config option
T5479 (bug): Helper leftovers found in nftables (firewall) even with all helpers disabled
T5436 (bug): vyos-preconfig-bootup.script is missing
T5014 (feature): Destination NAT - Add Load Balancing capabilities

2023-10-08

T5630 (feature): pppoe: allow to specify MRU in addition to already configurable MTU

2023-10-06

T5096 (feature): Change 'accept' firewall rule action from 'return' to 'accept'
T5576 (feature): Add bgp remove-private-as all option
T3506 (default): Migrate loadkey command to op-mode

2023-10-05

T4320 (default): Remove legacy version files in vyatta-cfg-system/cfg-version

2023-10-04

T5632 (feature): Add jq package to parse JSON files
T3655 (bug): NAT Problem with VRF
T5585 (bug): Fix file access mode for dynamic dns configuration

2023-10-03

T5618 (bug): Flow-accounting crushes when IMT is enabled
T5561 (feature): NAT - Inbound or outbound interface should not be mandatory
T5553 (feature): Firewall - Add action continue
T5250 (bug): Firewall - show firewall group
T4383 (bug): Flow Accounting returns permission error and fails to start
T5626 (feature): Only select required Kernel CGROUP controllers
T5628 (feature): op-mode: login: DeprecationWarning: 'spwd'

2023-10-01

T936 (feature): Reimplementation of tech-support diagnostic file generation

2023-09-30

T5048 (bug): QoS doesn't work correctly root task
T4989 (bug): QoS Policy Limiter - classes for marked traffic do not work

2023-09-28

T5596 (feature): bgp: add new features from FRR 9
T5412 (feature): Add support for extending config-mode dependencies in supplemental package

2023-09-26

T5480 (bug): Ability to disable SNMP for VRRP keepalived service

2023-09-25

T5533 (bug): Keepalived VRRP IPv6 group enters in FAULT state

2023-09-24

T5511 (feature): Cleanup of unused directories (and files) in order to shrink image-size

2023-09-23

T5518 (default): Add MLD protocol support

2023-09-22

T5602 (feature): For reverse-proxy type of load-balancing feature, support "backup" option in backends configuration
T5609 (enhancment): Add util to get drive device name from id
T5608 (enhancment): Rewrite add/delete raid member to Python and remove from vyatta-op
T5607 (bug): Adjust RAID smoketest for non-deterministic SCSI device probing

2023-09-20

T5588 (bug): Add kernel conntrack_bridge module
T5271 (default): Add support for peer-fingerprint to OpenVPN
T5241 (feature): Support veth interfaces to working with netns
T5238 (default): interface virtual-etherne - error when it doesn't use a peer
T5592 (feature): salt: upgrade minion to 3005.2

2023-09-19

T5597 (feature): isis: add new features from FRR 9.
T4284 (feature): QoS: rewrite to XML and Python

2023-09-18

T5419 (feature): Software/Hardware fastpath with nftables flowtable

2023-09-15

T5581 (feature): Add "show ip nht" op-mode command (IPv4 nexthop tracking table)

2023-09-11

T5567 (bug): vyos-1x: webproxy: maximum-object-size allowed ranges not in sync with Equuleus
T5551 (bug): Missing check for boot_configuration_complete raises error in vyos-save-config.py
T5353 (bug): config-mgmt: normalize archive updates and commit log entries
T3424 (default): PPPoE IA-PD doesn't work in VRF
T2773 (feature): EIGRP support for VRF

2023-09-10

T5565 (bug): Builds as vyos-999-timestamp instead of vyos-1.4-rolling-timestamp
T5555 (bug): Fix timezone migrator (system 13-to-14)
T5529 (bug): Missing symbolic link in linux-firmware package.

2023-09-09

T5540 (bug): vyos-1x: Wrong VHT configuration for WiFi 802.11ac
T5423 (bug): ipsec: no output for op-cmd "show vpn ike secrets"
T3700 (feature): Support VLAN tunnel mapping of VLAN aware bridges

2023-09-08

T5502 (bug): Firewall - wrong parser for inbound and/or outbound interface
T5460 (feature): Firewall - remove config-trap
T5450 (feature): Firewall interface group - Allow inverted matcher
T4426 (default): Add arpwatch to the image
T4356 (bug): DHCP v6 client only supports single interface configuration

2023-09-07

T5510 (feature): Shrink imagesize and improve read performance by changing mksquashfs syntax

2023-09-06

T5542 (bug): ipoe-server: external-dhcp(dhcp-relay) not woking / not implemented
T5548 (bug): HAProxy renders timeouts incorrectly
T5544 (feature): Allow CAP_SYS_MODULE to be set on containers

2023-09-05

T5524 (feature): Add config directory to liveCD
T5519 (bug): Function `call` sometimes hangs
T5508 (bug): Configuration Migration Fails to New Netfilter Firewall Syntax
T5495 (feature): Enable snmp module also for frr/ldpd
T2958 (bug): DHCP server doesn't work from a live CD
T5428 (bug): dhcp: client renewal fails when running inside VRF

2023-09-04

T5536 (bug): show dhcp client leases caues No module named 'vyos.validate'
T5506 (bug): Container bridge interfaces do not have a link-local address

2023-09-03

T5538 (bug): Change order within variable lb_config_tmpl to fit order of manpage and fix some typos
T4612 (feature): Support arbitrary netmasks in firewall rules

2023-08-31

T5190 (feature): Cloud-Init cannot fetch Meta-data on machines where the main Ethernet interface is not eth0
T4895 (bug): Tag nodes are overwritten when configured by Cloud-Init from User-Data
T4776 (bug): NVME storage is not detected properly during installation
T5531 (feature): Containers add label option
T5525 (default): Change dev.packages.vyos.net repo to rolling-packages.vyos.net vyos-build:current uses

2023-08-30

T4933 (default): Malformed lines cause vyos.util.colon_separated_to_dict fail with a nondescript error
T4790 (bug): RADIUS login does not work if sum of timeouts more than 50s
T4113 (bug): Incorrect GRUB configuration parsing
T5520 (bug): Likely source of corruption on system update exposed by change in coreutils for Bookworm
T4151 (feature): IPV6 local PBR Support
T4485 (default): OpenVPN: Allow multiple CAs certificates

2023-08-29

T3940 (bug): DHCP client does not remove IP address when stopped by the 02-vyos-stopdhclient hook
T3713 (default): Create a meta-package for user utilities
T3339 (bug): Cloud-Init domain search setting not applied
T3577 (bug): Generating vpn x509 key pair fails with command not found

2023-08-28

T4745 (bug): CLI TAB issue with values with '-' at the beginning in conf mode
T5472 (bug): NAT redirect should not require port

2023-08-27

T4759 (bug): domain-group on policy route not working
T1097 (feature): Make firewall groups work everywhere that's appropropriate

2023-08-26

T5039 (bug): Can't add new local user
T5023 (bug): PKI commit fails to update dependents
T4512 (feature): enable-default-log on zone-policy
T5003 (default): Upgrade base system to Debian 12 "Bookworm"

2023-08-25

T5468 (feature): Remove unused manpages to free up space
T5463 (feature): Containers allow publish IPv6 address port
T4412 (bug): commit archive: reboot not working with sftp
T3702 (feature): Policy: Allow routing by fwmark
T3536 (default): Unable to list all available routes

2023-08-24

T5448 (feature): Add service zabbix-agent
T5006 (bug): Http api segfault with concurrent requests
T5505 (feature): system: zebra route-map is not removed from FRR
T5305 (bug): REST API configure operation should not be defined as async
T4292 (feature): Rewrite vyatta-save-config.pl to Python

2023-08-23

T5478 (bug): Cannot configure resolver-cache options for firewall
T5466 (feature): L3VPN - label allocation mode
T5453 (bug): Fix nat66 - broken after load-balance was introduced in nat
T5446 (bug): bgp: validity check for bestpath med option
T5500 (feature): Minor fixes to configtree render
T5469 (default): Incorrect dependency set in the openvpn-dco package when building VyOS for arm64
T5387 (feature): dhcp6c: add a no release option
T5491 (feature): Hostapd - AP-Mode - allow white-/blacklisting of Clients
T4889 (default): Add nftables NAT REDIRECT [to localhost] to CLI

2023-08-22

T5407 (bug): Static routes pointed to container networks fail to persist after reboot

2023-08-20

T5470 (bug): wlan: can not disable interface if SSID is not configured

2023-08-18

T5488 (bug): System conntrack ignore does not take any effect

2023-08-17

T4202 (bug): NFT: Zone policies fail to apply when "l2tp+" is in the interface list
T5409 (feature): Add 'set interfaces wireguard wgX threaded'
T5476 (feature): netplug: replace Perl helper scripts with a Python equivalent
T5223 (bug): tunnel key doesn't clear
T5490 (feature): login: add missing regex for home direcotry and radius server key

2023-08-16

T5483 (bug): Residual dhcp-server test file causing zabbix-agent smoketest to fail

2023-08-15

T5293 (feature): Support for Floating Rules (Global Firewall-Rules that are automatically applied before all other Zone Rules)
T5273 (default): Add op mode commands for displaying certificate details and fingerprints
T5270 (default): Make OpenVPN `tls dh-params` optional

2023-08-14

T5477 (bug): op-mode pki.py should use Config for defaults
T5461 (feature): Improve rootfs directory variable
T5457 (feature): Add environmental variable pointing to current rootfs directory
T5440 (bug): Restore pre/postconfig scripts if user deleted them

2023-08-12

T5467 (bug): ospf(v3): removing an interface from the OSPF process does not clear FRR configuration

2023-08-11

T5465 (feature): adjust-mss: config migration fails if applied to a VLAN or Q-in-Q interface
T2665 (bug): vyos.xml.defaults for tag nodes
T5434 (enhancment): Replace remaining calls of vyos.xml library
T5319 (enhancment): Remove remaining workarounds for incorrect defaults
T5464 (feature): ipv6: add support for per-interface dad (duplicate address detection) setting

2023-08-10

T5416 (bug): Ignoring "ipsec match-none" for firewall
T5329 (bug): Wireguard interface as GRE tunnel source causes configuration error on boot

2023-08-09

T5452 (bug): Uncaught error in generate_cache during vyos-1x build
T5443 (enhancment): Add merge_defaults as Config method
T5435 (enhancment): Expose utility function for default values at path

2023-08-07

T5406 (bug): "update webproxy blacklists" fails when vrf is being configured
T5302 (bug): QoS class with multiple matches generates one filter rule but expects several rules
T5266 (bug): QoS- HTB error when match with a dscp parameter for queue-type 'priority'
T5071 (bug): QOS-Rewrite: DSCP match missing

2023-08-06

T5420 (feature): nftables - upgrade to latest 1.0.8
T5445 (feature): dyndns: add possibility to specify update interval (timeout)

2023-08-05

T5291 (bug): vyatta-cfg-cmd-wrapper missing ${vyos_libexec_dir} variable
T5290 (bug): Failing commits for SR-IOV interfaces using ixgbevf driver due to change speed/duplex settings
T5439 (bug): Upgrade to FRR version 9.0 added new daemons which must be adjusted

2023-08-04

T5427 (bug): Change migration script len arguments checking

2023-08-03

T5301 (bug): NTP: chrony only allows one bind address
T5154 (bug): Chrony - multiple listen addresses

2023-08-02

T5374 (feature): Ability to set 24-hour time format
T5350 (bug): Confusing warning message when committing VRRP config
T5430 (bug): bridge: vxlan interfaces are not listed as bridgable in completion helpers
T5429 (bug): vxlan: source-interface is not honored and throws config error
T5415 (feature): Upgrade FRR to version 9.0
T5422 (feature): Support LXD Agent

2023-08-01

T5399 (bug): "show ntp" fails when vrf is being configured
T5346 (bug): MPLS sysctl not persistent for L2TP interfaces
T5343 (feature): BGP peer group VPNv4 & VPNv6 Address Family Support
T5339 (feature): Geneve interface - option to use IPv4 as inner protocol
T5335 (bug): ISIS: error when loading config from file

2023-07-31

T5421 (feature): Add arg to completion helper 'list_interfaces' to filter out vlan subinterfaces

2023-07-29

T5403 (feature): Add support for extending xml cache

2023-07-28

T4602 (bug): DHCP `ping-check` enabled by default
T5411 (feature): Remove old background monitoring implementation
T5317 (enhancment): configtree: remove mutable references
T5316 (enhancment): configtree: use a single pass of the diff algorithm

2023-07-27

T5368 (feature): FastNetmon service ids ddos-protection add support sflow mode

2023-07-26

T5398 (bug): FRR mangles container network interface names
T5365 (bug): Container systemd units require authentication
T4974 (feature): OpenVPN- Data Channel Offload(DCO)

2023-07-25

T5377 (feature): ospf: add graceful restart FRR feature (RFC 3623)

2023-07-21

T5373 (bug): LLDP seems to be running even if its disabled on all interfaces
T5328 (default): bgp: Incorrect warning showed for address-family configured with neighbor as interface
T5363 (bug): Bash history file does not exists after reboot and ony other file in home directory
T5385 (bug): reference_tree: catch parse error on non-transcluded files
T5361 (bug): "monitor log" behaves like "show log"

2023-07-20

T5362 (bug): `set high-availability vrrp global-parameters version 3` seems to have no effect
T5355 (bug): IPSec: OP cmd : "show vpn ike sa" does not show output
T5330 (enhancment): Keep track of source of config dict value when merging defaults
T4497 (feature): ping cannot force ipv4 or ipv6
T4288 (bug): IPsec tunnel will break when ESP timeout

2023-07-19

T5340 (bug): SNMP and VRF
T5059 (feature): add 'disable' option to DHCP relay config

2023-07-17

T2051 (bug): Throughput anomalies

2023-07-16

T141 (feature): TACACS+ Support

2023-07-15

T5341 (feature): Improve CLI for high-availability virtual-server to work with multiple ports

2023-07-14

T5358 (bug): 99-ipsec-dhclient-hook prevents DHCP stateless routes from being installed in VRF table
T4376 (bug): DNAT with multiwan and policy routing, incoming connections only work on primary interface
T305 (default): loadbalancing does not work with one pppoe connection and another connection of either dhcp or static

2023-07-13

T4713 (bug): vyos@vyos:~$ show nat destination rules | doesn't work
T2315 (feature): Ability to have right address-family for BGP peers.

2023-07-12

T5347 (bug): Compare commit revision bug
T5161 (default): BFD Static Route Monitoring
T5105 (bug): DHCP Server - Wrong error message
T4927 (bug): Need to change restart to reload-or-restart in Webproxy module
T3835 (bug): vyos router 1.2.7 snmp Dos bug
T5352 (default): Fix missing dependency for netavark
T4959 (feature): Add container registry authentication config for containers

2023-07-11

T5314 (bug): QOS Default classes are not configured with correct qdisc
T4862 (bug): webproxy domain-block does not work
T4844 (bug): Incorrect permissions of the safeguard DB directory
T4815 (bug): Fix various name server config issues
T4810 (bug): Op-mode show/monitor log pppoe interface does not show any logs
T4758 (feature): Rewrite show dhcp server to vyos.opmode format
T4262 (bug): install image doesn't respect chosen root partition size
T3810 (bug): webproxy squidguard rules don't work properly after rewriting to python.
T1928 (bug): Is the 'Welcome to VyOS' message when using SSH an information leak?
T1877 (default): Feature Request: Allow NAT to use network and address groups
T4813 (feature): L3VPN over GRE Tunnels
T4943 (bug): Radius SSH login displays "permission denied" on 1.4 rolling release
T4542 (default): route-map: "match prefix-len" incorrect behavior
T4392 (default): Multiline login banner text reports error on commit

2023-07-10

T5345 (bug): Error incorrectly raised in revised multi_to_list when tag node value name == tag node name
T3578 (bug): Prefix-List(6) update cause empty prefix-list(6)
T762 (feature): Include rulseset in firewall

2023-07-06

T5336 (feature): Add Swedish keyboard-layout

2023-07-04

T5333 (bug): Policy base routing PBR generetes incorrect rules with name POSTROUTING
T5081 (feature): ISIS and OSPF syncronization with IGP-LDP sync

2023-07-03

T5295 (bug): QoS shaper incorrect rate limit the traffic
T5334 (feature): ospf: add support for External Route Summarisation Type-5 and Type-7

2023-07-02

T5332 (bug): Show policy route not working when no interface is configured

2023-07-01

T5304 (feature): Containers add bind-propagation option rshared
T5296 (bug): QoS class cannot calculate correctly the default bandwidth auto
T5210 (bug): IPSec cosmetic bug for Warning vti inrerface
T5277 (bug): Dhcpv6-relay does not start on boot

2023-06-30

T5315 (feature): vrrp: add support for version 3
T5283 (bug): IPoE server assigns network address
T5313 (bug): UDP broadcast relay - missing verify() that relay interfaces have an IP address assigned

2023-06-29

T5320 (enhancment): Add warning when entering config mode after a boot configuration error

2023-06-28

T1237 (feature): Static Route Path Monitoring, failover

2023-06-26

T5159 (bug): DHCPv6-server leases op-command shows warning message even if configured

2023-06-25

T5240 (bug): Service router-advert failed to start radvd with more then 3 name-servers
T5312 (bug): Nonescaped special character in help text

2023-06-24

T5303 (bug): Rsyslog.service is not working
T5298 (bug): Add RFKILL support into kernel.
T5308 (enhancment): Remove workarounds for incorrect defaults in get_interface_dict
T5228 (enhancment): Simplify get_config_dict and add argument with_defaults
T5310 (bug): Need some help troubleshooting NIC detection.

2023-06-22

T5297 (default): Utility function to check if config under node has been changed between revisions

2023-06-20

T5300 (bug): verification of port availability can return false negative on boot
T5248 (feature): Ability to load config via API in JSON format

2023-06-19

T5281 (feature): Add kernel options for vhost-net
T5072 (default): QOS-Rewrite: protocol name used literally
T4969 (bug): QoS Policy - Unable to set class match mark number

2023-06-18

T5256 (bug): QoS expects protocol number but not protocol name

2023-06-13

T5258 (bug): git Actions use ubuntu-22.04 instead of deprecated ubuntu-18.04 for PR conflicts checker
T5222 (feature): Add load-balancing reverse-proxy based on haproxy
T5213 (feature): Accel-ppp sending accounting interim updates acct-interim-interval option
T5171 (feature): Use XML for conf-mode "load-balancing wan" instead of legacy templates

2023-06-12

T5282 (bug): Poweroff now does not work
T5264 (feature): Add Mellanox Technologies firmware flash module mlxfw to kernel
T5286 (feature): Remove XDP support

2023-06-10

T5231 (feature): Add op-mode for load-balancing reverse-proxy

2023-06-09

T5253 (bug): MPLS config removed at boot when wireguard interfaces present

2023-06-05

T5259 (bug): Openconnect cannot pass migration 1-to-2

2023-06-02

T5252 (bug): Route distinguisher and route targets changing upon adding interface to new VRF
T5251 (bug): Uncaught errors for functions delete/delete_value in Python module configtree.py

2023-06-01

T5127 (bug): VPNv4/VPNv6 routes are not reinstalled following link flap

2023-05-28

T5244 (feature): dropbear: update to 2022.83
T5242 (feature): interfaces: smoketest: automatically detect "capabilities"
T5234 (feature): Add bash identifier for given VRF instance

2023-05-25

T5237 (feature): interfaces virtual-ethernet - Extend capabilitys of Vlans/QinQ
T4686 (feature): Provides support for veth

2023-05-24

T4605 (feature): Firewall change default table names
T4550 (feature): router-advert: Add deprecate-prefix & decrement-lifetimes options

2023-05-23

T4916 (feature): Rewrite IPsec authentication

2023-05-22

T5214 (bug): PPPoE-server incorrect warning if a named pool is defined
T4977 (feature): Babel routing protocol support

2023-05-21

T4733 (default): Feature Request: dhcp server: add VRF support
T5218 (enhancment): Revise vyos xml lib for bug fixes and extensions

2023-05-17

T5226 (default): Deduplicate and standardize validators and constraints for hostname and IP address
T5225 (bug): BGP allowas-in unusable
T5208 (bug): Failed to start nvmf-autoconnect.service during the boot

2023-05-16

T5194 (default): Add reference tree to vyos1x-config

2023-05-15

T3896 (feature): Extend ocserv support to allow for per-group configs

2023-05-12

T2778 (feature): Migrate "system syslog" to get_config_dict() to support new features
T2769 (feature): Add VRF support for syslog

2023-05-10

T5209 (bug): dhclient load-balancing exit hook 04-dhcp-wanlb returned non-zero exit status
T5065 (bug): Mixing `destination port xxx` and `destination group port-group yyy` in firewall rules doesn't work, but can be commited
T5060 (feature): add a VRRP 'maintenance mode'

2023-05-09

T5202 (bug): After removal load-balancing a pid remained which used in dhclient-exit-hooks

2023-05-06

T5206 (bug): ethtool.py:Ethtool.__init__ has always true conditional due to typo

2023-05-05

T5082 (feature): container: switch to netavark network stack

2023-05-04

T5193 (feature): Ability to specify NS records to specify NS servers for subdomains
T3891 (bug): X550-T2/Possibly other X550/X540 cards no link on VyOS
T5010 (bug): bgp: EVPN route-target not honored
T5196 (feature): wwan: op-mode should inform user if there is no WWAN interface

2023-05-03

T5163 (feature): Policy route-map add match source-protocol

2023-05-02

T5042 (bug): Command 'show vpn ipsec remote-access' does not work

2023-04-27

T5185 (bug): Static IPv6 route with blackhole fails
T5175 (bug): http-api: error in MultiPart parser for FastAPI version >= 0.91.0
T5183 (bug): IPv6 route6 problem
T5181 (bug): Wrong dependencies or priorities for zebra vni vrf interfaces and bgpd
T5128 (feature): Policy route - Allow wildcard interfaces
T5055 (feature): Firewall - Add packet type matcher (pkttype)
T5050 (feature): Firewall - Add options for logging packets
T5037 (feature): Firewall - Add queue action
T5176 (bug): http-api: update vyos-http-api-tools for FastAPI security vulnerability
T5174 (bug): vrf: ensure no duplicate VNIs can be created
T5123 (default): Display route originator in show ospf table command

2023-04-25

T5179 (bug): multi nodes defined in XML are not properly represented as list in get_config_dict()

2023-04-17

T5052 (bug): Error displaying dhcpv6 prefix delegation leases
T5150 (feature): Rework CLI definitions to apply route-maps between routing daemons and zebra/kernel
T3734 (bug): Move EVPN VRF up in FRR config

2023-04-13

T5152 (bug): Telegraf agent hostname isn't qualified
T4727 (feature): Add RADIUS rate limit support to PPTP server
T4939 (bug): VRRP command no-preempt not work as expected
T4791 (default): Consistent normalization of 'raw' output of op-mode scripts for CLI and API
T3608 (default): Standardize warnings from configure scripts

2023-04-11

T4924 (bug): Systemctl strongswan.service for some reason is not disabled
T4197 (bug): Vyos arm64-latest build issue with telegraf pkg
T4051 (bug): Connected routes strange / not working

2023-04-10

T5151 (bug): EAP-TLS TLSv1.0/1.1 regression after T5003
T5148 (bug): OpenVPN cannot start due to could not load plugin shared object /openvpn-otp.so
T5110 (bug): Show frr op-mode vtysh_pam: Failed in account validation
T5078 (feature): VyOS BGP does not support 'show bgp neighbors $NB filtered-routes'
T5070 (feature): show bgp nexthop unavailable in VRF
T5061 (bug): All containers restart on config change

2023-04-07

T5149 (bug): op-mode openvpn should not raise error in case interface is disabled

2023-04-06

T5147 (bug): Can't Commit with Container Network
T5142 (feature): One of the requirements is to use a system auditing tool to monitor and log all security-relevant events.
T5125 (feature): Add op-mode commands for hsflowd based sflow

2023-04-05

T5145 (feature): Add maxsyslogins maximum number of all logins on system
T5135 (default): Rewrite opennhrp script using vyos.ipsec library
T4975 (bug): CLI does not work after cutting off the power or reset
T5136 (bug): Possible config corruption on upgrade

2023-04-04

T5141 (feature): Add numbers for dhclient-exit-hooks.d to enforce script order execution
T5093 (bug): Command 'reset vpn ipsec-profile' doesn't work
T4362 (bug): Wan Load Balancing - Can't create routing tables

2023-04-03

T5139 (feature): IKE life-time should start from 0 for disable rekey
T4173 (bug): Wan Load Balancing - Error on firewall NAT rules

2023-04-02

T5134 (feature): Try if netavark networks can be moved to a VRF instance

2023-04-01

T5047 (bug): Recreate only a specific container
T5132 (default): Operational command "show isis vrf XXX route | neighbord" aren't working

2023-03-31

T5129 (feature): Add AWS build flavour
T5126 (feature): http-api: add 'allow-client' to restrict IP address of client connections

2023-03-30

T5130 (bug): op-mode: drop remaining reference to obsoleted 'show_interfaces.py'
T4866 (feature): Rewrite show_interfaces to standardized form
T366 (bug): SNMP Query for BGP Tunnels Returns IPv4 Tunnels Only

2023-03-29

T5100 (feature): Update FRR to 8.5
T5094 (bug): FRR systemd logs unknow key LimitNOFILESoft
T5085 (bug): ospfv3 route-map not applied in FRR configuration
T5056 (bug): IPoE server vlan-mon is not working
T5033 (bug): generate-public-key command fails for address with multiple public keys like GitHub
T4876 (bug): mpls - LSP broken on FRR 8.4.1
T5097 (bug): the operational command "show interfaces ethernet ethx" doesn't reflect a call to 'clear counters'
T5089 (enhancment): Add unit test of config_diff
T5088 (enhancment): Add lexicographical-numeric compare function for vytree/configtree
T5087 (enhancment): Add support for lexical ordering of nodes in config_tree
T4885 (feature): Rewrite 'clear interfaces counters' from Perl to Python
T4846 (bug): L3VPN- network command doesn't install direct connected prefix

2023-03-28

T5043 (feature): Need to create reset command for IKEv2 remote-access vpn connections

2023-03-27

T5099 (feature): IPoE server add option 'next-pool' for named ip pools
T5106 (feature): Extend generation of API client requests to configsession native functions and composite requests
T5104 (bug): DHCP default route issues with static routes in VRFs
T5079 (feature): xml: schema extension to support defaultValues on tagNodes
T5114 (feature): bgp: implement new CLI commands introduced in FRR 8.5

2023-03-23

T5108 (feature): Get rate limit for L2TP/PPTP/SSTP/IPoE in raw format
T5086 (feature): Integrate hsflowd for sflow accounting
T5107 (bug): Raise error in op-mode dns.py instead of calling exit

2023-03-22

T5068 (feature): Generate op-mode API client requests along with schema generation

2023-03-21

T5098 (feature): PPPoE client holdoff configuration
T3694 (bug): Static routes not installed into kernel nor frr
T5102 (feature): ospf: "redistribute babel" is always set

2023-03-20

T5057 (bug): IPoE server incorrect interface regex
T5095 (feature): Return list instead of dict for 'raw' output of op-mode openvpn

2023-03-19

T4925 (feature): Need to add the possibility to configure Pseudo-Random Functions (PRF) in IKEv2

2023-03-17

T5092 (bug): IPoE-server named pool must not rely on the authentication type
T5091 (bug): IPoE server with RADIUS authentication does not verify radius configuration

2023-03-16

T5073 (bug): IPoE-server interface option failed to parse
T5063 (bug): IPoE-server ethX vlan must not be used with client-subnet
T5058 (feature): Extend template filter range_to_regex
T3083 (feature): Add feature event-handler
T2516 (bug): vyos-container: cannot configure ethernet interface

2023-03-13

T5074 (bug): Show IPSEC SA failed if remote access IKEv2 vpn is used.
T4973 (bug): show dhcp server leases error for lease time 4294967295

2023-03-11

T5076 (feature): CI/CD: Docker container is bloated by legacy and conflicting dependencies

2023-03-09

T5066 (bug): Different GRE tunnel but same tunnel keys error
T4952 (feature): Improve interface completion helper CLI experience

2023-03-08

T4381 (default): OpenVPN: Add "Tunnel IP" column in "show openvpn server" operational command
T4872 (bug): Op-mode show openvpn misses a case when parsing for tunnel IP

2023-03-07

T2838 (bug): Ethernet device names changing, multiple hw-id being added
T5051 (feature): Use Literal types to provide op-mode CLI choices and API enums
T4900 (default): Cache intermediary results of get_config_diff in Config instance

2023-03-05

T5040 (default): Generate API GraphQL schema on installation, rather than dynamically

2023-03-03

T4625 (enhancment): Update ocserv to current revision (1.1.6)

2023-03-02

T4967 (feature): Ability to set hostname for the container

2023-03-01

T5015 (bug): Invalid format character error at hfsc class settings help text

2023-02-28

T5029 (feature): Nginx change default root directory and fix regex
T5025 (bug): Time-zone validation failed
T4955 (bug): Openconnect radiusclient.conf generating with extra authserver
T4843 (feature): Command-line arguments in container config
T4219 (feature): support incoming-interface (iif) in local PBR
T3903 (bug): Containers: after command "reboot" the host system will reboot after 1.5 minutes

2023-02-27

T5028 (feature): Add package exfatprogs to VyOS
T4985 (bug): reset vpn ipsec-peer command with peer name does not work

2023-02-26

T4979 (feature): Add API request 'show_user_info' for UI

2023-02-25

T5008 (bug): MACsec CKN of 32 chars is not allowed in CLI, but works fine
T5007 (bug): Interface multicast setting is invalid
T5027 (bug): OpenVPN options and site-to-site cannot pass smoketest
T4978 (bug): KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536
T5034 (bug): Migrate multicast CLI node to valueLess
T4948 (feature): pppoe: add CLI option to allow definition of host-uniq flag

2023-02-24

T5030 (bug): HTTPS-API delete key without id error

2023-02-23

T5013 (feature): Extend accelppp.py op-mode to get subnet start stop info from config
T5002 (feature): Add uk (United Kingdom) keymap

2023-02-22

T5024 (bug): check-qemu-install VM is not shutdown the first time
T5011 (bug): Some interface drivers don't support min_mtu and max_mtu and verify_mtu check should be skipped

2023-02-21

T5021 (bug): IPsec SA is closed before negotiating a new one or it is negotiated on every second if big life-time is set in swanctl.conf
T5020 (feature): Extend openvpn.py op-mode to get a list of configured clients

2023-02-20

T5005 (feature): Skip user authentication for PPPoE Server with noauth option

2023-02-16

T4971 (feature): Radius attribute "Framed-Pool" for PPPoE

2023-02-15

T4991 (bug): Restore path level information to compare output

2023-02-14

T4968 (bug): VPN IPsec check dpd and close action for empty values
T1993 (feature): Extended pppoe rate-limiter

2023-02-13

T4905 (feature): Convert show nhrp tunnel to tabulate format
T4153 (bug): Monitor bandwidth-test initiate not working

2023-02-12

T4998 (bug): pppoe username validation too restrictive (regression)

2023-02-11

T2603 (feature): pppoe-server: reduce min MTU

2023-02-10

T4857 (feature): SNMP - Implement FRR SNMP recommendations
T4995 (feature): pppoe, wwan and sstp-client - rename user -> username on authentication

2023-02-07

T4980 (bug): chrony not listening as a server
T4868 (bug): L2TP ppp-options ipv6 does not work without ipv6 pool but should
T4117 (bug): Does not possible to configure PoD/CoA for L2TP vpn

2023-02-01

T4970 (default): pin OCaml pcre package to avoid JIT support

2023-01-31

T4964 (bug): FRR bgp address-family l2vpn-evpn route-target export/import not working
T4780 (feature): Firewall - Add interface group
T4157 (default): Add jinja2 to pip test requirements

2023-01-30

T4958 (feature): Add OpenConnect RADIUS Accounting support
T4954 (bug): DNS cannot be configured via Network-Config v1 received from ConfigDrive / Cloud-Init
T4118 (default): IPsec syntax overhaul

2023-01-29

T4965 (default): empty description in firewall group causes configuration error on migration

2023-01-28

T4961 (bug): Uncaught configtree error allows ntp migration 1-to-2 to fail silentlly on config.boot.default

2023-01-27

T4960 (bug): Bugs in `cc_vyos.py` code (Cloud-Init)

2023-01-26

T4886 (feature): Firewall and Policy - Add connection mark
T4957 (bug): config-mgmt should not attempt to archive config at boot
T4962 (bug): Fix typo in regex in vyos.config_mgmt compare function
T4912 (default): Rewrite the IGMP op mode in the new style

2023-01-25

T4941 (bug): Accel-ppp IPoE incompatibility with kernel 6.1

2023-01-24

T4947 (feature): Support mounting container volumes as ro or rw

2023-01-23

T4798 (default): Migrate the file-exists validator away from Python
T4683 (enhancment): Add kitty-terminfo package to build
T4953 (bug): Remove convert_kwargs_to_snake_case decorator in dynamic generation of GraphQL resolvers
T4875 (default): Replace Python validator 'interface-name' to avoid Python startup cost
T4664 (bug): Add validation to reject whitespace in tag node value names

2023-01-22

T4906 (bug): ipsec connections shows only one connection as up

2023-01-21

T4799 (bug): PowerDNS >= 4.7 does not get reloaded by vyos-hostsd
T4878 (bug): Any interface bonding changes cause interface flapping
T4387 (default): Create additional smoketests for multiwan PBR & load-balanced configurations

2023-01-20

T4551 (bug): IPsec rekeying collisions bug
T4942 (feature): Rewrite vyatta-config-mgmt to Python/XML

2023-01-17

T4938 (bug): Interface input ifb does not work
T4902 (bug): snmpd: exclude container storage from monitoring
T4140 (bug): Lack of SNMP IANA mibs

2023-01-15

T4832 (feature): dhcp: Add IPv6-only dhcp option support (RFC 8925)
T4937 (feature): ocserv: upgrade package to version 1.1.6
T4918 (bug): Odd show interface behavior
T3008 (feature): Migrate from ntpd to chronyd

2023-01-13

T4911 (default): Rewrite the LLDP op mode in the new format
T4928 (feature): Upgrade Linux Kernel to 6.1.y (2022 LTS edition)

2023-01-12

T4934 (bug): ospf: Fix inter-area route summarization
T4929 (feature): Update Intel QAT drivers to 4.20.0-00001

2023-01-10

T4880 (feature): Expose 'add/delete container image' in HTTP-API

2023-01-09

T4922 (feature): Add ssh-client source-interface CLI option
T4524 (bug): Squid webproxy not working properly

2023-01-08

T4920 (bug): ospf: Fix `passive-interface default` option

2023-01-07

T4884 (bug): Missing a community6 in snmpd config

2023-01-05

T4904 (feature): Allow multiple ports for high-availability virtual-server
T4789 (feature): Ability to get L2TP/PPTP/SSTP sessions info in a machine readable format
T3937 (default): Rewrite "show system memory" in Python to make it usable as a library function

2023-01-04

T4848 (bug): Minor bug in OpenConnect server with default route
T4656 (feature): Support the listen-host config field of openconnect server

2023-01-03

T4907 (bug): nat source translations couldn't show metrics

2023-01-02

T4893 (feature): l2tp add ppp-options IPv6 interface identifier
T4717 (feature): Connect to console server by name
T725 (feature): Cake and FQ-PIE

2022-12-31

T4898 (feature): Add mtu config option for dummy interfaces

2022-12-30

T4834 (bug): Limit container network name to 15 characters
T4901 (bug): Update Podman to v4.3.1
T4899 (bug): Podman systemd services not being installed correctly

2022-12-28

T4593 (feature): Upgrade strongswan to 5.9.8

2022-12-26

T4511 (bug): IPv6 DNS lookup
T4809 (feature): radvd: Allow use of AdvRASrcAddress

2022-12-25

T3579 (feature): Rewrite vyatta-conntrack in new XML and Python flavour

2022-12-24

T4890 (bug): show conntrack table ipv4 fail
T4879 (bug): IPSec migration failed with missing remote-id
T4870 (feature): Containers switch to using overlay driver for podman storage

2022-12-23

T4792 (feature): Add SSTP VPN client

2022-12-21

T4887 (bug): Schema generation from op-mode functions should set default 'false' on boolean arguments

2022-12-18

T4882 (bug): Missing ICMPv6 type names in firewall configuration

2022-12-15

T4671 (bug): linux-firmware package is missing symlinks defined in WHENCE file

2022-12-14

T4881 (bug): Return opmode.Error on openconnect.py show_sessions

2022-12-12

T4861 (feature): Openconnect restart on adding users - Aborts all active connections

2022-12-09

T4865 (bug): container impossible to generate local image from a file if it requires install some pkgs

2022-12-05

T4860 (bug): Openconnect server incorrect unconfigured check
T4804 (bug): PPPoE server incorrect unconfigured check
T4854 (feature): BGP-route reflector allows to apply route-maps

2022-12-04

T4825 (feature): interfaces veth/veth-pairs -standalone used
T4805 (bug): PPPoE server does not restart service if pool was changed

2022-12-02

T4830 (bug): nat66 - Error in port translation rules
T4859 (bug): Correct calling of config mode script dependencies from http-api.py
T4820 (enhancment): Support for inter-config-mode script dependencies
T4858 (bug): L3VPN- Route Distinguisher notations
T1024 (feature): Policy Based Routing by DSCP

2022-12-01

T4841 (feature): add fan control
T4847 (bug): Correct calling of config mode script dependencies from pki.py

2022-11-29

T4842 (bug): Routing config broken if mpls config exists
T4845 (default): Add smoketest to detect cycles in config-mode script dependency calls

2022-11-27

T4739 (feature): ISIS and OSPF segment routing being refactored

2022-11-24

T4794 (bug): show firewall name <name> - Can't use .items() on a list
T4714 (feature): Delete unused ipset from the filecaps
T3541 (bug): Route Map large community set additive is missing

2022-11-23

T4836 (feature): Kernel: enable new features like switchdev, ESP in TCP and HSR
T4835 (bug): SNMPD configuration incorrect for IPv6
T4819 (feature): Allow printing Warning messages in multiple lines with \n
T4807 (feature): Need to fix traceroute help completion
T4660 (feature): Reorganize route map set community CLI
T4526 (bug): keepalived-fifo.py unable to load config
T4793 (feature): Create warning message about disable-route-autoinstall when ipsec vti is used
T4492 (bug): Incorrect list of neighbors in help for "show bgp vrf VRF neighbors"
T4496 (feature): ping vrf help does not list VRFs

2022-11-22

T4823 (bug): swanctl.conf is broken when ipsec site-to-site peer set.
T4706 (bug): NAT and NAT66 issues
T4670 (feature): policy route - Update matching criteria

2022-11-21

T4812 (feature): IPsec ability to show all configured connections
T4829 (default): Tunnel argument to 'reset_peer' in ipsec.py should have type hint Optional

2022-11-20

T4827 (bug): route-map issues , not load configuration FRR

2022-11-19

T4826 (bug): Wrong key type is used for SSH SK public keys
T4720 (feature): Ability to configure SSH HostKeyAlgorithms
T4828 (default): Raise appropriate op-mode errors in ipsec.py 'reset_peer'

2022-11-18

T4821 (bug): Correct calling of config mode script dependencies from firewall.py

2022-11-17

T4750 (feature): Support of higher level SSH keys (sk-ssh-ed25519)

2022-11-15

T4808 (feature): Add details of configtree operations to migration log

2022-11-12

T4814 (bug): Regression in bundled powerdns version

2022-11-09

T4800 (bug): undefined var includes_chroot_dir in build-vyos-image

2022-11-08

T4771 (feature): Rewrite protocol BGP op-mode to vyos.opmode format
T4806 (default): Update FRR to 8.4 in 1.4 version

2022-11-06

T4803 (bug): The header 'Authorization' needs to be explictly allowed in http-api CORS middleware

2022-11-05

T4802 (feature): Ability to define per container shared-memory size

2022-11-01

T4764 (bug): NAT tables vyos_nat and vyos_static_nat not deleting after deleting nat
T4177 (bug): Strip-private doesn't work for service monitoring

2022-10-31

T4786 (feature): Add package python3-pyhumps
T1875 (feature): Add the ability to use network address as BGP neighbor (bgp listen range)
T4785 (feature): snmp: Allow !, @, * and # in community name
T4787 (feature): ipsec: add support for road-warrior/remote-access RADIUS timeout

2022-10-29

T4783 (default): Add support for stunnel
T4784 (feature): Add description node for static route/route6 tagNodes

2022-10-28

T4291 (default): Consolidate component version read/write functions

2022-10-27

T4763 (feature): Change XML for Show nat destination statistics
T4762 (bug): Show nat rules with empty rules incorrect error
T4778 (bug): Raise error UnconfiguredSubsystem if op-mode ipsec.py fails initialization

2022-10-26

T4773 (default): Add camel_case to snake_case conversion utility

2022-10-25

T4574 (default): Add token based authentication to GraphQL API

2022-10-24

T4772 (default): Return list of dicts in 'raw' output of route.py instead of dict with redundant information

2022-10-23

T3723 (bug): op-mode IPSec show vpn ipsec sa output with underscores

2022-10-21

T4768 (default): Change name of api child node from 'gql' to 'graphql'

2022-10-18

T4684 (feature): Rewrite show ip route by protocol to vyos.opmode format
T4533 (bug): Radius clients don’t have simple permissions
T4753 (enhancment): Extend automatic generation of schema to query SystemStatus

2022-10-17

T4725 (bug): Unable to reset vpn IPsec peer

2022-10-14

T4672 (bug): RADIUS server disable does not work
T4749 (enhancment): Use config_dict for conf_mode http-api.py

2022-10-13

T4746 (bug): Monitoring nft. table vyos_filter by default does not exist but telegraf checks this table
T4744 (bug): BGP directly connected neighbors don't compatible with ebgp-multihop
T4716 (feature): SSH ability to configure RekeyLimit
T4343 (default): Expose powerdns network-timeout for service dns forwarding
T4312 (bug): Telegraf configuration doesn't accept IPs for URL
T4274 (default): Extend OpenConnect RADIUS Timeout to Permit 2FA Entry

2022-10-12

T4747 (bug): Monitoring influxdb template input exec plugin does not work
T4740 (bug): Show conntrack table ipv6 fail
T4730 (bug): Conntrack-sync error - listen-address is not the correct type in config as it should be

2022-10-11

T4742 (bug): Autocomplete in policy route rule x set table / does not show the tables created in the static protocols
T4741 (bug): set firewall zone Local local-zone failed
T4680 (bug): Telegraf prometheus-client listen-address invalid format

2022-10-10

T538 (feature): Support for network mapping in NAT

2022-10-09

T4738 (enhancment): Extend automatic generation of schema definition files to native configsession functions; use single resolver/directive

2022-10-08

T4707 (feature): Enable OSPF segment routing

2022-10-07

T4736 (bug): Error on JSON output of API query ShowConfig

2022-10-04

T4708 (bug): 'show nat destination rules' throwing an error
T4700 (feature): Firewall - Add interface match criteria
T4699 (feature): Firewall - Add jump action - Add return action
T4651 (feature): Firewall - Add options to match packet size
T4702 (bug): Wireguard peers configuration is not synchronized with CLI
T4685 (bug): Interface does not exist on boot when used as inbound-interface for local policy route
T4652 (feature): Upgrade PowerDNS recursor to 4.7 series
T4582 (default): Router-advert: Preferred lifetime cannot equal valid lifetime in PIOs

2022-09-29

T4715 (feature): Auto logout user after a period of inactivity
T4697 (bug): policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit

2022-09-27

T4711 (feature): Ability to terminate user TTY and PTS sessions
T4557 (feature): fastnetmon: allow configure limits per protocol (tcp, udp, icmp)

2022-09-21

T4678 (feature): Rewrite service ipoe-server to get_config_dict
T4703 (feature): accel-ppp: combine vlan-id and vlan-range into single CLI node

2022-09-20

T4693 (bug): ISIS segment routing was broken...

2022-09-17

T4666 (bug): EAP-TLS no longer allows TLSv1.0 after T4537, T4584
T4665 (bug): Keepalived cannot use same VRID for VRRPv2 and VRRPv3

2022-09-16

T4698 (enhancment): Drop validator name="range" and replace it with numeric
T4695 (feature): Add 'es' and 'jp106' keymap option keyboard-layout
T4669 (enhancment): Extend numeric.ml for inversion of values and range values

2022-09-15

T4679 (bug): OpenVPN site-to-site incorrect check for IPv6 local and remote address
T4691 (feature): Upgrade Linux Kernel to latest 5.15.y train
T4630 (bug): Prevent attempts to use the same interface as a source interface for pseudo-ethernet and MACsec at the same time
T4696 (default): Extend bgp parameters for bgp bestpath peer-type multipath-relax

2022-09-12

T4617 (feature): VRF specification is needed for telegraf prometheus-client listen-address <address>
T4690 (bug): Update GraphQL resolver for 'SystemStatus' following changes to 'show_uptime' op-mode script
T4647 (feature): Add Google Virtual NIC (gVNIC) support
T4170 (feature): Rename "policy ipv6-route" -> "policy route6"

2022-09-09

T4682 (feature): Rewrite 'show system storage' in standardized format
T4681 (feature): Complete standardization of show_uptime.py

2022-09-06

T4640 (enhancment): Integrate op-mode exception hierarchy into API
T4597 (bug): Check bind port before assign service HTTPS API and openconnect
T4674 (bug): API should show op-mode error message, if present
T4673 (bug): op-mode bridge.py should raise error on show_fdb for nonexistent bridge interface

2022-09-05

T4668 (bug): Adding/removing members from bond doesn't work/results in incorrect interface state
T4663 (bug): Interface pseudo-ethernet does not change mode
T4655 (bug): Firewall in 1.4 sets the default action 'accept' instead of 'drop'
T4628 (bug): ConfigTree() throws ValueError() if tagNode contains whitespaces

2022-09-01

T4606 (bug): monitor nat destination translation shows missing script
T4435 (bug): Policy route and firewall - error when using undefined group
T4147 (bug): New Firewall Implementation - proposed changes on group implementation

2022-08-31

T4650 (feature): Rewire show nat translation to vyos.opmode format
T4644 (bug): Check bind port before assign vpn sstp
T4643 (bug): Smoketest exclude either sstp or openconnect from pki-misc default listen port
T4569 (feature): Rewrite show bridge to new format
T4547 (bug): Show vpn ipsec sa show unexpected prefix 'B' in packets
T4367 (bug): NAT - Config tmp file not available

2022-08-29

T4645 (bug): show nat source statistics lack argument --family
T4634 (bug): Bgp neighbor disable-connected-check does not work
T4631 (feature): Add port and protocol to nat66
T4623 (feature): Add show conntrack statistics
T4595 (bug): DPD interval and timeout do not work in DMVPN
T4594 (feature): Rewrite op-mode IPsec to vyos.opmode format
T4508 (bug): Problem with values of the same environment in different event handlers
T4653 (bug): Interface offload options are not applied correctly
T4546 (bug): Does not connect Cisco spoke to VyOS hub.
T4061 (default): Add util function to check for completion of boot config
T4654 (bug): RPKI cache incorrect description
T4572 (bug): Add an option to force interface MTU to the value received from DHCP

2022-08-26

T4642 (bug): proxy: hyphen not allowed in proxy URL

2022-08-25

T4626 (bug): Error showing nat66 source and destination
T4622 (feature): Firewall allow drop packets by TCP MSS size

2022-08-24

T4641 (bug): prefix-list allows ipv6 prefix as input
T4633 (feature): Change keepalived to v2.2.7

2022-08-23

T4618 (bug): Traffic policy not set on virtual interfaces
T4538 (bug): Macsec does not work correctly when the interface status changes.

2022-08-22

T4089 (bug): Show nat destination rules shows ip address instead of interface 'any'
T4632 (bug): VLAN-aware bridge not working
T4637 (feature): Upgrade to podman 4.2.0

2022-08-20

T4596 (bug): "show openconnect-server sessions" command does not work in the openconnect module

2022-08-19

T4620 (bug): UPnP does not work due to incorrect template
T4619 (bug): Static arp is not set if another entry is present
T4611 (bug): UPnP rule IP should be a prefix instead of an address
T4614 (feature): OpenConnect split-dns directive

2022-08-18

T4613 (bug): UPnP configuration without listen option fail
T4570 (bug): Exception when trying to set up VXLAN over Wireguard

2022-08-17

T4598 (feature): nat66 - Add exclude options
T4480 (default): add an ability to configure squid acl safe ports and acl ssl safe ports

2022-08-16

T4592 (bug): macsec: can not create two interfaces using the same source-interface
T4584 (bug): hostap: create custom package build
T4413 (default): Add an API endpoint with basic system stats
T4537 (bug): MACsec not working with cipher gcm-aes-256

2022-08-15

T4609 (bug): Unable to Restart Container VyOS 1.4
T4565 (bug): vlan aware bridge not working with - Kernel: T3318: update Linux Kernel to v5.4.205 #249
T3988 (default): Feature Request: IPsec Multiple local/remote prefix for the tunnel
T2763 (feature): New SNMP resource request - SNMP over TCP

2022-08-14

T4579 (bug): bridge: can not delete member interface CLI option when VLAN is enabled
T4421 (default): Add support for floating point numbers in the numeric validator
T3507 (bug): Bond with mode LACP show u/u in show interfaces even if peer is not configured

2022-08-12

T4603 (feature): Need a config option to specify NAS-IP-Address for vpn l2tp

2022-08-10

T4408 (feature): Add sshguard to protect against brut-forces

2022-08-08

T4586 (feature): Add to NAT66: SNAT destination address and DNAT source address.

2022-08-04

T4257 (feature): Discussion on changing BGP autonomous system number syntax

2022-08-02

T4585 (feature): Rewrite op-mode containers to vyos.opmode
T4515 (default): Reduce telegraf binary size

2022-08-01

T4581 (bug): 'show system cpu' not working
T4578 (feature): Rewrite show dns forwarding statistics to new format

2022-07-31

T4580 (bug): Handle the case of op-mode file names with hyphens in GraphQL schema/resolver generation

2022-07-30

T4575 (feature): vyos.utill add new wrapper "rc_cmd" to get the return code and output
T4562 (feature): Rewrite show vrf to new format
T4545 (feature): Rewrite show nat source rules
T4543 (bug): Show source nat statistics shows incorrect interface
T4503 (default): Prevent op mode scripts from restarting services if there's a commit in progress
T4411 (feature): Add migration for service monitoring telegraf influxdb

2022-07-29

T4554 (enhancment): Implement GraphQL resolvers for standardized op-mode scripts
T4518 (feature): Add XML for CLI conf mode load-balancing wan
T4544 (enhancment): Generate schema definitions from standardized op-mode scripts

2022-07-28

T4531 (bug): NAT op-mode errors with exclude rules
T3435 (bug): NAT rules show corruption

2022-07-27

T4571 (bug): Sflow with vrf configured does not use vrf to validate agent-address IP from vrf-configured interfaces
T4552 (bug): Unable to reset IPsec IPv6 peer

2022-07-26

T4568 (bug): show vpn debug peer doesn't work
T4556 (feature): fastnetmon: Allow configure white_list_path and populate with hosts/networks that should be ignored.
T4495 (feature): Combine BGP reset op commands

2022-07-25

T4567 (default): Merge experimental branch of GraphQL development
T4560 (bug): VRF and BGP neighbor local-as error
T4493 (bug): Incorrect help for "show bgp neighbors"
T1233 (bug): ipsec vpn sa showing down

2022-07-22

T4145 (bug): Conntrack table not showing after firewall rewriting

2022-07-21

T4555 (feature): fastnetmon: add IPv6 support
T4553 (default): Allow to set ban time on ddos-protection configuration

2022-07-20

T4056 (bug): Traffic policy not set in live configuration

2022-07-18

T4523 (feature): OP-mode Extend conntrack output to get marks, zones and directions
T4228 (bug): bond: OS error thrown when two bonds use the same member
T4539 (feature): qat: update Intel QuickAssist release version 1.7.L.4.16.0-00017
T4534 (bug): bond: bridge: error out if member interface is assigned to a VRF instance
T4525 (bug): Delete interface from VRF and add it to bonding error
T4522 (feature): bond: add ability to specify mii monitor interval via CLI
T4535 (feature): FRR: upgrade to stable/8.3 version
T4521 (bug): bond: ARP monitor interval is not configured despite set via CLI
T4540 (feature): firmware: update to Linux release 20220708

2022-07-17

T4028 (bug): FRR 8.1 routes not being applied to routing table after reboot if an interface has 2 ip addresses

2022-07-15

T4494 (bug): Cannot reset BGP peer within VRF
T4536 (feature): FRR: move to systemd for daemon control

2022-07-14

T4491 (bug): Use empty string for internal name of root node of config_tree

2022-07-13

T1375 (feature): Add clear dhcp server lease function

2022-07-12

T4527 (bug): Prevent to create VRF name default
T4084 (default): Dehardcode the default login banner
T3948 (feature): IPSec VPN: Add a new option "none" for the connection-type
T235 (feature): Ability to configure manual IP Rules

2022-07-10

T3836 (bug): Setting a default IPv6 route while getting IPv4 gateway via DHCP removes the IPv4 gateway

2022-07-09

T4507 (feature): IPoE-server add multiplier option for shaper
T4499 (bug): NAT source translation not showing a single output
T4468 (bug): web-proxy source group cannot start with a number bug
T4373 (feature): PPPoE-server add multiplier option for shaper
T3353 (bug): PPPoE server wrong vlan-range generating config
T3648 (bug): op-mode: nat rules broken
T4517 (feature): ip: Add options to enable directed broadcast forwarding

2022-07-07

T4456 (bug): NTP client in VRF tries to bind to interfaces outside VRF, logs many messages
T4509 (feature): Feature Request: DNS64

2022-07-06

T4513 (bug): Webproxy monitor commands do not work
T4299 (feature): Firewall - GeoIP filtering

2022-07-05

T4378 (bug): Unable to submit wildcard ("*.example.com") A or AAAA records in dns forwarder
T2683 (default): no dual stack in system static-host-mapping host-name
T478 (feature): Firewall address group (multi and nesting)

2022-07-04

T4501 (bug): Syslog-identifier does not work in event handler
T3600 (bug): DHCP Interface static route breaks PBR
T4498 (feature): bridge: Add option to enable/disable IGMP/MLD snooping

2022-07-01

T2455 (bug): No support for the IPv6 VTI
T4490 (feature): BGP- warning message that AFI/SAFI is needed to establish the neighborship
T4489 (bug): MPLS sysctl not persistent for tunnel interfaces

2022-06-29

T4477 (feature): router-advert: support RDNSS lifetime option

2022-06-28

T4486 (bug): Container can't be deleted
T4473 (bug): Use container network without network declaration error
T4458 (feature): Firewall - add support for matching ip ttl in firewall rules
T3907 (feature): Firewall - Set log levels

2022-06-27

T4484 (default): Firewall op-mode summary doesn't correctly handle address group containing ranges

2022-06-25

T4482 (bug): dhcp: toggle of "dhcp-options no-default-route" has no effect
T4483 (feature): Upgrade fastnetmon to v1.2.2 community edition

2022-06-22

T1748 (feature): vbash: beautify tab completion output/line breaks

2022-06-20

T1856 (feature): Support configuring IPSec SA bytes

2022-06-18

T4467 (bug): Validator Does Not Accept Signed Numbers

2022-06-17

T4209 (bug): Firewall incorrect handler for recent count and time

2022-06-16

T4352 (bug): wan-load balance - priority traffic rule doesn't work

2022-06-15

T4450 (feature): Route-map - Extend options for ip|ipv6 address match
T4449 (feature): Route-map - Extend options for ip next-hop match
T990 (feature): Make DNAT/SNAT a valid state in firewall rules.

2022-06-12

T4420 (feature): Feature Request: ocserv: show configured 2FA OTP key
T4380 (default): Feature Request: ocserv: 2FA OTP key generator in VyOS CLI

2022-06-10

T4365 (bug): NAT - Error on setting up tables
T4465 (feature): node.def generation misses whitespace on multiple use of <path>

2022-06-09

T4444 (default): sstp: Feature request. Port number changing support
T2580 (feature): Support for ip pools for ippoe

2022-06-08

T4447 (bug): DHCPv6 prefix delegation `sla-id` limited to 128

2022-05-31

T4212 (default): PermissionError when generating/installing server Certificate (generate pki certificate sign ...)
T4199 (bug): Commit failed when setting icmpv6 type any
T4148 (bug): Firewall - Error messages not that clear as it were in old firewall
T3659 (bug): Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors

2022-05-30

T4315 (feature): Telegraf - Output to prometheus

2022-05-29

T2473 (feature): Xml for EIGRP [conf_mode]

2022-05-28

T4448 (feature): rip: add support for explicit version selection

2022-05-26

T4442 (feature): HTTP API add action "reset"

2022-05-25

T4410 (feature): Telegraf - Output to Splunk
T4382 (bug): Replacing legacy loadFile exposes missing steps in migration scripts and other errors

2022-05-21

T4437 (bug): flow-accounting: support IPv6 flow collectors

2022-05-20

T4418 (feature): Telegraf - output Plugin azure-data-explorer

2022-05-19

T4434 (bug): DMVPN: cisco-authentication password length is 8 characters
T3938 (default): Rewrite the uptime script in Python to allow using it as a library
T4334 (default): Make the config lexer reentrant

2022-05-17

T4424 (bug): policy local-route6 shows ipv4 format

2022-05-16

T4377 (default): generate tech-support archive includes previous archives

2022-05-12

T4417 (bug): VRRP doesn't start with conntrack-sync
T4100 (feature): Firewall increase maximum number of rules

2022-05-11

T4405 (bug): DHCP client sometimes ignores `no-default-route` option of an interface

2022-05-10

T4156 (default): Adding DHCP Option 13 (bootfile-size)
T1972 (feature): Allow setting interface name for virtual_ipaddress in VRRP VRID

2022-05-07

T4361 (bug): `vyos.config.exists()` does not work for nodes with multiple values
T4354 (bug): Slave interfaces fall out from bonding during configuration change
T4419 (feature): vrf: support to disable IP forwarding within a given VRF

2022-05-06

T4385 (bug): bgp: peer-group member cannot override remote-as of peer-group

2022-05-05

T4414 (feature): Add route-map "as-path prepend last-as x" option

2022-05-03

T4395 (feature): Extend show vpn debug

2022-05-01

T4369 (bug): OpenVPN: daemon not restarted on changes to "openvpn-option" CLI node
T4363 (bug): salt-minion: default mine_interval option is not set
T4353 (feature): Add Jinja2 linter to vyos-1x build process

2022-04-29

T4388 (bug): dhcp-server: missing constraint on tftp-server-name option
T4366 (bug): geneve: interface is removed on changes to e.g. description

2022-04-28

T4400 (bug): Container OP mode has delete where show and update should be

2022-04-27

T4398 (bug): IPSec site-to-site generates unexpected passthrough option
T4397 (feature): arp: migrate static ARP entry configuration to get_config_dict() and make it VRF aware
T4357 (feature): Allow free-form setting of DHCPv6 server options

2022-04-26

T4210 (bug): NAT source/destination negated ports throws an error
T4235 (default): Add config tree diff algorithm

2022-04-25

T4390 (feature): op-mode: extend "show log" and "monitor log" with additional daemons/subsystems to read journalctl logs
T4391 (bug): PPPoE: IPv6 not working after system boot

2022-04-24

T4342 (bug): "show ip ospf neighbor address x.x.x.x" gives "unknown command" error

2022-04-23

T4386 (default): Applying limiter on traffic-policy "in" fails, incorrectly reports mirror or redirect policy in use

2022-04-22

T4389 (feature): dhcp: add vendor option support for Ubiquity Unifi controller

2022-04-21

T4384 (feature): pppoe: replace default-route CLI option with common CLI nodes already present for DHCP

2022-04-20

T4345 (bug): New firewall code does not accept "rate/time interval" syntax used in old config
T4231 (feature): Feature Request: ocserv: 2FA (password+OTP) support in Openconnect

2022-04-19

T4379 (bug): PPPoE: default-route lost after applying additional static routes
T4344 (bug): DHCP statistics not matching, conf-mode generates incorrect pool name with dash
T4268 (bug): Elevated LA while using VyOS monitoring feature

2022-04-18

T4351 (bug): Openvpn conf-mode "openvpn-option" is not respected
T4278 (default): vyos-vm-images: fix vagrant libvirt box
T4368 (bug): bgp: AS specified for local as is the same as the remote as and this is not allowed.
T4370 (feature): vxlan: geneve: support configuration of df bit option

2022-04-15

T4327 (default): Ethernet interface configuration fails on Hyper-V due to speed/duplex/autoneg ethtool command error
T4364 (feature): salt-minion: Upgrade to 3004 and migrate to get_config_dict()

2022-04-13

T4333 (feature): Jinja2: add plugin to test if a variable is defined and not none to reduce template complexity

2022-04-08

T4331 (bug): IPv6 link local addresses are not configured when an interface is in a VRF
T4347 (default): Return complete and consistent error codes from HTTP API
T4339 (bug): wwan: tab-completion results in "No such file or directory" if there is no WWAN interface
T4338 (bug): wwan: changing interface description should not trigger reconnect
T4324 (bug): wwan: check alive script should only be run via cron if a wwan interface is configured at all

2022-04-07

T4330 (bug): MTU settings cannot be applied when IPv6 is disabled
T4346 (feature): Deprecate "system ipv6 disable" option to disable address family within OS kernel
T4319 (bug): The command "set system ipv6 disable" doesn't work as expected.
T4341 (feature): login: disable user-account prior to deletion and wait until deletion is complete
T4336 (feature): isis: add support for MD5 authentication password on a circuit

2022-04-06

T4308 (feature): Op-comm "Show log frr" to view specific protocol logs

2022-04-04

T4329 (bug): Bgp policy route-map bug with set several extcommunity rt

2022-04-02

T4335 (bug): open-vmdk fails to build under gcc-10.+

2022-04-01

T4332 (bug): bgp: deterministic-med cannot be disabled while addpath-tx-bestpath-per-AS is in use

2022-03-31

T4326 (feature): Add bgp option no-suppress-duplicates
T4323 (default): ospf6d crashes on latest vyos nightly

2022-03-29

T3686 (bug): Bridging OpenVPN tap with no local-address breaks
T3635 (default): Add ability to use mDNS repeater with VRRP

2022-03-26

T4321 (default): Allow BGP neighbors between different VIFs on the same VyOS

2022-03-24

T4301 (bug): The "arp-monitor" option in bonding interface settings does not work
T4294 (bug): Adding a new openvpn-option does not restart the OpenVPN process
T4290 (bug): BGP source-interface fails to commit
T4230 (bug): OpenVPN server configuration deleted after reboot when using a VRRP virtual-address

2022-03-23

T4314 (bug): Latest 1.4 Rolling release config migration error

2022-03-21

T4304 (feature): [OSPF]import/export filter inter-area prefix

2022-03-20

T4298 (default): vyos-vm-images: fix ansible group name and remove obsolete empty command

2022-03-18

T4286 (bug): Fix for firewall ipv6 name address validator

2022-03-15

T4302 (feature): FRRouting upgrade to release 8.2.2
T4293 (default): Add "set ip-next-hop unchanged" in route-map

2022-03-14

T4275 (default): Incorrect val_help for local/remote prefix in ipsec vpn

2022-03-12

T4296 (bug): Interface config injected by Cloud-Init may interfere with VyOS native
T4265 (feature): Add op-mode for bgp flowspec state and routes

2022-03-11

T4297 (bug): Interface configuration saving fails for ice/iavf based interfaces because they can't change speed/duplex settings

2022-03-09

T3981 (feature): VRF support for flow-accounting

2022-03-05

T4259 (bug): The conntrackd daemon can be started wrongly

2022-03-03

T4283 (feature): Add support to "reject" routes - emit an ICMP unreachable when matched

2022-03-01

T4277 (feature): flow-accounting: support sending flow-data via VRF interface

2022-02-28

T4273 (bug): ssh: Upgrade from 1.2.X to 1.3.0 breaks config
T4115 (bug): reboot in <x> not working as expected
T3656 (bug): IPSec 1.4 : "show vpn ike sa" does not show the correct default ike version

2022-02-26

T4272 (feature): lldp: migrate Python script to use get_config_dict()

2022-02-24

T4267 (bug): Error - Missing required "ip key" parameter

2022-02-23

T4194 (bug): prefix-list no check for duplicate entries
T4264 (bug): vxlan: interface is destroyed and rebuild on description change
T4263 (bug): vyos.util.leaf_node_changed() dos not honor valueLess nodes

2022-02-21

T4120 (feature): [VXLAN] add ability to set multiple unicast-remotes

2022-02-20

T4254 (feature): VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on
T4249 (feature): Add support for device mapping in containers
T3617 (bug): IPSec 1.4 generate invalid configuration
T4261 (feature): MACsec: add DHCP client support
T4203 (bug): Reconfigure DHCP client interface causes brief outages

2022-02-19

T4258 (bug): [DHCP-SERVER] error parameter on Failover

2022-02-17

T4255 (bug): Unexpected print of dict bridge on delete
T4240 (bug): Cannot add wlan0 to bridge via configure
T4154 (bug): Error add second gre tunnel with the same source interface

2022-02-16

T4237 (bug): Conntrack-sync error - error adding listen-address command

2022-02-15

T4160 (bug): Firewall - Error in rules that matches everything except something
T3006 (bug): Accel-PPP & vlan-mon config get invalid VLAN
T3494 (bug): DHCPv6 leases traceback when PD using
T1292 (bug): Issues while deleting all rules from a firewall

2022-02-13

T4242 (bug): ethernet speed/duplex can never be switched back to auto/auto
T4191 (bug): Lost access to host after VRF re-creating

2022-02-11

T3872 (feature): Add configurable telegraf monitoring service

2022-02-08

T4227 (bug): Typo in help completion of hello-time option of bridge interface

2022-02-07

T4233 (bug): ssh: sync regex for allow/deny usernames to "system login"

2022-02-06

T4223 (bug): policy route cannot have several entries with the same table
T4216 (bug): Firewall: can't use negated groups in firewall rules
T4178 (bug): policy based routing tcp flags issue
T4164 (bug): PBR: network groups (as well as address and port groups) don't resolve in `nftables_policy.conf`
T3970 (feature): Add support for op-mode PKI direct install into an active config session
T3828 (bug): ipsec: Subtle change in "pfs enable" behavior from equuleus -> sagitta

2022-02-05

T4226 (bug): VRRP transition-script does not work for groups name which contains -(minus) sign

2022-02-04

T4196 (bug): DHCP server client-prefix-length parameter results in non-functional leases

2022-02-03

T4218 (bug): firewall: rule name is not allowed to start with a number
T3643 (bug): show vpn ipsec sa doesn't show tunnels in "down" state

2022-02-01

T4224 (bug): Ethernet interfaces configured for DHCP not working on latest rolling snapshot (vyos-1.4-rolling-202201291849-amd64.iso)
T4225 (bug): Performance degration with latest rolling release
T4220 (bug): Commit broke dhclient 78b247b724f74bdabab0706aaa7f5b00e5809bc1
T4138 (bug): NAT configuration allows to set incorrect port range and invalid port

2022-01-28

T4184 (bug): NTP allow-clients address doesn't work it allows to use ntp server for all addresses
T4217 (bug): firewall: port-group requires protocol to be set - but not in VyOS 1.3

2022-01-27

T4213 (default): ipv6 policy routing not working anymore
T4188 (bug): Firewall does not correctly handle conntracking
T3762 (feature): Support network and address groups for policy ipv6-route
T3560 (feature): Ability to create groups of MAC addresses
T3495 (feature): Modernising port/protocol definitions

2022-01-25

T4205 (feature): Disable Debian Version in SSH (DebianBanner->no)
T4131 (bug): Show firewall group incorrect format members

2022-01-24

T4204 (feature): Update Accel-PPP to a newer revision
T1795 (default): Commit rollback by timeout

2022-01-23

T4186 (bug): Firewall icmp type - Offered options not supported
T4181 (bug): Firewall ipv6-network-group - incorrect description on helper

2022-01-21

T4200 (bug): Assigning ipv6-name to interface is not generating nftables rules
T4144 (bug): Firewall address-group - Improve error messages
T4137 (bug): Firewall group configuration allows to set incorrect port range and invalid port
T4133 (bug): Firewall network group error with zone-based firewall rules

2022-01-20

T4171 (bug): Interface config migration error on 1.2.8 -> 1.4 upgrade

2022-01-19

T4195 (feature): [OSPF-ECMP]enable set maximun-path

2022-01-18

T4159 (bug): Empty firewall group (address, network & port) generates invalid nftables config, commit fails
T4155 (bug): PBR: `set table main` fails in `firewall.py` with newer rolling releases
T3873 (feature): Zone based Firewall - Filter traffic in same zone
T3286 (feature): Switch the firewall from iptables to nftables
T292 (feature): [ZBF] Allow filtering intra zone traffic

2022-01-17

T3164 (bug): console-server ssh does not work with RADIUS PAM auth

2022-01-15

T4183 (feature): IPv6 link-local address not accepted as wireguard peer
T4150 (bug): VRRP with conntrack-sync does not work
T4110 (feature): [IPV6-SSH/DNS} enable IPv6 link local adresses as listen-address %eth0

2022-01-14

T4182 (bug): Show vrrp if vrrp not configured bug
T4179 (feature): Add op-mode CLI for show high-availability virtual-server

2022-01-13

T4175 (bug): BGP configuration failed
T4109 (feature): Extend high-availability/keepalived for support virtual-server lb

2022-01-12

T4174 (bug): Validation fails when entering port range with upper port 65535
T4162 (bug): VPN ipsec ike-group - Incorrect value help for ikev2-reauth
T4161 (bug): Policy route-map - Incorrect value help for local preference
T4152 (bug): NHRP shortcut-target holding-time does not work

2022-01-11

T4149 (bug): [Firewall-IPV6] Error delete Fw rules on VIF/INT
T3950 (bug): CLI backtrace on update if DNS not defined
T4166 (bug): Debug output missing when frr.py called under vyos-configd

2022-01-10

T3299 (bug): Allow the web proxy service to listen on all IP addresses
T3115 (feature): Add support for firewall on L3 VIF bridge interface

2022-01-09

T4142 (bug): Input ifbX interfaces not displayed in op-mode
T3914 (bug): VRRP rfc3768-compatibility doesn't work with unicast peers

2022-01-08

T4116 (bug): Webproxy/Squid not working with IPv6 listen-address

2022-01-07

T3924 (bug): VRRP stops working with VRF

2022-01-06

T4135 (bug): Declare zone policy firewall without local zone errors
T4130 (bug): Firewall state policy errors chain
T4141 (bug): Set high-availability vrrp sync-group without members error

2022-01-04

T4134 (bug): Incorrect firewall protocol completion help uppercase and duplicates
T4132 (bug): Impossible to show a specific firewall group

2022-01-03

T4126 (feature): Ability to set priority to site to site IPSec vpn tunnels
T4052 (bug): Validator return traceback on VRRP configuration with the script path not in config dir
T4128 (bug): keepalived: Upgrade package to add VRF support

2021-12-31

T4081 (bug): VRRP health-check script stops working when setting up a sync group

2021-12-30

T4124 (feature): snmp: migrate to get_config_dict()

2021-12-29

T4111 (bug): IPSec generates wrong configuration colons for IPv6 peers
T4023 (feature): Add grepcidr or similar functionality
T4086 (default): system login banner is not removed on deletion.

2021-12-28

T3380 (bug): "show vpn ike sa" does not display IPv6 peers

2021-12-27

T3979 (bug): vyos-hostd unable to hostfile-update
T2566 (bug): sstp not able to run tunnels ipv6 only
T4093 (bug): SNMPv3 snmpd.conf generation bug
T2764 (enhancment): Increase maximum number of NAT rules

2021-12-26

T4104 (bug): RAID1: "add raid md0 member sda1" does not restore boot sector
T4108 (default): OSPFv3: add support for auto-cost parameter
T4107 (default): OSPFv3: add support for "default-information originate"

2021-12-25

T4101 (bug): commit-archive: Use of uninitialized value $source_address in concatenation
T4099 (feature): flow-accounting: sync "source-ip" and "source-address" between netflow and sflow ion CLI
T4097 (feature): flow-accounting: migrate implementation to get_config_dict()
T4105 (feature): flow-accounting: drop "sflow agent-address auto"
T4106 (feature): flow-accounting: support specification of capture packet lenght
T4102 (feature): OSPFv3: add support for NSSA area-type
T4055 (feature): Add VRF support for HTTP(S) API service

2021-12-24

T3854 (bug): Missing op-mode commands for conntrack-sync

2021-12-23

T3354 (default): Convert strip-private script from Perl to Python

2021-12-22

T3678 (bug): VyOS 1.4: Invalid error message while deleting ipsec vpn configuration
T3356 (feature): Script for remote file transfers

2021-12-21

T4083 (bug): Cluster heartbeat doesn't start b.c lack of directory /run/heartbeat/
T4070 (bug): NATv4 : inbound-interface type "any" is missing.
T4053 (bug): VRRP impossible to set scripts out of the /config directory
T3931 (bug): SSTP doesn't work after rewriting to PKI

2021-12-20

T4088 (default): Fix typo in login banner

2021-12-19

T3912 (default): Use a more informative default post-login banner

2021-12-17

T4059 (bug): VRRP sync-group transition script does not persist after reboot

2021-12-16

T4046 (feature): Sflow - Add Source address parameter
T3556 (bug): Commit-archive via scp causes 100% CPU on boot
T4076 (enhancment): Allow setting CORS options in HTTP API
T4037 (default): HTTP transfers do not follow redirects
T4029 (default): Broken SFTP uploads

2021-12-15

T4077 (bug): op-mode: bfd: drop "show protocols bfd" in favour of "show bfd"
T4073 (bug): "show protocols bfd peer <>" shows incorrect peer information.

2021-12-14

T4071 (feature): Allow HTTP API to bind to unix domain socket

2021-12-12

T4069 (feature): BGP: add additional available parameters to VyOS CLI
T4036 (bug): VXLAN incorrect raiseError if set multicast network instead of singe address

2021-12-10

T4068 (feature): Python: ConfigError should insert line breaks into the error message

2021-12-09

T4033 (bug): VRRP - Error security when setting scripts
T4064 (bug): IP address for vif is not removed from the system when deleted in configuration
T4060 (enhancment): Extend configquery for use before boot configuration is complete
T4058 (bug): BFD: add BGP and OSPF "bfd profile" support
T4054 (bug): BFD profiles configuration incorrect behavior.

2021-12-07

T4041 (servicerequest): "transition-script" doesn't work on "sync-group"

2021-12-06

T4012 (feature): Add VRF support for TFTP

2021-12-04

T4049 (feature): support command-style output with compare command
T4047 (bug): Wrong regex validation in XML definitions
T4042 (bug): BGP L2VPN / EVPN and RD type 0 set
T4048 (bug): BGP: L2VPN/EVPN and individual RD and RT settings for each VNI
T4045 (bug): Unable to "format disk <new> like <old>"
T4044 (feature): BFD: add vrf support
T4043 (feature): BFD: add support for passive mode

2021-12-02

T4035 (bug): Geneve interfaces aren't displayed by operational mode commands

2021-12-01

T3695 (bug): OpenConnect reports commit success when ocserv fails to start due to SSL cert/key file issues

2021-11-30

T4010 (bug): DMVPN generates incorrect configuration life_time for swanctl.conf
T3725 (feature): show configuration in json format

2021-11-29

T3946 (enhancment): Automatically resize the root partition if the drive has extra space

2021-11-28

T3999 (bug): show lldp neighbor Traceback error
T3928 (feature): Add OSPFv3 VRF support

2021-11-27

T3755 (feature): ospf: adjust to new FRR 8 syntax where "no passive-interface " moved to interface section
T3753 (feature): frr: upgrade to stable/8.1 release train

2021-11-26

T3978 (bug): containers add network without declaring prefix raise ConfigError

2021-11-25

T4006 (default): Add additional Linux capabilities to container configuration
T3986 (bug): Incorrect description for vpn ipsec site-to-site authentication and connection

2021-11-24

T4015 (feature): Update Accel-PPP to a newer revision
T3865 (bug): loadkey command help text missing escape sequence
T1083 (feature): Implement persistent/random address and port mapping options for NAT rules

2021-11-23

T3990 (bug): WATCHFRR: crashlog and per-thread log buffering unavailable (due to files left behind in /var/tmp/frr/ after reboot)

2021-11-20

T3998 (bug): route-target completion incorrect description

2021-11-19

T4003 (bug): API for "show interfaces ethernet" does not include the interface description
T4011 (bug): ethernet: deleting interface should place interface in admin down state

2021-11-18

T3612 (bug): IPoE Server address pool issues.
T3995 (feature): OpenVPN: do not stop/start service on configuration change
T4008 (feature): dhcp: change client retry interval form 300 -> 60 seconds
T3795 (bug): WWAN: issues with non connected interface / no signal
T3510 (bug): RADIUS usersname is not shown on CLI

2021-11-17

T3350 (bug): OpenVPN config file generation broken
T3996 (bug): SNMP service error in log

2021-11-15

T3994 (bug): VRF: unable to delete vrf when name contains numbers, hyphen or underscore
T3960 (bug): FRR Misconfig when using multiple VRF VNI
T3724 (feature): Allow setting host-name in l2tp section of accel-ppp
T645 (feature): Allow multiple prefixes in ipsec tunnel

2021-11-10

T3966 (default): OpenVPN fix the smoketests
T3834 (default): [OPENVPN] Support for Two Factor Authentication totp.
T3982 (bug): DHCP server commit fails if static-mapping contains + or .

2021-11-09

T3962 (bug): Image cannot be built without open-vm-tools

2021-11-07

T3626 (bug): Configuring and disabling DHCP Server

2021-11-06

T3514 (bug): NIC flap at any interface change

2021-11-05

T3972 (bug): Removing vif-c interface raises KeyError

2021-11-04

T3969 (bug): Container incorrect raiseError format if network doesn't exist
T3662 (bug): Container configuration upgrade destroys system
T3964 (bug): SSTP: local-user static-ip CLI node accepts invalid IPv4 addresses

2021-11-03

T3952 (default): Add sh bgp ipv4/ipv6 vpn command
T3610 (bug): DHCP-Server creation for not primary IP address fails

2021-11-01

T3958 (default): OpenVPN breaks the smoketests
T3956 (bug): GRE tunnel - unable to move from source-interface to source-address, commit error

2021-10-31

T3945 (feature): Add route-map for bgp aggregate-address
T3954 (bug): FTDI cable makes VyOS sagitta latest hang, /dev/serial unpopulated, config system error
T3943 (bug): "netflow source-ip" prevents image upgrades if IP address does not exist locally

2021-10-29

T3942 (feature): Generate IPSec debug archive from op-mode

2021-10-28

T3951 (bug): After resetting vti ipsec tunnel old child SA still active
T3941 (bug): "show vpn ipsec sa" shows established time of parent SA not child SA's
T3916 (feature): Add additional Linux capabilities to container configuration

2021-10-27

T3944 (bug): VRRP fails over when adding new group to master

2021-10-22

T3897 (feature): Dynamic DNS doesn't work with IPv6 addresses
T3832 (feature): Allow to set DHCP client-id in hexadecimal format
T3188 (bug): Tunnel local-ip to dhcp-interface Change Fails to Update
T3917 (default): Use Avahi as mDNS repeater for IPv6 support

2021-10-21

T3926 (bug): strip-private does not sanitize "cisco-authentication" from NHRP configuration
T3925 (feature): Tunnel: dhcp-interface not implemented - use source-interface instead
T3923 (feature): Kernel: Enable TLS/IPSec offload support for Mellanox ConnectX NICs
T3927 (feature): Kernel: Enable kernel support for HW offload of the TLS protocol

2021-10-20

T3918 (bug): DHCPv6 prefix delegation incorrect verify error
T3921 (bug): tunnel: KeyError when using dhcp-interface

2021-10-19

T3396 (bug): syslog can't be configured with an ipv6 literal destination in 1.2.x

2021-10-18

T3002 (default): VRRP change on IPSec interface causes packet routing issues

2021-10-17

T3786 (bug): GRE tunnel source address 0.0.0.0 error
T3217 (default): Save FRR configuration on each commit
T3381 (bug): Change GRE tunnel failed
T3254 (bug): Dynamic DNS status shows incorrect last update time
T1243 (bug): BGP local-as accept wrong values
T697 (bug): Clean up and sanitize package dependencies
T578 (feature): Support Linux Container

2021-10-16

T3879 (bug): GPG key verification fails when upgrading from a 1.3 beta version

2021-10-15

T3748 (bug): Container deletion bug
T3693 (feature): ISIS Route redistribution ipv6 support missing
T3676 (feature): Container option to add Linux capabilities
T3613 (feature): Selectors for route-based IPsec tunnel (vti)
T3692 (bug): VyOS build failing due to repo.saltstack.com
T3673 (feature): BGP large-community del operation missing

2021-10-14

T3811 (bug): NAT (op_mode): NAT op_mode command fails.
T3801 (feature): containers: do not use podman CLI to create container networks

2021-10-13

T3904 (bug): NTP pool associations silently fail
T3277 (feature): DNS Forwarding - reverse zones

2021-10-12

T3216 (bug): Removal of restricted-shell broke configure mode for RADIUS users
T3881 (bug): Wrong description for container section restart
T3868 (bug): Regex and/or wildcard not accepted with large-community-list
T3701 (bug): ipoe server fails to start when configuring radius dynamic-author on ipoe

2021-10-10

T3750 (bug): pdns-recursor 4.4 issue with dont-query and private DNS servers
T3885 (default): dhcpv6-pd: randomly generated DUID is not persisted
T3899 (enhancment): Add support for hd44780 LCD displays

2021-10-09

T3894 (bug): Tunnel Commit Failed if system does not have `eth0`

2021-10-08

T3893 (bug): MGRE Tunnel commit crash If sit tunnel available

2021-10-05

T3741 (feature): [BGP] default no-ipv4-unicast - by default

2021-10-04

T3888 (bug): Incorrect warning when poweroff command executed from configure mode.
T3890 (feature): dhcp(v6): provide op-mode commands to retrieve both server and client logfiles
T3889 (feature): Migrate to journalctl when reading daemon logs

2021-10-03

T3880 (bug): EFI boot shows error on display

2021-10-02

T3882 (feature): Upgrade PowerDNs recursor to 4.5 series
T3883 (bug): VRF - Delette vrf config on interface

2021-09-30

T3874 (bug): D-Link Ethernet Interface not working.
T3869 (default): Rewrite vyatta_net_name/vyatta_interface_rescan in Python

2021-09-28

T3853 (default): nat66 rules gets deleted on reboot in 1.4-rolling-202109240217

2021-09-27

T3863 (default): nat66: commit fails/hangs on non existing interface

2021-09-26

T3860 (bug): Error on pppoe, tunnel and wireguard interfaces for IPv6 EUI64 addresses
T3857 (feature): reboot: send wall message to all users for information
T3867 (bug): vxlan: multicast group address is not validated
T3859 (bug): Add "log-adjacency-changes" to ospfv3 process
T3826 (bug): PKI: op-mode - do input validation when listing certificates

2021-09-25

T3657 (default): BGP neighbors ipv6 not able to establish with IPv6 link-local addresses

2021-09-23

T3850 (bug): Dots are no longer allowed in SSH public key names

2021-09-21

T3847 (feature): keepalived/vrrp: migrate to get_config_dict() - cleanup

2021-09-20

T3823 (bug): strip-private does not filter public IPv6 addresses

2021-09-19

T3841 (feature): dhcp-server: add ping-check option to CLI
T2738 (bug): Modifying configuration in the "interfaces" section from VRRP transition scripts causes configuration lockup and high CPU utilization
T3840 (feature): dns forwarding: Cache size should allow values > 10k
T3672 (bug): DHCP-FO with multiple subnets results in invalid/non-functioning dhcpd.conf configuration file output

2021-09-18

T3831 (bug): External traffic stops routing when IPSEC tunnel comes up with interface vti0
T1968 (default): Allow multiple static routes in dhcp-server
T3838 (feature): dhcp-server - sync cli for name-servers to other subsystems
T3839 (feature): dhcp-server: Allow configuration of a DNS server and domain name on the shared-network level

2021-09-17

T3830 (bug): ipsec: remote-id no longer included in IKE AUTH if not explicitly specified

2021-09-11

T3402 (feature): Add VyOS programming library for operational level commands

2021-09-10

T3802 (bug): Commit fails if ethernet interface doesn't support flow control
T3819 (bug): Upgrade Salt Stack 3002.3 -> 3003 release train
T915 (feature): MPLS Support

2021-09-09

T3812 (bug): Vyos and frr route-map config out of sync
T3814 (bug): wireguard: commit error showing incorrect peer name from the configured name
T3805 (bug): OpenVPN insufficient privileges for rtnetlink when closing TUN/TAP interface
T3815 (bug): pki : the file command 'generate pki wireguard key-pair file' is not working

2021-09-07

T1894 (bug): FRR config not loaded after daemons segfault or restart
T3807 (bug): Op Command "show interfaces wireguard" does not show the output

2021-09-06

T3806 (bug): Don't set link local ipv6 address if MTU less then 1280
T3803 (default): Add source-address option to the ping CLI
T3431 (bug): Show version all bug
T2920 (bug): Commit crash when adding the second mGRE tunnel with the same key

2021-09-05

T3804 (feature): cli: Migrate and merge "system name-servers-dhcp" into "system name-server"

2021-09-04

T3619 (bug): Performance Degradation 1.2 --> 1.3 | High ksoftirqd CPU usage

2021-09-03

T3788 (bug): Keys are not allowed with ipip and sit tunnels
T3634 (feature): Add op command option for ping for do not fragment bit to be set
T3798 (feature): bgp: add support for "neighbor <X> local-as replace-as" option

2021-09-02

T3792 (bug): login: A hypen present in a username from "system login user" is replaced by an underscore
T3790 (bug): Does not possible to configure PPTP static ip-address to users
T2947 (bug): Nat translation many-many with prefix does not map 1-1.

2021-08-31

T3789 (feature): Add custom validator for base64 encoded CLI data
T3782 (default): Ingress Shaping with IFB No Longer Functional with 1.3

2021-08-30

T3768 (default): Remove early syntaxVersion implementation
T2941 (default): Using a non-ASCII character in the description field causes UnicodeDecodeError in configsource.py
T3787 (bug): Remove deprecated UDP fragmentation offloading option

2021-08-29

T3708 (bug): isisd and gre-bridge commit error
T3783 (bug): "set protocols isis spf-delay-ietf" is not working
T2750 (default): Use m4 as a template processor

2021-08-28

T3743 (bug): l2tp doesn't work after reboot if outside-address not 0.0.0.0

2021-08-27

T3182 (bug): Main blocker Task for FRR 7.4/7.5 series update
T3568 (feature): Add XML for firewall conf-mode
T2108 (default): Use minisign/signify instead of GPG for release signing

2021-08-26

T3776 (default): Rename FRR daemon restart op-mode commands
T3739 (feature): policy: route-map: add EVPN match support

2021-08-25

T3773 (bug): Delete the "show system integrity" command (to prepare for a re-implementation)
T3775 (bug): Typo in generated Strongswan VPN-config

2021-08-24

T3772 (bug): VRRP virtual interfaces are not shown in show interfaces

2021-08-23

T3769 (feature): Containers: Network Bridging

2021-08-22

T3090 (feature): Move 'adjust-mss' firewall options to the interface section.
T3765 (default): container: additional op-mode commands

2021-08-20

T1950 (default): Store VyOS configuration syntax version data in JSON file

2021-08-19

T3751 (bug): pki generate ca add new line after passphrase
T3764 (bug): Unconfigurable IKE and ESP lifetime
T3234 (bug): multi_to_list fails in certain cases, with root cause an element redundancy in XML interface-definitions
T3732 (feature): override-default helper should support adding defaultValues to default less nodes
T3759 (default): [L3VPN] VPNv4/VPNv6 add commands

2021-08-18

T3752 (bug): generate pki certificate file xxx doesn't touch file

2021-08-16

T3738 (default): openvpn fails if server and authentication are configured
T1594 (bug): l2tpv3 error on IPv6 local-ip

2021-08-15

T3756 (default): VyOS generates invalid QR code for wireguard clients
T3757 (default): OSPF: add support to configure the area at an interface level

2021-08-14

T3745 (feature): op-mode IPSec show vpn ipse sa sorting

2021-08-13

T3749 (bug): V4/V6 Counters in network container validation aren't being reset
T3728 (bug): FRR not respect configured RD and RT for L3VNI
T3727 (bug): VPN IPsec ESP proposal and ESP presented in config missmatch
T3740 (bug): HTTPs API breaks when the address is IPv6

2021-08-12

T3731 (bug): verify_accel_ppp_base_service return wrong config error for SSP
T3405 (feature): PPPoE server unit-cache
T2432 (default): dhcpd: Can't create new lease file: Permission denied
T3746 (feature): Inform users logging into the system about a pending reboot
T3744 (default): Dns forwarding statistics formatting missing a new line

2021-08-11

T3709 (feature): Snmp: Allow enable MIDs/OIDs ipCidrRouteTable

2021-08-09

T3720 (bug): IPSec set vti secondary address cause interface disable

2021-08-08

T3705 (bug): IPSec: VTI interface does not honor default-esp-group
T2027 (bug): get_config_dict is failing when the configuration section is empty/missing

2021-08-05

T3719 (bug): Restart vpn shows some missed files

2021-08-04

T3704 (feature): Add ability to interact with Areca RAID adapers
T3718 (bug): VPN IPsec IKE group by default not use DH-group 2

2021-08-02

T3601 (default): Error in ssh keys for vmware cloud-init if ssh keys is left empty.

2021-08-01

T3707 (bug): Ping incorrect ip host checks

2021-07-31

T3716 (feature): Linux kernel parameters ignore_routes_with_link_down- ignore disconnected routing connections

2021-07-30

T1176 (default): FRR - BGP replicating routes
T1210 (feature): About IKEv2 IPSec VPN remote access

2021-07-23

T3699 (bug): login: verify selected "system login user" name is not already used by the base system.
T3698 (default): Support bridge monitoring

2021-07-13

T3679 (default): Point the unexpected exception message link to the new rolling release location

2021-07-11

T3665 (bug): Missing VRF support for VxLAN but already documented

2021-07-10

T3636 (feature): SSTP / L2TP ipv6 support broken

2021-07-09

T3667 (bug): brctl is damaged

2021-07-06

T3660 (feature): Conntrack-Sync configuration command to specify destination udp port for peer

2021-07-03

T57 (enhancment): Make it possible to disable the entire IPsec peer

2021-07-01

T3658 (feature): Add support for dhcpdv6 fixed-prefix6
T2035 (bug): Executing vyos-smoketest multiple times makes ssh test fail on execution

2021-06-29

T3593 (bug): PPPoE server called-sid format does not work
T1441 (feature): Add support for IPSec XFRM interfaces

2021-06-25

T3641 (feature): Upgrade base system from Debian Buster -> Debian Bullseye
T3649 (feature): Add bonding additional hash-policy

2021-06-23

T3647 (feature): Bullseye: gcc defaults to passing --as-needed to linker

2021-06-22

T3629 (bug): IPoE server shifting address in the range
T3645 (feature): Bullseye: ethtool changed output for ring-buffer information

2021-06-21

T3563 (default): commit-archive breaks with IPv6 source addresses

2021-06-20

T3637 (bug): vrf: bind-to-all didn't work properly
T3639 (default): GCC preprocessor clobbers C comments

2021-06-19

T3633 (feature): Add LRO offload for interface ethernet

2021-06-18

T3599 (default): Migrate NHRP to XML/Python

2021-06-17

T3624 (feature): BGP: add support for extended community bandwidth definition

2021-06-16

T3623 (default): Fix for dummy interface option in the operational command "clear interfaces dummy"
T3630 (feature): op-mode: add "show version kernel" command

2021-06-13

T3620 (feature): Rename WWAN interface from wirelessmodem to wwan to use QMI interface
T2173 (feature): Add the ability to use VRF on VTI interfaces
T3622 (feature): WWAN: add support for APN authentication
T3606 (bug): SNMP unknown notification OID
T3621 (bug): PPPoE interface does not validate if password is supplied when username is set

2021-06-12

T3611 (bug): WWAN interface (MC7710) no longer works on Kernel 5.10
T1534 (bug): IPSec w/ IKEv2 Invalid local-address "any"
T3616 (bug): Update to FastAPI causes regression in vyos-http-api-server

2021-06-11

T3614 (bug): Container network name with hyphen fail

2021-06-10

T3250 (bug): PPPoE server: wrong local usernames
T3138 (bug): ddclient improperly updated when apply rfc2136 config
T2645 (default): Editing route-map action requires adding a new rule

2021-06-08

T3605 (default): Allow to set prefer-global for ipv6-next-hop
T3607 (feature): [route-map] set ipv6 next-hop prefer-global
T3289 (bug): No description for node "service" conf-mode

2021-06-07

T3461 (bug): OpenConnect Server redundancy check
T3455 (bug): system users can not be added in "edit"
T3588 (default): IPSec: migrate no longer available options from CLI which are now hardcoded/enabled in strongSwan

2021-06-06

T842 (feature): Adopt VyOS CLI to latest StrongSwan options and deprecated Keywords

2021-06-04

T3595 (default): Cannot create new VTI interface
T3592 (feature): Set default TTL 64 for tunnels

2021-06-03

T3384 (feature): Support UDP bandwidth testing

2021-06-02

T3233 (bug): Interface redirect to dum0

2021-06-01

T3585 (default): Fix NHRP module for updated interfaces tunnel syntax
T3594 (bug): Disable by default service strongswan-starter

2021-05-30

T3518 (bug): Warning messages when using SCP commit-archive
T3093 (default): Add xml for vpn ipsec
T1866 (bug): Commit archive over SFTP doesn't work with non-standard ports
T3590 (feature): bgp: add option for limiting maximum number of prefixes to be sent to a peer
T3589 (feature): op-mode: support clearing out logfiles from CLI
T2641 (feature): Rewrite vpn ipsec OP commands in new style XML syntax
T3351 (feature): Installer checking MD5 checksums on the ISO image

2021-05-29

T1944 (bug): FRR: Invalid route in BGP causes update storm, memory leak, and failure of Zebra
T1888 (feature): Update to StrongSwan 5.9.1

2021-05-27

T3561 (feature): router-advert: support advertising specific routes
T2669 (bug): DHCP-server overlapping ranges.

2021-05-26

T3540 (bug): Keepalived memory utilisation issue when constantly getting its state in JSON format

2021-05-24

T3575 (bug): pseudo-ethernet: must check source-interface MTU
T3571 (bug): Broken Show Tab Complete
T3555 (bug): GRE TAP tunnel does not silent fragment packets / kernel fix available
T3576 (bug): ISIS does not support IPV6

2021-05-23

T3570 (default): Prevent setting of a larger MTU on child interfaces
T3573 (bug): as-path-prepend Description Invalid
T3572 (feature): Basic Drive Diagnostic Tools

2021-05-22

T3564 (default): Multiple BGP Confederation Peers Not Allowed

2021-05-21

T3551 (bug): QoS control failure of VLAN sub interface

2021-05-20

T3554 (feature): Add area-type stub for ospfv3
T3565 (feature): sysctl: rewrite in XML and Python and drop from vyatta-cfg-system

2021-05-19

T3562 (feature): Update Accel-PPP to a newer revision
T3559 (feature): Add restart op-command for OpenConnect Server

2021-05-18

T3525 (default): VMWare resume script syntax errors

2021-05-15

T3549 (bug): DHCPv6 "service dhcpv6-server global-parameters name-server" is not correctly exported to dhcpdv6.conf when multiple name-server entries are present
T3532 (bug): Not possible to change ethertype after interface creation
T3550 (bug): Router-advert completion typo
T3547 (feature): conntrackd: remove deprecated config options
T3535 (feature): Rewrite vyatta-conntrack-sync in new XML and Python flavor

2021-05-14

T3346 (bug): nat 4-to-5 migration script fails when a 'source' or 'destination' node exists but there are no rules
T3248 (default): Deal with VRRP mode-force command that exists in 1.2 but not in 1.3
T3426 (default): add support for script arguments to vyos-configd

2021-05-13

T3539 (bug): Typo in RPKI interface definition
T439 (feature): local PBR support
T3544 (feature): DHCP server should validate configuration before applying it
T3543 (feature): Support for setting lacp_rate on LACP bonded interfaces

2021-05-12

T3302 (default): Make vyos-configd relay stdout from scripts to the user's console
T3542 (bug): udev net.rules not installed in image since may 2nd

2021-05-10

T3374 (bug): IPv6 GRE Tunnel issues

2021-05-09

T3530 (bug): BGP peer-group can't contain a hyphen

2021-05-06

T3523 (bug): VRF BGP daemon route-map command missing
T3519 (bug): Cannot add / assign L2TPv3 to vrf

2021-05-05

T3520 (bug): Cannot add tunnel interface to isis within vrf
T3335 (bug): Some OSPFv3 show commands do not work

2021-05-04

T3504 (feature): BGP Per Peer Graceful Restart

2021-05-02

T3511 (bug): Update libnss-mapuser and libpam-radius packages from CUMULUS Linux

2021-05-01

T3379 (feature): Add global-parameters name-server for dhcpv6-server
T3491 (default): Change Kernel HZ to 1000

2021-04-29

T3503 (bug): "route-reflector-client" fails when "remote-as" is "internal"
T3502 (bug): "system ip multipath layer4-hashing" doesn't work

2021-04-28

T3473 (bug): IPSec op-mode show sa error

2021-04-27

T2946 (bug): Calling 'stty_size' causes show interfaces API to fail

2021-04-25

T3490 (bug): priority inversion on PBR "policy route" create, breaks default route from dhcp (live iso)
T3468 (bug): Tunnel interfaces aren't suggested as being available for bridging (regression)
T3497 (bug): Prefix list with rule containing only action is not detected as error during parse
T3492 (bug): BGP Configuration Migration failed (badly!) from rolling 202102240218 to rolling 202104221210
T1802 (feature): Wireguard QR code in cli for mobile devices

2021-04-24

T3472 (bug): commit-confirm script not found
T3439 (bug): Commit-archive location not working for scp

2021-04-23

T3395 (bug): WAN load-balancing fails with nexthop dhcp
T3290 (bug): Disabling GRE conntrack module fails

2021-04-20

T3488 (bug): Specifying an invalid "interface address" like dhcph leads to commit error

2021-04-18

T3481 (default): Exclude tag node values from key mangling
T3475 (bug): XML dictionary cache unable to process syntaxVersion elements

2021-04-17

T3470 (bug): as-override isn't applied to frr

2021-04-15

T3386 (bug): PPPoE-server don't start with local authentication
T3190 (feature): Unable to subtract value from local-preference in route-map

2021-04-14

T3398 (bug): Can't commit
T3055 (bug): op-mode incorrect naming for ipsec policy-based tunnels

2021-04-13

T3436 (feature): Refactoring ospf op-mode for support vrf
T3434 (feature): Refactoring bgp op-mode for support vrf

2021-04-12

T3454 (enhancment): dhclient reject option
T3328 (bug): Bgp not possible to delete bgp route-map

2021-04-10

T3460 (bug): bgp, Configuration FRR failed while commiting code

2021-04-09

T3464 (bug): OSPF: route-map names containing a hypen are not "found"

2021-04-08

T3462 (default): show ipv6 bgp -- missing
T3463 (bug): Prevent IPv4 Route exchange with IPv6 neighbors

2021-04-05

T3438 (bug): VRF: removing vif which belongs to a vrf, will delete the entire vrf from the operating system
T3418 (bug): BGP: system wide known interface can not be used as neighbor

2021-04-04

T3457 (feature): Output the "monitor log" command in a colorful way

2021-03-31

T3445 (bug): vyos-1x build include not all nodes

2021-03-30

T3448 (bug): Loading vyos on a system without xdp installed fails

2021-03-29

T3415 (feature): bridge: add support for isolated interfaces (private-vlan)
T1711 (feature): BGP - migrate from tagNode to node (remove ASN from tagNode)

2021-03-28

T3440 (bug): HTTP API: give uvicorn time to initialize before restarting Nginx proxy

2021-03-27

T3423 (bug): Cannot create ipv4 static route for default gateway in vrf

2021-03-26

T3412 (default): HTTP API: move to FastAPI as web framework
T2397 (feature): HTTP API: export OpenAPI definition

2021-03-24

T3419 (bug): show interfaces | strip-private fails

2021-03-22

T3284 (bug): merge/load fail silently if unable to resolve host

2021-03-21

T3417 (default): ISIS: provide per VRF instance support
T3416 (bug): NTP: when running inside a VRF op-mode commands do not work

2021-03-20

T3392 (bug): vrrp over dhcp default route bug (unexpected vrf)
T3373 (feature): Upgrade to SaltStack version 3002.5
T3329 (default): "system conntrack ignore" rules can no longer be created due to an iptables syntax change
T3300 (feature): Add DHCP default route distance
T3306 (feature): Extend set route-map aggregator as to 4 Bytes

2021-03-18

T3411 (default): Extend the redirect_stdout context manager in vyos-configd to redirect stdout from subprocesses
T3271 (bug): qemu-kvm grub issue

2021-03-17

T3413 (bug): Configuring invalid IPv6 EUI64 address results in "OSError: illegal IP address string passed to inet_pton"

2021-03-14

T3345 (default): BGP: add per VRF instance support
T3344 (default): Per VRF dynamic routing support
T3325 (bug): Bgp listen-range wrong commit message
T1513 (default): Move OSPF and RIP interface configuration under protocols

2021-03-13

T3406 (bug): tunnel: interface no longer supports specifying encaplimit none - or migrator is missing
T3407 (bug): console-server: do not allow to spawn a console-server session on serial port used by "system console"

2021-03-11

T3305 (bug): Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot
T2927 (bug): isc-dhcpd release and expiry events never execute

2021-03-09

T3382 (bug): Error creating Console Server

2021-03-08

T3387 (bug): Command "Monitor vpn ipsec" is not working

2021-03-07

T3388 (bug): show interfaces doesn't display pppoeX
T3211 (feature): ability to redistribute ISIS into other routing protocols

2021-03-04

T3377 (bug): show interfaces throws error

2021-03-02

T3375 (bug): Interface becomes up at boot even when disabled

2021-02-28

T3370 (bug): dhcp: Invalid domain name "private"
T3369 (feature): VXLAN: add IPv6 underlay support
T3363 (bug): VyOS-Build interactive prompt when using Podman
T3320 (bug): Bgp neighbor peer-group without peer-group fail

2021-02-27

T3365 (bug): Bgp neighbor interface ordering for remote-as
T3225 (bug): Adding a BGP neighbor with an address on a local interface throws a vyos.frr.CommitError: Configuration FRR failed while committing code: ''
T3368 (feature): macsec: add support for gcm-aes-256 cipher
T3173 (feature): Need 'nopmtudisc' option for tunnel interface

2021-02-26

T3324 (bug): Bgp space in the password
T3357 (default): HTTP-API redirect from http correct https port
T3323 (bug): Bgp ttl-security and ebgp-multihop fail

2021-02-24

T3303 (feature): Change welcome message on boot

2021-02-22

T3322 (bug): Bgp neighbor timers not applyed to FRR config
T3327 (bug): OSPFv3: Cannot add dummy interface

2021-02-21

T3331 (bug): Bgp unsuppress-map should be as "value leafNode"
T3330 (bug): Bgp capability orf prefix-list fail
T3163 (feature): ethernet ring-buffer can be set with an invalid value

2021-02-19

T3326 (bug): OSPFv3: Cannot add L2TPv3 interface
T3332 (bug): BGP unnumbered - UnboundLocalError: local variable 'peer_group' referenced before assignment

2021-02-18

T3259 (default): many dnat rules makes the vyos http api crash, even showConfig op timeouts

2021-02-17

T3312 (feature): SolarFlare NICs support

2021-02-16

T3313 (bug): ospfv3 interface missing options
T3318 (feature): Update Linux Kernel to v5.4.208 / 5.10.142

2021-02-15

T3311 (bug): BGP Error: Remote AS must be set for neighbor or peer-group

2021-02-14

T2848 (feature): bgp-add-path configuration options

2021-02-12

T3301 (bug): Wrong format and valueHelp for policy as-path-list regex

2021-02-11

T3281 (default): Rewrite protocol RIPng [conf-mode] to new XML/Python style
T3282 (default): Add XML for [conf-mode] RIPng
T3279 (default): Rewrite protocol STATIC [op-mode] to new XML/Python style
T3297 (bug): Optimize irrelevant error stack hints

2021-02-08

T3295 (feature): Update Linux Kernel to v5.4.96 / 5.10.14

2021-02-05

T3030 (feature): Support ERSPAN Tunnel Protocol

2021-02-04

T3283 (feature): Support for IPv4 neigh tables
T3280 (default): Add XML for [conf-mode] STATIC

2021-02-03

T3278 (feature): Add XML for "protocols vrf" [conf-mode]
T3239 (default): XML: override 'defaultValue' for mtu of certain interfaces; remove workarounds
T2910 (feature): XML: generator should support override of variables

2021-02-02

T3018 (bug): Unclear behaviour when configuring vif and vif-s interfaces
T3255 (default): Rewrite protocol RPKI to new XML/Python style
T3263 (feature): OSPF Hello subsecond timer

2021-01-31

T3276 (feature): Update Linux Kernel to v5.4.94 / 5.10.12

2021-01-30

T3240 (feature): Support per-interface DHCPv6 DUIDs
T3273 (default): PPPoE static default-routes deleted on interface down when not added by interface up

2021-01-29

T3261 (bug): Does not possible to disable pppoe client interface.
T3272 (default): OSPF: interface config is not removed

2021-01-27

T3257 (feature): tcpdump supporting complete protocol
T3244 (default): Rewrite protocol OSPFv3 to new XML/Python style

2021-01-26

T3251 (bug): PPPoE client trying to authorize with the wrong username
T3256 (default): Add XML for protocol RPKI [conf-mode]

2021-01-25

T3249 (feature): Support operation mode forwarding table output

2021-01-24

T3227 (bug): Latest releases don't work with RPKI (crash)
T3230 (bug): RPKI can't be deleted
T3221 (bug): FRR config
T3245 (default): Add XML for protocol ospfv3 [conf-mode]

2021-01-23

T3236 (default): Add XML for [conf-mode] OSPF

2021-01-17

T3222 (bug): Typo in BGP dampening description
T3226 (bug): Repair bridge smoke test damage

2021-01-16

T3215 (bug): Operational command "show ipv6 route" is broken
T3157 (bug): salt-minion fails to start due to permission error accessing /root/.salt/minion.log
T3137 (feature): Let VLAN aware bridge approach the behavior of professional equipment

2021-01-15

T3210 (feature): ISIS three-way-handshake
T3184 (feature): Add correct desctiptions for BGP neighbors

2021-01-14

T3213 (bug): show interface command python error

2021-01-12

T3205 (bug): Does not possible to configure tunnel mode gre-bridge

2020-12-20

T3132 (feature): Enable egress flow accounting

2020-11-29

T2297 (feature): NTP add support for pool configuration