Think I found an issue testing an upgrade from 1.2.6-S1 to 1.3.0-rc1 using a configuration similar to my home config and noticed the following errors after reboot into 1.3.0-rc1
Feb 28 11:41:21 vyos1 vyos-router[682]: Starting VyOS router: migrate rl-system firewall configure failed!
Feb 28 11:41:21 vyos1 systemd[1]: Reloading.
Feb 28 11:41:21 vyos1 vyos-config[707]: Configuration error
I did a clean install of my config on 1.3.0-rc1 and did a load -> commit of my home config and had the following errors:
[ system conntrack modules gre disable ]
rmmod: ERROR: Module nf_nat_proto_gre is not currently loaded
rmmod: ERROR: Module nf_conntrack_proto_gre is not currently loaded
[[system conntrack]] failed
Commit failed
It looks like 1.3 is not handling the conntrack modules disable correctly?
Snippet of my config:
system {
config-management {
commit-revisions 100
}
conntrack {
expect-table-size 2048
hash-size 131072
modules {
ftp {
disable
}
gre {
disable
}
h323 {
disable
}
nfs {
disable
}
pptp {
disable
}
sip {
disable
}
sqlnet {
disable
}
tftp {
disable
}
}
table-size 1048576
tcp {
half-open-connections 512
loose enable
max-retrans 3
}
timeout {
icmp 30
other 600
tcp {
close 10
close-wait 60
established 86400
fin-wait 120
last-ack 30
syn-recv 60
syn-sent 120
time-wait 120
}
}
}