Hi,
I’m currently running on Vyos 1.4 RC1 and created a firewall rule. After commiting I tried to delete the inbound-interface, when only deleteting the Interface ( delete firewall ipv4 forward filter rule 10 inbound-interface name eth0.1700 ) and the commiting you get a exception. When deleting the complete inbound-interfae ( delete firewall ipv4 forward filter rule 10 inbound-interface) the commiting works. I attached below the log from the terminal.
[edit]
vyos@dash-vyos-gre-ffm# set firewall ipv4 forward filter rule 10 inbound-interface name eth0.1700
[edit]
vyos@dash-vyos-gre-ffm# commit
[edit]
vyos@dash-vyos-gre-ffm# delete firewall ipv4 forward filter rule 10 inbound-interface name eth0.1700
[edit]
vyos@dash-vyos-gre-ffm# commit
[ firewall ]
VyOS had an issue completing a command.
We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
- Contact us using the online help desk if you have a subscription:
https://support.vyos.io/
- Make sure you are running the latest version of VyOS available at:
https://vyos.net/get/
- Consult the community forum to see how to handle this issue:
https://forum.vyos.io
- Join us on Slack where our users exchange help and advice:
https://vyos.slack.com
When reporting problems, please include as much information as possible:
- do not obfuscate any data (feel free to contact us privately if your
business policy requires it)
- and include all the information presented below
Report time: 2024-01-18 08:04:40
Image version: VyOS 1.4.0-rc1
Release train: sagitta
Built by: Sentrium S.L.
Built on: Thu 21 Dec 2023 19:06 UTC
Build UUID: 2463607a-ddc5-4942-8685-00d078350c68
Build commit ID: 81ec3de04eb291
Architecture: x86_64
Boot via: installed image
System type: VMware guest
Hardware vendor: VMware, Inc.
Hardware model: VMware Virtual Platform
Hardware S/N: VMware-42 00 bf f9 78 78 d9 7c-a6 8f e0 81 c6 55 6d 23
Hardware UUID: f9bf0042-7878-7cd9-a68f-e081c6556d23
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/firewall.py", line 503, in <module>
generate(c)
File "/usr/libexec/vyos/conf_mode/firewall.py", line 451, in generate
render(nftables_conf, 'firewall/nftables.j2', firewall)
File "/usr/lib/python3/dist-packages/vyos/template.py", line 142, in render
rendered = render_to_string(template, content, formater, location)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/template.py", line 111, in render_to_string
rendered = template.render(content)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1301, in render
self.environment.handle_exception()
File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 936, in handle_exception
raise rewrite_traceback_stack(source=source)
File "/usr/share/vyos/templates/firewall/nftables.j2", line 58, in top-level template code
{{ rule_conf | nft_rule('FWD', prior, rule_id) }}
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/template.py", line 579, in nft_rule
return parse_rule(rule_conf, fw_hook, fw_name, rule_id, ip_name)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/firewall.py", line 280, in parse_rule
iiface = rule_conf['inbound_interface']['group']
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
KeyError: 'group'
[[firewall]] failed
Commit failed