Steps to reproduce error, present on vyos-1.3.0-epa3 version:
1- Set firewall and attach it to a interface:
set firewall name ASD default-action accept set firewall name ASD rule 10 action drop set firewall name ASD rule 10 protocol icmp set firewall name ASD rule 10 destination address 198.51.100.1 set interfaces ethernet eth0 firewall in name ASD commit
2- After commit, verify configuration:
vyos@vyos# run show config comm | grep fire set firewall name ASD default-action 'accept' set firewall name ASD rule 10 action 'drop' set firewall name ASD rule 10 destination address '198.51.100.1' set firewall name ASD rule 10 protocol 'icmp' set interfaces ethernet eth0 firewall in name 'ASD'
3- Delete rule 10, and get the error:
vyos@vyos# del firewall name ASD rule 10 [edit] vyos@vyos# commit [ firewall name ASD ] Firewall configuration error: Cannot delete rule set "ASD" (still in use) [[firewall name ASD]] failed
- Expected result: commit successful, and firewall entry only with default-action defined: