Page MenuHomeVyOS Platform
Create Task
Maniphest T464

network groups with same name.
Closed, WontfixPublicBUG
Actions

Description

I had some issues where config elements (firewall network group config) was showing up in running config. But when I tried to apply this group to a firewall config, VyOS would produce an error saying they didn't exist. This was right after a reboot.
My firewall group network-group was called TREND-SRV. After I deleted this network group and reapplied it, I was able to use this group in my firewall rule.

But I realized I had a port-group with the same name, which perhaps was causing these issues?

[edit]
vyos@vyos# run show configuration commands | grep TREND
set firewall group network-group TREND-SRV network '192.168.1.0/25'
set firewall group port-group TREND-PORT port '25'
set firewall group port-group TREND-SRV port '25'

vyos@vyos# delete  firewall group port-group 'TREND-SRV'
[edit]
vyos@vyos# commit
[ firewall group port-group TREND-SRV ]
Error: group [TREND-SRV] still in use.

[edit]
vyos@vyos# run show configuration commands | grep TREND
set firewall group network-group TREND-SRV network '192.168.1.0/25'
set firewall group port-group TREND-PORT port '25'

Looks like it was deleted on commit. Does VyOS support different groups with the same name or not? Seems like they where causing some issues with the config parsing anyways.

Details

Difficulty level
Unknown (require assessment)
Version
1.1.7
Why the issue appeared?
Will be filled on close

Event Timeline

olofl created this task.Nov 16 2017, 8:50 AM
syncer triaged this task as Low priority.Dec 21 2017, 9:15 PM
syncer closed this task as Wontfix.Oct 13 2018, 9:18 AM
syncer claimed this task.
syncer added a subscriber: syncer.

retest on 1.2 and resubmit if the issue exist there

syncer edited projects, added Rejected; removed VyOS 1.1.x.Oct 15 2018, 6:30 AM