[email protected]# compare +firewall { + zone Local { + local-zone + } +} [edit] [email protected]# commit [ firewall ] VyOS had an issue completing a command. We are sorry that you encountered a problem while using VyOS. There are a few things you can do to help us (and yourself): - Contact us using the online help desk if you have a subscription: https://support.vyos.io/ - Make sure you are running the latest version of VyOS available at: https://vyos.net/get/ - Consult the community forum to see how to handle this issue: https://forum.vyos.io - Join us on Slack where our users exchange help and advice: https://vyos.slack.com When reporting problems, please include as much information as possible: - do not obfuscate any data (feel free to contact us privately if your business policy requires it) - and include all the information presented below Report time: 2022-10-09 22:05:57 Image version: VyOS 1.4-rolling-202210082011 Release train: current Built by: [email protected] Built on: Sat 08 Oct 2022 20:11 UTC Build UUID: 0658625e-1e67-443a-a55a-f085517be04c Build commit ID: 7540a635eb786f Architecture: x86_64 Boot via: installed image System type: bare metal Hardware vendor: EXTRA Computer GmbH Hardware model: Pokini F2 Hardware S/N: Hardware UUID: Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/firewall.py", line 520, in <module> generate(c) File "/usr/libexec/vyos/conf_mode/firewall.py", line 410, in generate render(nftables_conf, 'firewall/nftables.j2', firewall) File "/usr/lib/python3/dist-packages/vyos/template.py", line 141, in render rendered = render_to_string(template, content, formater, location) File "/usr/lib/python3/dist-packages/vyos/template.py", line 110, in render_to_string rendered = template.render(content) File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1090, in render self.environment.handle_exception() File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 832, in handle_exception reraise(*rewrite_traceback_stack(source=source)) File "/usr/lib/python3/dist-packages/jinja2/_compat.py", line 28, in reraise raise value.with_traceback(tb) File "/usr/share/vyos/templates/firewall/nftables.j2", line 98, in top-level template code {{ zone_tmpl.zone_chains(zone, state_policy is vyos_defined, False) }} File "/usr/lib/python3/dist-packages/jinja2/runtime.py", line 679, in _invoke rv = self._func(*arguments) File "/usr/share/vyos/templates/firewall/nftables-zone.j2", line 42, in template {% for from_zone, from_conf in zone_conf.from.items() if from_conf.firewall[fw_name] is vyos_defined %} jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'from' [[firewall]] failed Commit failed [edit]
Description
Description
Details
Details
- Difficulty level
- Unknown (require assessment)
- Version
- VyOS 1.4-rolling-202210082011
- Why the issue appeared?
- Will be filled on close
- Is it a breaking change?
- Unspecified (possibly destroys the router)
- Issue type
- Bug (incorrect behavior)
Event Timeline
Comment Actions
zone policy has to be assigned to the firewall rule, that's why the commit failed.
File "/usr/share/vyos/templates/firewall/nftables-zone.j2", line 42, in template
{% for from_zone, from_conf in zone_conf.from.items() if from_conf.firewall[fw_name] is vyos_defined %}
jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'from'Example:
set firewall zone <zone_name> from <zone_name> firewall name <fw_rule_name>
Adding a validation error will help to understand the need for the parameters
Comment Actions
@SrividyaA
The documentation at https://docs.vyos.io/en/latest/configuration/firewall/zone.html currently contains the following regarding local-zone:
set firewall zone <name> local-zone
Define the zone as a local zone. A local zone has no interfaces and will be applied to the router itself.
My attempt "set firewall zone Local local-zone" resulted in the initial error, how to set the local-zone correctly?
Comment Actions
@tioan , Have you assigned your local-zone to the firewall rule ? Please use the latest version and share the error