Module vyos_firewall_rules doesn't delete rules on replaced state
Open, NormalPublicBUG
Actions

Assigned To

None

Authored By

	syncer
	Sun, Oct 27, 12:58 PM

Description

SUMMARY
I think the module vyos_firewall_rules should delete rules when using replaced.
This bug only affects the source and destination.

STEPS TO REPRODUCE

yaml
  vyos.vyos.vyos_firewall_rules:
    config:
  - afi: ipv4
    rule_sets:
      - name: test4
        description: IPv4 INBOUND rule set
        default_action: accept
        rules:
          - number: 101
            action: reject
            source:
              group:
                network_group: "{{ public_group_ipv4['public']['name'] }}"
  state: replaced

EXPECTED RESULTS

vyos@nf-pont-client1a# show firewall name test4
 default-action accept
 description "IPv4 INBOUND rule set"
 rule 101 {
     action reject
     source {
         group {
             network-group public_group_ipv4
         }
     }
 }

ACTUAL RESULTS

vyos@nf-pont-client1a# show firewall name test4
 default-action accept
 description "IPv4 INBOUND rule set"
 rule 101 {
     action reject
     destination {
         group {
             network-group public_group_ipv4
         }
     }
     source {
         group {
             network-group public_group_ipv4
         }
     }
 }

Details

Version: 2.8.0
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Bug (incorrect behavior)

Event Timeline

Addressed by PR
https://github.com/vyos/vyos.vyos/pull/248

syncer triaged this task as Normal priority.Sun, Oct 27, 12:59 PM

vyosbot added a project: Restricted Project.Mon, Oct 28, 6:09 AM

syncer added a subscriber: Global Notifications.Fri, Nov 1, 9:16 PM

Module vyos_firewall_rules doesn't delete rules on replaced stateOpen, NormalPublicBUGActions

Description

Details

Event Timeline

Module vyos_firewall_rules doesn't delete rules on replaced state
Open, NormalPublicBUG
Actions