When showing firewall group <name>, any dynamic groups are also shown along with the requested group name. Dynamic-groups, mac-groups and domain-groups are also not shown in tab completion.
All output from show firewall group:
vyos@vyos:~$ show firewall group Firewall Groups Name Type References Members Timeout Expires ----------------- --------------------------- ------------ ----------------- --------- --------- addr-group address_group N/D 1.1.1.1 dom-group domain_group N/D google.com dyn-addr-group address_group(dynamic) N/D N/D N/D N/D dyn-v6-addr-group ipv6_address_group(dynamic) N/D N/D N/D N/D int-group interface_group N/D eth0 v6-addr-group ipv6_address_group N/D 2001:db8::1 v6-net-group ipv6_network_group N/D 2001:db8::/32 mac-group mac_group N/D 00:12:00:12:34:56 net-group network_group N/D 10.0.0.0/24 prt-group port_group N/D 80
In the output of show firewall group <name>, any dynamic-groups are also shown in the output:
vyos@vyos:~$ show firewall group int-group Firewall Groups Name Type References Members Timeout Expires ----------------- --------------------------- ------------ --------- --------- --------- dyn-addr-group address_group(dynamic) N/D N/D N/D N/D dyn-v6-addr-group ipv6_address_group(dynamic) N/D N/D N/D N/D int-group interface_group N/D eth0
Also in the current releases, this is the output from show firewall group <tab/?>. Dynamic-groups, mac-groups and domain-groups are not shown in the completion list.
vyos@vyos:~$ show firewall group <tab/?> Possible completions: <Enter> Execute the current command addr-group Show firewall group detail Show list view of firewall group int-group Show firewall group net-group prt-group v6-addr-group v6-net-group
With a patch, the following will be seen in tab completion:
vyos@vyos:~$ show firewall group Possible completions: <Enter> Execute the current command addr-group Show firewall group detail Show list view of firewall group dom-group Show firewall group dyn-addr-group dyn-v6-addr-group int-group mac-group net-group prt-group v6-addr-group v6-net-group
And when filtering, to display a specific group the following will be displayed instead of including all dynamic-groups as well:
vyos@vyos:~$ show firewall group dyn-addr-group Firewall Groups Name Type References Members Timeout Expires -------------- ---------------------- ------------ --------- --------- --------- dyn-addr-group address_group(dynamic) N/D N/D N/D N/D vyos@vyos:~$ show firewall group int-group Firewall Groups Name Type References Members --------- --------------- ------------ --------- int-group interface_group N/D eth0