Page MenuHomeVyOS Platform
Create Task
Maniphest T4032

PPPoE server firewall zone completion missing
Closed, InvalidPublicBUG
Actions

Description

I've got a PPPoE server set up in VyOS:

# show service pppoe-server | strip-private
 authentication {
     local-users {
         username xxxxxx {
             password xxxxxx
             rate-limit {
                 download 1024
                 upload 1024
             }
         }
     }
     mode local
     protocols mschap-v2
 }
 client-ip-pool {
     start xxx.xxx.100.100
     stop xxx.xxx.100.199
     subnet xxx.xxx.100.0/24
 }
 gateway-address xxx.xxx.100.1
 interface eth1.100 {
 }

This creates a ppp0 network device:

# ip link show dev ppp0
6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc tbf state UNKNOWN mode DEFAULT group default qlen 3
    link/ppp

When I try to create a zone with this interface, it does not show on the completion list, even though adding it works:

# set zone-policy zone PPPoE interface
Possible completions:
   <text>       Interface associated with zone
   eth0
   eth1
   eth1.100
   eth1.55
# set zone-policy zone PPPoE interface ppp0
[edit]
# commit
[edit]

Details

Difficulty level
Unknown (require assessment)
Version
1.4-rolling-202112010318
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Event Timeline

FileGo created this task.Dec 1 2021, 12:52 PM
pasik added a subscriber: pasik.Dec 1 2021, 2:26 PM
Viacheslav added a subscriber: Viacheslav.EditedDec 1 2021, 3:51 PM

@FileGo It does not require such configuration in the server section.
As user interfaces creates dynamically "ppp0 ppp5 ppp23" etc
Your zone should look like:

set zone-policy zone PPPoE interface ppp+

It will be match all ppp interfaces

FileGo added a comment.Dec 2 2021, 10:55 AM

I get the following below, even though ppp0 exists:

# set zone-policy zone PPPoE interface ppp+
[edit]
# commit
[ zone-policy zone PPPoE interface ppp+ ]
interface ppp+ does not exist on system
Viacheslav added a comment.EditedDec 2 2021, 12:20 PM

It's just a warning message, as ppp+ it is a regex, exactly interface with such name not exist.
But rule applied

Viacheslav closed this task as Invalid.Dec 21 2021, 10:01 PM