Add zone policy firewall without local zone
1.3 correct check:
set zone-policy zone WAN interface eth0 set zone-policy zone WAN default-action reject set zone-policy zone WAN from LOCAL firewall name LOCAL-to-WAN set firewall name LOCAL-to-WAN default-action 'accept' vyos@r4# commit [ zone-policy ] LOCAL is a from zone under zone WAN It is either not defined or deleted from config [[zone-policy]] failed [[zone-policy zone WAN from LOCAL]] failed Commit failed [edit] vyos@r4#
1.4:
set zone-policy zone WAN interface eth0 set zone-policy zone WAN default-action reject set zone-policy zone WAN from LOCAL firewall name LOCAL-to-WAN set firewall name LOCAL-to-WAN default-action 'accept' vyos@r11-roll# commit [ zone-policy ] VyOS had an issue completing a command. Report time: 2022-01-03 21:58:38 Image version: VyOS 1.4-rolling-202201020317 Release train: sagitta Built by: [email protected] Built on: Sun 02 Jan 2022 03:17 UTC Build UUID: 4ede964a-6099-4799-b36e-a22a6b9a1914 Build commit ID: e933c7e50fd4f0 Architecture: x86_64 Boot via: installed image System type: KVM guest Hardware vendor: QEMU Hardware model: Standard PC (Q35 + ICH9, 2009) Hardware S/N: Hardware UUID: 8e21d64e-e498-475c-9866-290cd53a3b86 Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/zone_policy.py", line 192, in <module> generate(c) File "/usr/libexec/vyos/conf_mode/zone_policy.py", line 178, in generate render(nftables_conf, 'zone_policy/nftables.tmpl', data) File "/usr/lib/python3/dist-packages/vyos/template.py", line 118, in render rendered = render_to_string(template, content, formater, location) File "/usr/lib/python3/dist-packages/vyos/template.py", line 87, in render_to_string rendered = template.render(content) File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1090, in render self.environment.handle_exception() File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 832, in handle_exception reraise(*rewrite_traceback_stack(source=source)) File "/usr/lib/python3/dist-packages/jinja2/_compat.py", line 28, in reraise raise value.with_traceback(tb) File "/usr/share/vyos/templates/zone_policy/nftables.tmpl", line 33, in top-level template code {% if zone[from_zone].local_zone is not defined %} File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 471, in getattr return getattr(obj, attribute) jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'LOCAL' [[zone-policy]] failed Commit failed [edit] vyos@r11-roll#