vyos@vyos# compare
+firewall {
+ zone Local {
+ local-zone
+ }
+}
[edit]
vyos@vyos# commit
[ firewall ]
VyOS had an issue completing a command.
We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
- Contact us using the online help desk if you have a subscription:
https://support.vyos.io/
- Make sure you are running the latest version of VyOS available at:
https://vyos.net/get/
- Consult the community forum to see how to handle this issue:
https://forum.vyos.io
- Join us on Slack where our users exchange help and advice:
https://vyos.slack.com
When reporting problems, please include as much information as possible:
- do not obfuscate any data (feel free to contact us privately if your
business policy requires it)
- and include all the information presented below
Report time: 2022-10-09 22:05:57
Image version: VyOS 1.4-rolling-202210082011
Release train: current
Built by: [email protected]
Built on: Sat 08 Oct 2022 20:11 UTC
Build UUID: 0658625e-1e67-443a-a55a-f085517be04c
Build commit ID: 7540a635eb786f
Architecture: x86_64
Boot via: installed image
System type: bare metal
Hardware vendor: EXTRA Computer GmbH
Hardware model: Pokini F2
Hardware S/N:
Hardware UUID:
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/firewall.py", line 520, in <module>
generate(c)
File "/usr/libexec/vyos/conf_mode/firewall.py", line 410, in generate
render(nftables_conf, 'firewall/nftables.j2', firewall)
File "/usr/lib/python3/dist-packages/vyos/template.py", line 141, in render
rendered = render_to_string(template, content, formater, location)
File "/usr/lib/python3/dist-packages/vyos/template.py", line 110, in render_to_string
rendered = template.render(content)
File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1090, in render
self.environment.handle_exception()
File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 832, in handle_exception
reraise(*rewrite_traceback_stack(source=source))
File "/usr/lib/python3/dist-packages/jinja2/_compat.py", line 28, in reraise
raise value.with_traceback(tb)
File "/usr/share/vyos/templates/firewall/nftables.j2", line 98, in top-level template code
{{ zone_tmpl.zone_chains(zone, state_policy is vyos_defined, False) }}
File "/usr/lib/python3/dist-packages/jinja2/runtime.py", line 679, in _invoke
rv = self._func(*arguments)
File "/usr/share/vyos/templates/firewall/nftables-zone.j2", line 42, in template
{% for from_zone, from_conf in zone_conf.from.items() if from_conf.firewall[fw_name] is vyos_defined %}
jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'from'
[[firewall]] failed
Commit failed
[edit]Description
Description
Details
Details
- Difficulty level
- Unknown (require assessment)
- Version
- VyOS 1.4-rolling-202210082011
- Why the issue appeared?
- Will be filled on close
- Is it a breaking change?
- Unspecified (possibly destroys the router)
- Issue type
- Bug (incorrect behavior)
Event Timeline
Comment Actions
zone policy has to be assigned to the firewall rule, that's why the commit failed.
File "/usr/share/vyos/templates/firewall/nftables-zone.j2", line 42, in template
{% for from_zone, from_conf in zone_conf.from.items() if from_conf.firewall[fw_name] is vyos_defined %}
jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'from'Example:
set firewall zone <zone_name> from <zone_name> firewall name <fw_rule_name>
Adding a validation error will help to understand the need for the parameters
Comment Actions
@SrividyaA
The documentation at https://docs.vyos.io/en/latest/configuration/firewall/zone.html currently contains the following regarding local-zone:
set firewall zone <name> local-zone
Define the zone as a local zone. A local zone has no interfaces and will be applied to the router itself.
My attempt "set firewall zone Local local-zone" resulted in the initial error, how to set the local-zone correctly?
Comment Actions
@tioan , Have you assigned your local-zone to the firewall rule ? Please use the latest version and share the error