Page MenuHomeVyOS Platform

`show firewall` command errors
Closed, ResolvedPublicBUG

Description

Version: VyOS 1.4-rolling-202210260218

I am running a zone based firewall with multiple zones.
I can post the needed config parts, if needed.

When in operation mode, the show firewall commands either respond back with nothing or give an error. Below is a list of the commands and their responses.

vyos@vyos:~$ show firewall name fw_allowAll
Traceback (most recent call last):
Ruleset Information
  File "/usr/libexec/vyos/op_mode/firewall.py", line 341, in <module>
    show_firewall_name(args.name, args.ipv6)
  File "/usr/libexec/vyos/op_mode/firewall.py", line 216, in show_firewall_name
    firewall = get_config_firewall(conf, name, ipv6)
  File "/usr/libexec/vyos/op_mode/firewall.py", line 76, in get_config_firewall
    get_firewall_interfaces(firewall, name, ipv6)
  File "/usr/libexec/vyos/op_mode/firewall.py", line 31, in get_firewall_interfaces
    for ifname, if_conf in firewall['interface'].items():
AttributeError: 'list' object has no attribute 'items'
vyos@vyos:~$ show firewall name fw_allowAll rule 100
Rule Information
Traceback (most recent call last):
  File "/usr/libexec/vyos/op_mode/firewall.py", line 343, in <module>
    show_firewall_rule(args.name, args.rule, args.ipv6)
  File "/usr/libexec/vyos/op_mode/firewall.py", line 224, in show_firewall_rule
    firewall = get_config_firewall(conf, name, ipv6)
  File "/usr/libexec/vyos/op_mode/firewall.py", line 76, in get_config_firewall
    get_firewall_interfaces(firewall, name, ipv6)
  File "/usr/libexec/vyos/op_mode/firewall.py", line 31, in get_firewall_interfaces
    for ifname, if_conf in firewall['interface'].items():
AttributeError: 'list' object has no attribute 'items'

This one is no response

vyos@vyos:~$ show zone-policy
vyos@vyos:~$
vyos@vyos:~$ show zone-policy zone zn_Home
vyos@vyos:~$

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.4-rolling-202210260218
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

Should be fixed in T4794
Check please the newest version

I can confirm the firewall errors are fixed in the newest rolling VyOS 1.4-rolling-202212070318

But the show zone-policy still reports back nothing. Is that a valid command still?

a.apostoliuk changed the task status from Open to In progress.Jan 3 2023, 12:28 PM
a.apostoliuk claimed this task.
a.apostoliuk changed the task status from In progress to Needs testing.Jan 17 2023, 3:17 PM
n.fort added a subscriber: n.fort.

Command show zone-policy is no longer available in 1.4, and neither in 1.5
I'm closing this task.