Using collection 6.0.0, it doesn't seem to understand offload:
msg: 'value of action must be one of: drop, reject, accept, inspect, continue, return,
jump, queue, synproxy, got: offload found in config -> rule_sets -> rules'The offload is in my device config already, and thus this bug prevents me running further playbook runs.
@lingfish Hi!
Which module are you using?
Can you quote the Ansible code you are having issues with please? Thank you
Hi, yeah oops, should have mentioned that!
I'm using vyos.vyos.vyos_firewall_rules
I'm using it like this:
- name: Firewall (rules)
vyos.vyos.vyos_firewall_rules:
config: "{{ vyos_fw_rules }}"
state: replaced
when: vyos_fw_rules is defined
tags: firewallThe var looks like this:
vyos_fw_rules:
- afi: ipv4
rule_sets:
- name: WAN-wg
description: IPv4 WAN to WireGuard
default_action: accept
rules:
- number: 100
action: drop
description: Evil people
source:
group:
network_group: BLACKHOLEThis has worked fine, and only broke when I manually added offload stuff to a running VyOS.
@lingfish hi!
Sorry for taking so long
I raised a PR to introduce 'offload' action and 'offload_target' attribute to firewall rule_set - now, I will be discussing with the team how to implement it, as we may require extra unit and integration tests and to do something with obsolete features
Please keep an eye on https://github.com/vyos/vyos.vyos/pull/440 and community Slack channel