![]() If I try to delete this rule, which wasn't originally created and was only created so that I could monitor the logging for that firewall, I delete firewall name UTAH-LAN rule 10 commit Firewall configuration error: Cannot delete rule set "UTAH-LAN" (still in use) I use a ZBF configuration but have the following example (formatting is a little show firewall name UTAH-LAN default-action accept rule 10 The problem is after I've added a rule or two and then decide I don't want the rule anymore. I do find it odd though because I have a number of firewall definitions that have just a default action and nothing more. I wanna say one of the other Vyos team members said that a firewall required at least one rule but I can't find that so far. ![]() If one intends to use whitelist type of rules like I do, it probably makes sense to add rule 9999 to drop all traffic which will just double the default drop action and add the needed accept rules inbetween in order to always have one last rule remaining in the ruleset. Protocol delete firewall name VYOSTEST-IN-rules rule commit + protocol show firewall name VYOSTEST-IN-rules When I add another rule, I can delete set firewall name VYOSTEST-IN-rules rule 20 action set firewall name VYOSTEST-IN-rules rule 20 destination port set firewall name VYOSTEST-IN-rules rule 20 protocol show firewall name VYOSTEST-IN-rules Protocol delete firewall name VYOSTEST-IN-rules rule show firewall name VYOSTEST-IN-rulesįirewall configuration error: Cannot delete rule set "VYOSTEST-IN-rules" (still in use) Name show firewall name VYOSTEST-IN-rules It seems you always need one last show interfaces ethernet eth2 So I think I got the gist of the error thanks to gobacho's hint.
0 Comments
Leave a Reply. |