Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Firewalld fails to configure port forward #247

Closed
paddatrapper opened this issue Aug 14, 2021 · 4 comments · Fixed by #248
Closed

Firewalld fails to configure port forward #247

paddatrapper opened this issue Aug 14, 2021 · 4 comments · Fixed by #248
Labels
bug This issue/PR relates to a bug. verified This issue has been verified/reproduced by maintainer

Comments

@paddatrapper
Copy link

paddatrapper commented Aug 14, 2021
edited by Akasurde
Loading

SUMMARY

Firewalld port forwarding uses an incorrect keyword parameter. Downgrading to 1.2.0 fixes the issue

fatal: [XXX]: FAILED! => {"changed": false, "msg": "ERROR: Exception caught: queryForwardPort() got an unexpected keyword argument 'to_port'"}
ISSUE TYPE
  • Bug Report
COMPONENT NAME

firewalld

ANSIBLE VERSION
ansible 2.10.8
  config file = /home/kyle/.ansible.cfg
  configured module search path = ['/home/kyle/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
COLLECTION VERSION
# /home/kyle/.ansible/collections/ansible_collections
Collection    Version
------------- -------
ansible.posix 1.3.0  

# /usr/lib/python3/dist-packages/ansible_collections
Collection    Version
------------- -------
ansible.posix 1.1.1
CONFIGURATION
ANSIBLE_SSH_ARGS(/home/kyle/.ansible.cfg) = -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no
ANSIBLE_SSH_CONTROL_PATH(/home/kyle/.ansible.cfg) = %(directory)s/%%C
DEFAULT_HOST_LIST(/home/kyle/.ansible.cfg) = ['/home/kyle/.ansible/hosts']
DEFAULT_MANAGED_STR(/home/kyle/.ansible.cfg) = Managed by ansible. All changes will be overwritten
INTERPRETER_PYTHON(/home/kyle/.ansible.cfg) = /usr/bin/python3
RETRY_FILES_ENABLED(/home/kyle/.ansible.cfg) = False
OS / ENVIRONMENT

Client: Debian unstable
Target: Debian Buster

STEPS TO REPRODUCE
- name: forward traffic to container                                                                                                                                                           
  ansible.posix.firewalld:                                                                                                                                                                     
    zone: external                                                                                                                                                                             
    port_forward:        
      - port: 51820
        proto: udp      
        toaddr: "10.0.3.12"
        toport: 51820                                                                          
    state: enabled
    immediate: yes
EXPECTED RESULTS

The task should succeed and add a port forwarding firewall rule

ACTUAL RESULTS
fatal: [XXX]: FAILED! => {"changed": false, "msg": "ERROR: Exception caught: queryForwardPort() got an unexpected keyword argument 'to_port'"}
@Akasurde
Copy link
Member

Akasurde commented Aug 16, 2021
edited
Loading

@paddatrapper Thanks for reporting this. Could you please provide the version of python3-firewall and firewalld?

I am not able to reproduce this on the following settings

I am able to reproduce this -

# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
# dpkg -l | grep firewall
rc  firewalld                     0.6.3-5                      all          dynamically managed firewall with support for network zones
ii  python3-firewall              0.8.2-1~bpo10+1              all          Python3 bindings for firewalld
...
(Pdb) fw_settings.queryForwardPort(port='51820', protocol='UDP', to_port='51820', to_addr='10.0.3.12')
False
...

@Akasurde Akasurde added bug This issue/PR relates to a bug. needs_info needs_verified Needs to reproduced before processing labels Aug 16, 2021
@paddatrapper
Copy link
Author 

# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
# dpkg -l | grep firewall
ii  firewalld                             0.8.2-1~bpo10+1               all          dynamically managed firewall with support for network zones
ii  python3-firewall                      0.8.2-1~bpo10+1               all          Python3 bindings for firewalld

Akasurde added a commit to Akasurde/ansible.posix that referenced this issue Aug 16, 2021
@Akasurde
firewalld: Correct usage of queryForwardPort
e4a325b 
* Correct queryForwardPort API usage
* Enable port_foward_test_cases tests

Fixes: ansible-collections#247

Signed-off-by: Abhijeet Kasurde <[email protected]>
@Akasurde Akasurde mentioned this issue Aug 16, 2021
Merged
@Akasurde Akasurde added verified This issue has been verified/reproduced by maintainer and removed needs_info needs_verified Needs to reproduced before processing labels Aug 16, 2021
@Akasurde
Copy link
Member

@paddatrapper I am able to reproduce this on my setup. Could you please check if PR #248 works for you and let me know? Thanks.

Akasurde added a commit to Akasurde/ansible.posix that referenced this issue Aug 16, 2021
@Akasurde
firewalld: Correct usage of queryForwardPort
7ef88bc 
* Correct queryForwardPort API usage
* Enable port_foward_test_cases tests

Fixes: ansible-collections#247

Signed-off-by: Abhijeet Kasurde <[email protected]>
Akasurde added a commit to Akasurde/ansible.posix that referenced this issue Aug 16, 2021
@Akasurde
firewalld: Correct usage of queryForwardPort
12941f6 
* Correct queryForwardPort API usage
* Enable port_foward_test_cases tests

Fixes: ansible-collections#247

Signed-off-by: Abhijeet Kasurde <[email protected]>
@paddatrapper
Copy link
Author

Yup, that works for me. Thanks!

ansible-zuul bot added a commit that referenced this issue Aug 18, 2021
@ansible-zuul
Merge pull request #248 from Akasurde/i247
7f16f56 
firewalld: Correct usage of queryForwardPort

SUMMARY

Correct queryForwardPort API usage
Enable port_foward_test_cases tests

Fixes: #247
Signed-off-by: Abhijeet Kasurde [email protected]
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
plugins/modules/firewalld.py
tests/integration/targets/firewalld/tasks/run_all_tests.yml

Reviewed-by: Hideki Saito <[email protected]>
Reviewed-by: None <None>
@bot-ross bot-ross bot mentioned this issue May 23, 2022
Merged
1 task
@midnight-bot-6658 midnight-bot-6658 bot mentioned this issue May 23, 2022
Merged
1 task
@negative-7-bot negative-7-bot bot mentioned this issue May 23, 2022
Merged
1 task
@renovate renovate bot mentioned this issue May 23, 2022
Merged
1 task
@lumiere-bot lumiere-bot bot mentioned this issue May 23, 2022
Merged
1 task
@stimpy-bot stimpy-bot bot mentioned this issue May 23, 2022
Merged
1 task
@wyoa-bot wyoa-bot bot mentioned this issue May 23, 2022
Merged
1 task
This was referenced May 23, 2022
Merged
Merged
Merged
@ghost ghost mentioned this issue May 23, 2022
Merged
1 task
@renovate renovate bot mentioned this issue May 23, 2022
Merged
1 task
@iudicael-bot iudicael-bot bot mentioned this issue May 23, 2022
Merged
1 task
@bloopy-boi bloopy-boi bot mentioned this issue May 23, 2022
Merged
1 task
@aki-bot aki-bot bot mentioned this issue May 28, 2022
Merged
1 task
This was referenced May 28, 2022
Closed
Merged
Open
Merged
Open
Merged
Merged
Closed
Merged
Closed
Merged
Merged
This was referenced Jun 4, 2022
Merged
Merged
Closed
Merged
This was referenced Jun 18, 2022
Closed
Closed
This was referenced Jul 31, 2022
Closed
Merged
This was referenced Aug 17, 2022
Merged
Closed
Closed
This was referenced Sep 14, 2022
Closed
Closed
@trux-bot trux-bot bot mentioned this issue Sep 16, 2022
Merged
1 task
@snoopy82481-bot snoopy82481-bot bot mentioned this issue Sep 21, 2022
Closed
1 task
@renovate renovate bot mentioned this issue Oct 2, 2022
Merged
1 task
@renovate-tests renovate-tests mentioned this issue Nov 24, 2022
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue/PR relates to a bug. verified This issue has been verified/reproduced by maintainer
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

firewalld: Correct usage of queryForwardPort Akasurde/ansible.posix
2 participants
@Akasurde @paddatrapper