Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ansible.posix.firewalld ; ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_ZONE: #539

Open
Daskan opened this issue Mar 25, 2024 · 1 comment
Labels
firewalld synchronize Issue and PR for firewalld module

Comments

@Daskan
Copy link

Daskan commented Mar 25, 2024

SUMMARY

When creating a zone (with state present) having the target parameter will result in the following msg:

"msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_ZONE: custom"

INVALID_ZONE here is quite confusing and the docs not tell anything about the required or invalid parameters for such use-case.

This problem only applies to none existing zone and wont make such problem on an existing one.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

ansible.posix.firewalld

ANSIBLE VERSION
ansible [core 2.16.2]
  config file = /var/home/xxx/git/ansible/ansible.cfg
  configured module search path = ['/var/home/xxx/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.12/site-packages/ansible
  ansible collection location = /var/home/xxx/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.12.0 (main, Oct  2 2023, 00:00:00) [GCC 13.2.1 20230918 (Red Hat 13.2.1-3)] (/usr/bin/python3)
  jinja version = 3.1.3
  libyaml = True
COLLECTION VERSION

CONFIGURATION

OS / ENVIRONMENT
STEPS TO REPRODUCE
- ansible.posix.firewalld:
    zone: custom
    permanent: true
    state: present
    target: "%%REJECT%%"
EXPECTED RESULTS

No error .. improved documentation .. or better error msg.

ACTUAL RESULTS

@andrico21
Copy link

When creating a zone (with state present) having the target parameter will result in the following msg
Also have been hit by same issue. It only happens during creation and only if '%%REJECT%%' target is set.
My workaround is to create zone first using default target and then to change target for existing zone.

- name: "Create \"{{ ipaserver_firewalld_zone }}\" firewalld zone"
  ansible.posix.firewalld:
    zone: "{{ ipaserver_firewalld_zone }}"
    state: present
    permanent: true

- name: "Set \"{{ ipaserver_firewalld_zone }}\" target to \"%%REJECT%%\" (yes, it doesn't work properly in firewalld module)"
  ansible.posix.firewalld:
    zone: "{{ ipaserver_firewalld_zone }}"
    state: present
    target: "%%REJECT%%"
    permanent: true

@saito-hideki saito-hideki added the firewalld synchronize Issue and PR for firewalld module label Dec 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
firewalld synchronize Issue and PR for firewalld module
Projects
None yet
Development

No branches or pull requests

3 participants