Migration: MWAN policy issues with long and similar names #1067
Labels
verified
All test cases were verified successfully
Milestone
Comments
Tbaile
changed the title
This was referenced Feb 11, 2025
|
NS7: Using nethserver-firewall-migration-1.0.3-1.1.pr57.g60a838f.ns7.noarch.rpm check that exported network entries don't have labels but roles in the NSec8: Using the image provided, check that ingesting a migration is successful and ensure no single network policy in MWAN is created. |
|
Testing image version: 8-24.10.0-ns.1.4.99-alpha1-9-g6f17bcc3 |
github-actions
bot
added
the
testing
|
TC1 NS79 OK {
"snats": [],
"forwardings": [],
"bonds": [],
"devices": {
"52:54:00:16:d0:92": "eth0",
"52:54:00:ed:96:94": "eth1",
"52:54:00:e8:d1:bd": "eth2",
"52:54:00:2c:96:5d": "eth3"
},
"skipped": [],
"bridges": [],
"zones": [
{
"network": [
"wan1",
"wan2",
"wan3"
],
"input": "DROP",
"forward": "REJECT",
"name": "wan",
"output": "ACCEPT"
},
{
"network": [
"lan1"
],
"input": "ACCEPT",
"forward": "ACCEPT",
"name": "lan",
"output": "ACCEPT"
}
],
"vlans": [],
"interfaces": [
{
"proto": "static",
"zone": "lan",
"name": "eth0",
"hwaddr": "52:54:00:16:d0:92",
"interface": "lan1",
"netmask": "255.255.255.0",
"role": "green",
"ipaddr": "10.65.50.254"
},
{
"proto": "static",
"gateway": "192.168.122.1",
"zone": "wan",
"name": "eth1",
"hwaddr": "52:54:00:ed:96:94",
"bandwidth_up": "",
"bandwidth_down": "",
"interface": "wan1",
"netmask": "255.255.255.0",
"role": "red",
"ipaddr": "192.168.122.166"
},
{
"proto": "static",
"gateway": "192.168.5.254",
"zone": "wan",
"name": "eth2",
"hwaddr": "52:54:00:e8:d1:bd",
"bandwidth_up": "",
"bandwidth_down": "",
"interface": "wan2",
"netmask": "255.255.255.0",
"role": "red",
"ipaddr": "192.168.5.1"
},
{
"proto": "static",
"gateway": "192.168.6.254",
"zone": "wan",
"name": "eth3",
"hwaddr": "52:54:00:2c:96:5d",
"bandwidth_up": "",
"bandwidth_down": "",
"interface": "wan3",
"netmask": "255.255.255.0",
"role": "red",
"ipaddr": "192.168.6.1"
}
],
"aliases": []
}TC2 NSec8 OK The migration is successful , no single policy are created in MWAN. root@ns79:~# mwan3 status
Interface status:
interface wan1 is online and tracking is active (online 00h:01m:59s, uptime 00h:02m:02s)
interface wan2 is offline and tracking is active
interface wan3 is offline and tracking is active
Current ipv4 policies:
ns_ns7balance:
wan1 (100%)
Current ipv6 policies:
ns_ns7balance:
default |
francio87
added
verified
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When migrating NethSecurity 7.9 to version 8, if there are two similar red interface names (e.g.,
timenet_ftth_12345andtimenet_fttc_212345), the process fails to correctly reassign the WAN zone to devices.Steps to reproduce
Configure two WAN interfaces with similar names, such as
timenet_ftth_12345andtimenet_fttc_12345.Perform a migration to version 8 on the system.
Expected behavior
The system correctly reassigns the WAN zone to devices without errors.
Actual behavior
The system fails to reassign the WAN zone to devices.
The problem is that the name of the interface used inside the
firewalldb does not match with the named used inside thenetworkdb.Value saved inside the network db:
Value saved inside 'firewall' db:
Also, the following unrelated error appears in the
migration.log:Components
NethSecurity version: 8-23.05.5-ns.1.4.1
See also
The text was updated successfully, but these errors were encountered: