delete-rule in Firewalls not working #320
Comments
tomsiewert
added a commit
to tomsiewert/cli
that referenced
this issue
May 13, 2021
As reported in hetznercloud#320, firewall rules can not be deleted because they would not exist even if they are shown in "firewall describe". This behaviour was correct because reflect.DeepEqual also compares if a slice is empty or nil. The slices DestinationIPs and SourceIPs are empty slices in an existing firewall rule. However, the temporary FirewallRule object had slices that were nil. To fix this problem, the simple solution is to create an empty IPNet slice for the respective direction (DestinationIPs for the direction "in", and SourceIPs for the direction "out").
|
I can confirm it is a bug in the validation part. The existing firewall rules have an empty I have opened a PR with a fix (see #324). |
tomsiewert
added a commit
to tomsiewert/cli
that referenced
this issue
May 13, 2021
…ices As reported in hetznercloud#320, firewall rules can not be deleted because they would not exist even if they are shown in "firewall describe". This behaviour was correct because reflect.DeepEqual also compares if a slice is empty or nil. The slices DestinationIPs and SourceIPs are empty slices in an existing firewall rule. However, the temporary FirewallRule object had slices that were nil. To fix this problem, the simple solution is to create an empty IPNet slice for the respective direction (DestinationIPs for the direction "in", and SourceIPs for the direction "out"). Signed-off-by: Tom Siewert <[email protected]>
LKaemmerling
pushed a commit
that referenced
this issue
May 17, 2021
…ices (#324) As reported in #320, firewall rules can not be deleted because they would not exist even if they are shown in "firewall describe". This behaviour was correct because reflect.DeepEqual also compares if a slice is empty or nil. The slices DestinationIPs and SourceIPs are empty slices in an existing firewall rule. However, the temporary FirewallRule object had slices that were nil. To fix this problem, the simple solution is to create an empty IPNet slice for the respective direction (DestinationIPs for the direction "in", and SourceIPs for the direction "out"). Signed-off-by: Tom Siewert <[email protected]>
|
Hey @nikolafilipovic, thank you for the report. @tomsdevsn fixed it in #324 and the fix will be part of the next release. Therefore I will close the issue. Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi all,
For some reason, I'm unable to delete a rule through CLI for a specified firewall.
Attaching a screenshot that shows the issue I'm running into:
For reference, here are the commands I used.
Creating the firewall rule:
hcloud firewall add-rule {{FIREWALL_NAME}} --direction in --protocol tcp --port 22 --source-ips @("1.1.1.1/32")Deleting the firewall rule:
hcloud firewall delete-rule {{FIREWALL_NAME}} --direction in --protocol tcp --port 22 --source-ips @("1.1.1.1/32")Am I missing something or did I just come across a bug?
Thanks!
The text was updated successfully, but these errors were encountered: