Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

junos_Security_policies module fails with latest junos version #422

Open
Roiki11 opened this issue Jun 16, 2023 · 0 comments
Open

junos_Security_policies module fails with latest junos version #422

Roiki11 opened this issue Jun 16, 2023 · 0 comments

Comments

@Roiki11
Copy link

Roiki11 commented Jun 16, 2023
edited

SUMMARY

junos_security_policies module fails to deploy security policies on junos 23.1R1.8

Retrieving current policies works, however states merged, replaced and overriden result in an error irrespective of the configuration provided.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

junos_security_policies

ANSIBLE VERSION
ansible [core 2.14.3]
config file = /home/user/. ansible.cfg
configured module search path = [ '/home/user/.ansible/plugins/modules' , '/usr/share/ansible/plugins/modules']
ansible python module location = /home/user/.local/1ib/python3.9/site-packages/ansib1e
ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
executable location = /home/user/.local/bin/ansible
python version = 3.9.14 (main, Jan 9 2023, [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)]
(/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
COLLECTION VERSION
/home/user/.ansible/collections/ansible_collections
collection          Version
----------------------------
junipernetworks.junos 5.1.0
CONFIGURATION
CONFIG_FILE() = /home/user/.ansible.cfg
DEFAULT_STDOUT_CALLBACK(/home/user/.ansible.cfg) = yaml
OS / ENVIRONMENT

Rocky 9.2

juniper:
Model: srx1500
Junos: 23.1R1.8

STEPS TO REPRODUCE
---
- name: Test junos security policies
  hosts: all
  gather_facts: false
  vars:
    ansible_connection: netconf
  tasks:
    - name: Get junos security policies configuration
      junipernetworks.junos.junos_security_policies:
        state: gathered
      register: state

    - name: Debug
      ansible.builtin.debug:
        var: state


    - name: Deploy security policies
      juniper-networks.junos.junos_security_policies:
        config:
          from_zones:
            - name: trust
              to_zones:
                - name: trust
                  policies:
                    - name: default-permit
                      match:
                        source_address:
                          any: true
                        destination_address:
                          any: true
                        application:
                          any: true
                - name: untrust
                  policies:
                    - name: default-permit
                      match:
                        source_address:
                          any: true
                        destination_address:
                          any: true
                        application:
                          any: true
        state: merged
          
    - name: Get junos security policies configuration
      junipernetworks.junos.junos_security_policies:
        state: gathered
      register: state
      
      
    - name: Results
      ansible.builtin.debug:
        var: state
EXPECTED RESULTS

The playbook completes and shows the merged security policies configuration

ACTUAL RESULTS

The playbook fails at the deploy step.

TASK [Deploy security policies]
*****************************************************************************************************
task path: /home/user/ansible/management-network/junos_security_policies.yml:22
redirecting (type: connection) ansible.builtin.netconf to ansible.netcomon.netconf
Loading collection ansible.utils from /home/user/.ansible/collections/ansible_collections/ansible/utils
redirecting (type: become) ansible.builtin.enable to ansible.netcommon.enable
<...> attempting to start connection
<...> using connection plugin ansible.netcomon.netconf
Found ansible-connection at path /home/user/.local/bin/ansible-connection
<...> found existing local domain socket, using it!
<...> local domain socket path is /home/user/.ansible/pc/6e8ae1ef95
redirecting (type: action) junipernetworks.junos.junos_security_policies to junipernetworks.junos.junos
redirecting (type: action) junipernetworks.junos.junos_security_policies to junipernetworks.junos.junos
<...> ANSIBLE_NETWORK IMPORT MODULES: enabled
<...> ANSIBLE_NETWORK IMPORT MODULES: found junipernetworks.junos.junos_security_policies at
/home/user/.ansible/collections/ansible_collections/junipernetworks/junos/plugins/modules/junos_security_policies.py
<...> ANSIBLE_NETWORK IMPORT MODULES: running junipernetworks.junos.junos_security_policies
<...> ANSIBLE_NETWORK IMPORT MODULES: complete
fatal: [fw1]: FAILED! => changed=false
   module Stderr: '''then'''
   module_stdout: ''
   msg: |-
       MODULE FAILURE
       See stdout/stderr for the exact error
@Roiki11 Roiki11 changed the title Security_policies Security_policies module fails with latest junos version Jun 16, 2023
@Roiki11 Roiki11 changed the title Security_policies module fails with latest junos version junos_Security_policies module fails with latest junos version Jun 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Roiki11