Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FAILED! => {"changed": false, "msg": "parameters are mutually exclusive: address|any|host|prefix|net_group|port_group, wildcard_bits|any|host|prefix|net_group|port_group found in config -> acls -> aces -> destination"} #453

Open
Hassan-Core opened this issue Nov 16, 2023 · 1 comment · May be fixed by #455
Open

FAILED! => {"changed": false, "msg": "parameters are mutually exclusive: address|any|host|prefix|net_group|port_group, wildcard_bits|any|host|prefix|net_group|port_group found in config -> acls -> aces -> destination"} #453

Hassan-Core opened this issue Nov 16, 2023 · 1 comment · May be fixed by #455
Labels
has_pr This issue has an associated PR.

Comments

@Hassan-Core
Copy link

Hassan-Core commented Nov 16, 2023
edited
Loading

SUMMARY

  • Issue on cisco.iosxr.iosxr_acls module while simultaneously adding the "port_group" , "address" and "wildcard_bits" parameters under the "destination" parameters. Requirement is to configure the below mentioned ACL sequence.
    1390 permit udp any 1.1.1.1 0.0.0.0 port-group ABC
  • As per the error and documentation, they are mutually exclusive. Query is how we can add the above entry if they are mutually exclusive.

ISSUE TYPE

  • Bug Report

COMPONENT NAME

  • cisco.iosxr.iosxr_acls module

ANSIBLE VERSION

  • 2.14.1

COLLECTION VERSION

  • /home/ansible/.local/lib/python3.10/site-packages/ansible_collections

Collection Version

community.general 7.5.1

CONFIGURATION

  • CONFIG_FILE() = /etc/ansible/ansible.cfg
    DEFAULT_HOST_LIST(/etc/ansible/ansible.cfg) = ['/etc/ansible/hosts1']
    DEFAULT_LOG_PATH(/etc/ansible/ansible.cfg) = /var/log/ansible.log
    EDITOR(env: EDITOR) = /usr/bin/vim
    HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False
    INTERPRETER_PYTHON(/etc/ansible/ansible.cfg) = /usr/bin/python
    PERSISTENT_COMMAND_TIMEOUT(/etc/ansible/ansible.cfg) = 60
    PERSISTENT_CONNECT_TIMEOUT(/etc/ansible/ansible.cfg) = 60

OS / ENVIRONMENT

  • OS version
    Fedora release 35 (Thirty Five)
    NAME="Fedora Linux"
    VERSION="35 (Server Edition)"

STEPS TO REPRODUCE

  • sequence: 1390
    grant: permit
    protocol: udp
    source:
    any: true
    destination:
    address:
    wildcard_bits:
    port_group:

EXPECTED RESULTS

  • Entry will be added without any error.
  • 1390 permit udp any 1.1.1.1 0.0.0.0 port-group ABC

ACTUAL RESULTS

  • FAILED! => {"changed": false, "msg": "parameters are mutually exclusive: address|any|host|prefix|net_group|port_group, wildcard_bits|any|host|prefix|net_group|port_group found in config -> acls -> aces -> destination"}
@Hassan-Core Hassan-Core changed the title FAILED! => {"changed": false, "msg": "parameters are mutually exclusive: address|any|host|prefix|net_group|port_group, wildcard_bits|any|host|prefix|net_group|port_group found in config -> acls -> aces -> source"} FAILED! => {"changed": false, "msg": "parameters are mutually exclusive: address|any|host|prefix|net_group|port_group, wildcard_bits|any|host|prefix|net_group|port_group found in config -> acls -> aces -> destination"} Nov 16, 2023
@ntl-afzaalarif
Copy link

I have also checked this, and this appears to be a bug. It will fail for both source and destination.
[host,address,prefix,net-group] these items are mutually exclusive but not the port-group.
I have modified the acls.py to get this working on my local environment, will initiate a pull request for the solution to this repository.

ntl-afzaalarif added a commit to ntl-afzaalarif/cisco.iosxr that referenced this issue Nov 17, 2023
@ntl-afzaalarif
BugFix ansible-collections#453 modifying the arguments for source/des…
81f66b3 
…tination so that port-group is not mutually exclusive to [host,any,address,prefix,net-group] and also removed it as direct opton of src/dest instead added port-group to argument of port_protocol
ntl-afzaalarif added a commit to ntl-afzaalarif/cisco.iosxr that referenced this issue Nov 17, 2023
@ntl-afzaalarif
BugFix ansible-collections#453 modifying the config acls.py for sourc…
872a669 
…e/destination so that port-group is not direct opton of src/dest instead added port-group to argument of port_protocol
@ntl-afzaalarif ntl-afzaalarif linked a pull request Nov 17, 2023 that will close this issue
Open
@NilashishC NilashishC added the has_pr This issue has an associated PR. label Nov 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
has_pr This issue has an associated PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bug453 port group ntl-afzaalarif/cisco.iosxr
3 participants
@NilashishC @ntl-afzaalarif @Hassan-Core