vscode-junos icon indicating copy to clipboard operation
vscode-junos copied to clipboard
verified publisher icon codeout

Source NAT pool address-name not recognized as valid syntax

Open chris-zenfolio opened this issue 1 year ago • 2 comments

I am writing some Junos code for the vSRX (v22.4.x) and have run into a problem where specifying a name on a vSRX is valid, but the plugin flags the syntax as a problem. I have validated this as a bug by trying it in Junos and it accepts the input fine.

Here are the offending commands and how to replicate:

set groups mygroup security address-book global address MY_ADDRESS 10.20.30.40/32
set groups mygroup security nat source pool SNAT_POOL address-name MY_ADDRESS
#
set security address-book global address MY_ADDRESS 10.20.30.40/32
set security nat source pool SNAT_POOL address-name MY_ADDRESS

This is how VS Code represents the block of code above: image

Here is console output from the Juniper vSRX console:

admin@my_vsrx# show | compare
[edit groups]
   some-routing { ... }
+  mygroup {
+      security {
+          address-book {
+              global {
+                  address MY_ADDRESS 10.20.30.40/32;
+              }
+          }
+          nat {
+              source {
+                  pool SNAT_POOL {
+                      address-name MY_ADDRESS;
+                  }
+              }
+          }
+      }
+  }

chris-zenfolio avatar Aug 05 '24 23:08 chris-zenfolio

Hi chris-zenfolio,

Thank you for reporting this issue, that's because the current version is built on vSRX 18.4 ( quite old! ) which doesn't support security nat source pool xxx address-name xxx. I can update vSRX syntax with a newer version, probably 22.4 or so, but I need some time.

  • Note: MY_ADDRESS in your config should be listed in the completion window

codeout avatar Aug 06 '24 16:08 codeout

Hi @codeout,

Thank you for responding to my issue. I understand a fix will take time. Until it is fixed, I know the syntax is correct, even if VSCode thinks there is a syntax error. I apologize for not being able to suggest a fix or file a PR. I looked at the source and was lost pretty quickly. If I can be of assistance, please let me know.

I don't recall at the moment if MY_ADDRESS showed in the autocompletion window. I created that from my actual config so it would be sanitized for public use.

chris-zenfolio avatar Aug 06 '24 16:08 chris-zenfolio

Hi @chris-zenfolio,

I'm finally done upgrading vSRX syntax and introducing completion and validation of security address-book.

image

Could you try the latest one, v0.3.6, if you have time?

codeout avatar Sep 15 '24 05:09 codeout

I'm going to close this, if you see any further problems feel free to re-open.

codeout avatar Oct 08 '24 00:10 codeout