type=address-merger | location=any - merging two objects at shared level - but overwritten at childDG

Question

type=address-merger | location=any - merging two objects at shared level - but overwritten at childDG

swaschkut opened this issue 2 years ago · 1 comments

Describe the bug

Expected behavior

do not merge two objects somewhere at higher Panorama DG level if one of these objects are overwritten at lower DG level with different value

Current behavior

e.g.

processing store 'PanoramaConf: / AddressStore:addresses' that holds 67787 objects
- object 'H-1.2.3.4' passing through Action='display'
  - Address 'H-1.2.3.4' type: 'ip-netmask' value: '1.2.3.4' desc: '' IPcount: '1'
- object 'H_1.2.3.4.' passing through Action='display'
  - Address 'H_1.2.3.4' type: 'ip-netmask' value: '1.2.3.4' desc: '' IPcount: '1'

but

processing store 'PanoramaConf: / DeviceGroup:CHILD / AddressStore:address' that holds 174 objects
- object 'H-1.2.3.4' passing through Action='display'
  - Address 'H-1.2.3.4' type: 'ip-netmask' value: '1.2.3.4/24' desc: '' IPcount: '256'

DeviceGroup:CHILD Security Rules is using object from shared: H_1.2.3.4 with value 1.2.3.4/32;
by merging the both objects at shared level and replacing the securityRule object; the new value from overwritten obj 1.2.3.4/24 is used

Possible solution

If object is overwritten at lower level, skip merge

Steps to reproduce

Screenshots

Context

Your Environment

Answer 1 · 2023-05-16T16:54:22.000Z

#751 fixed and published