I have an open issue against it, but otherwise I agree. http://projects.puppetlabs.com/issues/14413
If I could come up with a workaround for this, I would be a very happy camper. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin & Hobbes) ----- Original Message ----- From: "Justin Ellison" <jus...@techadvise.com> To: puppet-users@googlegroups.com Sent: Thursday, August 16, 2012 3:27:52 PM Subject: Re: [Puppet Users] Re: merging iptables rules with puppet I can't say enough good about the puppetlabs-firewall module. They've put a lot of work into it, and it works perfectly. https://github.com/puppetlabs/puppetlabs-firewall No need for concat here. Justin On Thursday, August 16, 2012 1:01:01 AM UTC-5, Pete wrote: Hi, I manage my iptables setup with the concat module and nail together a rules file and then reload it if it's changed I also have a define setup so other classes can define rules and my firewall class pulls them all in. works well for me because when i remove a class the firewall rull associated with it goes away too. I am intending on putting my modules in githib but have been super busy and haven't had a chance yet. On 16 August 2012 07:07, Geoff Galitz < gga...@shutterstock.com > wrote: > > We are executing iptables <rule>, not editing the backend files, though we > could do that if that were the only option. > > -G > > > On Wed, Aug 15, 2012 at 4:54 PM, Luke Baker < bak...@missouri.edu > wrote: >> >> By dynamically loading rules do you mean executing iptables <rule> or are >> you editing your iptables-save file and then reloading? >> >> >> On Wednesday, August 15, 2012 1:48:44 PM UTC-5, Geoff Galitz wrote: >>> >>> >>> I'm still a bit noobish with puppet... >>> >>> In short what I want to do is merge puppet managed iptables with >>> dynamically added rules added by some scripts. We have a basic config setup >>> with a template (iptables.erb) and we can add rules to that in manifests. >>> But of course puppet will wipe any changes made from the OS. Any advice on >>> how to get puppet to respect the dynamically loaded rules? >>> >>> Thanks. >>> -G >>> >>> >>> -- >>> ----------------------------------------------- >>> Geoff Galitz, gga...@shutterstock.com >>> WebOps >>> Shutterstock Images >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/puppet-users/-/VX2Sj8i2-ssJ . >> >> To post to this group, send email to puppet...@googlegroups.com . >> To unsubscribe from this group, send email to >> puppet-users...@googlegroups.com . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en . > > > > > -- > ----------------------------------------------- > Geoff Galitz, gga...@shutterstock.com > WebOps > Shutterstock Images > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet...@googlegroups.com . > To unsubscribe from this group, send email to > puppet-users...@googlegroups.com . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en . -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/2RiSuyvxkAwJ . To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
