Jonathan Boyett provided a patch for this problem:
https://github.com/puppetlabs/puppetlabs-firewall/commit/a7faff6f5b0de882bc720c8eb652d37b85a6b2a8
Looks like the crux of it was a Ruby 1.8.5 compatibility issue:
https://github.com/puppetlabs/puppetlabs-firewall/issues/3
Thanks.
ken.
On Mon,
Thanks for the feedback and the bug report, Ronen.
I'll check it..
On Monday, July 11, 2011 3:28:27 PM UTC+2, Ronen wrote:
>
> Hey Alessandro the module works well, one issue that I had is that once
> rules were applied the iptables service wasn't restarted, iv dug through the
> code and indeed
Hey Alessandro the module works well, one issue that I had is that once
rules were applied the iptables service wasn't restarted, iv dug through the
code and indeed saw the notify under rule.pp:
concat::fragment{ "iptables_rule_$name":
target => "${iptables::params::configfile}",
Just did,
Thank you!
Ronen
On Mon, Jul 11, 2011 at 1:50 AM, Ken Barber wrote:
> Hi Ronen,
>
> Making the rules persistent is a matter of running iptables-save
> afterwards. If you drop this in your top scope it should work:
>
> exec { "persist-firewall":
> command => $operatingsystem ? {
>
Hi Ronen,
Making the rules persistent is a matter of running iptables-save
afterwards. If you drop this in your top scope it should work:
exec { "persist-firewall":
command => $operatingsystem ? {
"debian" => "/sbin/iptables > /etc/iptables/rules.v4",
/(RedHat|CentOS)/ => "/sbin/iptable
Hey Ken, the main issue was that the provider wasn't detecting existing
rules but instead kept adding them in, another issue is that the rules
aren't persistent (restarting the service clears them out),
Alessandro ill check it out thanks!
Ronen
On Sun, Jul 10, 2011 at 10:38 PM, Christopher Web
I have been working on doing something similar to this. We want to abstract for
multiple OS's and deal with the joy that is Solaris zones.
Essentially, it will be a resource that defines the fw rules in XML and then a
script takes all of those definitions and creates a complete set of firewall
