Comments (13)
Hmm, package search doesn't confirm this: http://packages.ubuntu.com/search?keywords=iptables-persistent&searchon=names&suite=all§ion=all
Let me see if I have a 1210 vm somewhere. Did you use 'class { firewall: }' at all to install iptables-persistent, or was this error without the class declaration?
from puppetlabs-firewall.
Aah okay - so these are just warnings from the fact. Make sure you add:
class { 'firewall': }
On the hosts you want to use the firewall provider on, and it should only occur once. /cc @dcarley.
from puppetlabs-firewall.
right, I followed the instructions and only have firewall declared at the global level in site.pp
... well not quite, but effectively so...
Um, like this https://github.com/Aethylred/dynaguppy/blob/puppetmaster_ssl/modules/dynaguppy/manifests/firewall/persist.pp
from puppetlabs-firewall.
Looks like the behaviour of dpkg
changed and I didn't test Quantal or later. I'll fix up that error from the fact.
@Aethylred You can now remove the exec { 'persist-firewall': }
resource and notify
param from the Firewall {}
resource. Persistence is now handled automatically, if you include/instantiate the firewall
class as Ken suggests.
The README has some up-to-date examples of this. However it doesn't have any specific information for existing users, some maybe we need some additional information there to compliment any release notes.
from puppetlabs-firewall.
@dcarley I've added the instructions to the Changelog now, and we've released that - but yeah, not sure. Maybe we need an 'upgrading' section that covers this kind of thing in the README.
from puppetlabs-firewall.
Ok, I've made the changes you specified, but the output remains the same. Aethylred/dynaguppy@9c8ed61
Info: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb
dpkg-query: no packages found matching iptables-persistent
dpkg-query: no packages found matching iptables-persistent
dpkg-query: no packages found matching iptables-persistent
from puppetlabs-firewall.
@Aethylred Have you pulled the latest master which includes 7c1ebd1 ?
from puppetlabs-firewall.
@Aethylred Have you pulled the latest master which includes 7c1ebd1 ?
And did including the firewall class install iptables-persistent? It should have ...
from puppetlabs-firewall.
Ah, need to switch to @dcarley's fork. Time for more fun with submodules.
from puppetlabs-firewall.
Sorted.
Info: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb
Info: Caching catalog for puppet.local
from puppetlabs-firewall.
Cool, well @dcarley when you're ready - raise a PR and we'll close this issue when merged in. I can raise a 0.2.1 pretty quickly with this fix.
from puppetlabs-firewall.
Sorry, that wasn't what I meant to do. Don't think it warrants a PR. Pushed to upstream/master
now.
from puppetlabs-firewall.
You can switch back to upstream now, @Aethylred. Thanks for your help.
from puppetlabs-firewall.
Related Issues (20)
- Use nftables instead of iptables where it is supported.
- Getting problems on the firewall on redhat 8
- No value is detected for nflog-prefix HOT 2
- Allow --reject-with tcp-reset for TCP rules
- Could not evaluate: `proto` must be set to `tcp` for `isfragment` to be true.
- firewall.toports expects an undef value or a match for Pattern[/^\d+(?:-\d+)?$/], got Integer
- Hyphen in the ipset's hash name breaks a firewall resource
- Puppet repeatedly attempts to correct firewall rules when `source` has a prefix length of zero HOT 8
- Add path option for cgroup
- Add back IPv6 protocol support for recent rule masks HOT 1
- Add support for parsing and using socket parameters
- issue with match_mark regex HOT 1
- Performance degradation in resource_api version
- single quotes in rule comments produces errors HOT 4
- puppet generate types fail on versions >= 7.0.0 HOT 2
- Non idempotent logs for empty firewall chains HOT 8
- hostnames with multiple address are not handled completely
- Link in CONTRIBUTING.md returns a 404.
- Defining a state as an array can cause an unnecessary updating action
- Using a LOG jump with a log_level of 4 causes an unnecessary updating action
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppetlabs-firewall.