Comments (3)
It seems to work with this (I use hiera and interface-classes, so there may be errors in my refactoring here):
firewalld::custom_services { 'keepalived':
ensure => 'present',
description => 'Protocol for vrrp/keepalived',
port => {'protocol' => 'vrrp'},
}
firewalld_rich_rule {'keepalived':
ensure => 'present',
zone => 'public',
dest => '224.0.0.18',
action => 'accept',
service => 'keepalived',
}
from puppet-firewalld.
I think what you are trying to do is declare the 'protocol' element
firewalld_rich_rule { 'Accept VRRP traffic':
ensure => present,
zone => 'public',
protocol => 'vrrp',
action => 'accept',
}
This was not possible before due to protocol being missing from the elements part of the rich rule and has been fixed in #48
from puppet-firewalld.
Closing this now as released in 2.2.0 - please re-open if you still have the issue
from puppet-firewalld.
Related Issues (20)
- firewalld_rich_rule needs to autorequire firewalld_custom_service on `service`
- firewalld_rich_rule should not permit both masqerade true and action parameters
- enable ping/icmp for ipv6? HOT 1
- [Feature] Validate zone sources arguments (only support IP addresses)
- [4.4.0] AllowZoneDrifting must be igored on RHEL9
- Upgrade compatibility to <8.0.0? HOT 1
- Rich rule purging isn't idempotent, or isn't saving, or similar HOT 6
- [4.5.1] add support for Puppet 8
- Ignore some rules not defined in puppet e.g, Fail2ban
- Dependency Problem - puppetlabs-stdlib HOT 1
- add support for debian based OS
- Proposal: Archive this module HOT 1
- [4.5.1] detect and filter overlapped IP's on firewalld_ipset HOT 6
- [5.0.0] icmp_block_inversion setting for zone is unkown. HOT 3
- firewalld::zone purge_ports not purging unmanaged by puppet permanent ports
- firewalld_zone doesn't autorequire consumed firewalld_ipset elements
- Server Error: no parameter named 'icmp_block_inversion' HOT 3
- Firewalld rich rules purged every time when priority enabled HOT 1
- List more autorequired resources in firewalld_rich_rule doc (and readme)
- Add a zone option to disable/enable interzone forwarding
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppet-firewalld.