Details

    • Type: New Feature
    • Status: Accepted
    • Priority: Normal
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: firewall, supported
    • Environment:

      Ubuntu 14.04, puppet_version=3.7.4, ruby_version=1.9.3, run_mode=user, default_encoding=UTF-8

    • Template:
    • Epic Link:
    • Team:
      Modules
    • Story Points:
      2

      Description

      After adding a TTL target to the mangle table, the firewall module fails to parse the iptabes-save file and throws the following error output. I know the TTL target is not able to be added with this module, but this causes errors if you manually add the value to your own box. To allow my own addition to not break the module I have excluded any lines with TTL in them from iptable.rb. This allows the module to run.

      def self.instances
          debug "[instances]"
          table = nil
          rules = []
          counter = 1
       
          # String#lines would be nice, but we need to support Ruby 1.8.5
          iptables_save.split("\n").each do |line|
            unless line =~ /^\#\s+|^\:\S+|^COMMIT|^FATAL|TTL/   <- my addition
              if line =~ /^\*/
                table = line.sub(/\*/, "")
              else
                if hash = rule_to_hash(line, table, counter)
                  rules << new(hash)
                  counter += 1
                end
              end
            end
          end
          rules
        end
      

      # puppet resource --verbose --debug --trace firewall
       
      Error: Could not run: Invalid address from IPAddr.new: 
      /var/lib/puppet/lib/puppet/util/ipcidr.rb:12:in `rescue in initialize'
      /var/lib/puppet/lib/puppet/util/ipcidr.rb:8:in `initialize'
      /var/lib/puppet/lib/puppet/provider/firewall/iptables.rb:209:in `new'
      /var/lib/puppet/lib/puppet/provider/firewall/iptables.rb:209:in `block in rule_to_hash'
      /var/lib/puppet/lib/puppet/provider/firewall/iptables.rb:208:in `each'
      /var/lib/puppet/lib/puppet/provider/firewall/iptables.rb:208:in `rule_to_hash'
      /var/lib/puppet/lib/puppet/provider/firewall/iptables.rb:142:in `block in instances'
      /var/lib/puppet/lib/puppet/provider/firewall/iptables.rb:137:in `each'
      /var/lib/puppet/lib/puppet/provider/firewall/iptables.rb:137:in `instances'
      /usr/lib/ruby/vendor_ruby/puppet/type.rb:1148:in `block in instances'
      /usr/lib/ruby/vendor_ruby/puppet/type.rb:1141:in `collect'
      /usr/lib/ruby/vendor_ruby/puppet/type.rb:1141:in `instances'
      /usr/lib/ruby/vendor_ruby/puppet/indirector/resource/ral.rb:25:in `search'
      /usr/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb:267:in `search'
      /usr/lib/ruby/vendor_ruby/puppet/application/resource.rb:225:in `find_or_save_resources'
      /usr/lib/ruby/vendor_ruby/puppet/application/resource.rb:142:in `main'
      /usr/lib/ruby/vendor_ruby/puppet/application.rb:389:in `run_command'
      /usr/lib/ruby/vendor_ruby/puppet/application.rb:381:in `block (2 levels) in run'
      /usr/lib/ruby/vendor_ruby/puppet/application.rb:507:in `plugin_hook'
      /usr/lib/ruby/vendor_ruby/puppet/application.rb:381:in `block in run'
      /usr/lib/ruby/vendor_ruby/puppet/util.rb:488:in `exit_on_fail'
      /usr/lib/ruby/vendor_ruby/puppet/application.rb:381:in `run'
      /usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:146:in `run'
      /usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:92:in `execute'
      /usr/bin/puppet:8:in `<main>'
      

        Attachments

          Activity

            People

            • Assignee:
              jonathan.tripathy Jonny (JT) Tripathy
              Reporter:
              sangdrax8 Brian Sanders
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:

                Zendesk Support