Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-5671

firewall : ICMPv6 change on every run.

    XMLWordPrintable

Details

    • Bug
    • Status: Open
    • Normal
    • Resolution: Unresolved
    • None
    • None
    • firewall
    • None
    • Needs Assessment
    • Needs Assessment

    Description

      Basic Info
      Module Version: 1.9.0
      Puppet Version: 5.2.0
      OS Name/Version: CentOS 7.4

      On every run, the ICMPv6 rules are builds again.

      Desired Behavior:
      The the rules are only created on time or on change.

      Actual Behavior:
      On every puppet run, all ICMPv6 rules are created again.

      Sample output:
      Notice: /Stage[main]/Wi_core::Iptables_icmp/Firewall[100 ping ipv6]/proto: proto changed 'ipv6-icmp' to 'icmpv6'
      Notice: Firewall[100 ping ipv6](provider=ip6tables): Properties changed - updating rule

      source:
      firewall

      { '100 ping ipv6': proto => 'icmpv6', chain => 'icmpv6', provider => 'ip6tables', action => 'accept' icmp => 128 }

      since 1.9.0:

      • proto => 'ipv6-icmp',
        + proto => 'icmpv6,',
        1.8.2 works

      Changes:
      type/firewall.rb

      • newvalues(*[:ip, :tcp, :udp, :icmp, :"ipv6-icmp", :esp, :ah, :vrrp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :cbt, :sctp, :pim, :all].collect do |proto|
        + newvalues(*[:ip, :tcp, :udp, :icmp, :icmpv6, :esp, :ah, :vrrp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :cbt, :sctp, :pim, :all].collect do |proto|

      Attachments

        Activity

          People

            Unassigned Unassigned
            puppetTux Frank
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Zendesk Support