(MODULES-2783) Missing ip6tables service name #578
Conversation
|
We use both iptables & ip6tables, for this we set service_name of firewall class as ['iptables','ip6tables'], the change though is excellent, will it work in situation where one passes service_name as above? |
|
I think the way you were using this module did-t work since they have iptables service hardcoded. |
|
You're right...iptables was hardcoded, however how to enable both iptables & ip6tables on CentOS or RedHat? By default its always iptables. So what I am doing is passing ['iptables','ip6tables'] for "service_name" attribute of class firewall. This is also done for Gentoo linux. In such a case this may not work. |
| @@ -46,7 +46,7 @@ | |||
| exec { '/usr/bin/systemctl daemon-reload': | |||
| require => Package[$package_name], | |||
| before => Service[$service_name], | |||
| unless => '/usr/bin/systemctl is-active iptables' | |||
| unless => '/usr/bin/systemctl is-active iptables', | |||
There was a problem hiding this comment.
shouldn't this also use $service_name?
|
Thanks @DavidS for providing feedback. Will do that today. Cheers. |
abednarik
force-pushed
the
fix/master/redhat_service_name_references
branch
from
58ba76d
to
428081a
Compare
Replaced hardcoded iptables service references with $service_name variable.
abednarik
force-pushed
the
fix/master/redhat_service_name_references
branch
from
428081a
to
6779867
Compare
|
Done @DavidS Any feedback is welcome. |
|
I'll merge it as is. For @pshaikh 's use-case (and I guess this will become more necessary in the coming time) I'd really love to see explicit IPv6 support alongside the current types, so that it can be selected properly at the top-level. |
…_references (MODULES-2783) Missing ip6tables service name
…rvice_name_references (MODULES-2783) Missing ip6tables service name
No description provided.