]> review.fuel-infra Code Review - puppet-modules/puppetlabs-firewall.git/commit
Code Review / puppet-modules / puppetlabs-firewall.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: e536564) | patch
package "iptables" has been replaced by "iptables-nft" on EL9
authorKjetil Torgrim Homme <kjetil.homme@redpill-linpro.com>
Sun, 6 Nov 2022 16:00:40 +0000 (17:00 +0100)
committerKjetil Torgrim Homme <kjetil.homme@redpill-linpro.com>
Tue, 6 Dec 2022 10:04:13 +0000 (11:04 +0100)
commit371cbfeea9e36d3a391b8674ee2bf704facb9c70
tree3390a55d9337915fb232c80bb5fe527ef13793cdtree | snapshot
parente5365640d42daa9e1146e5c835fcb1ff42717b7fcommit | diff
package "iptables" has been replaced by "iptables-nft" on EL9

There are some pointers given by dnf about "iptables", but these confuse
Puppet into aborting with the error message:

```console
Error: /Stage[main]/Firewall::Linux/Package[iptables]: Could not evaluate: no implicit conversion of Array into Hash
```

Fedora had a similar patch in commit 486e4b5779f5069e which I think
fixed the bug https://tickets.puppetlabs.com/browse/MODULES-11147 but
the same issue rared its head here on AlmaLinux 9.0.

The RPM for iptables-legacy states:

> This package contains the legacy tools which are obsoleted by
> nft-variants in iptables-nft package for backwards compatibility reasons.
> If you need to set up firewalls and/or IP masquerading, you should not install
> this package but either nftables or iptables-nft instead.
manifests/params.pp diff | blob | history