]> review.fuel-infra Code Review - puppet-modules/puppetlabs-firewall.git/commit
Code Review / puppet-modules / puppetlabs-firewall.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d1e54f9) | patch
(MODULES-8736) IPtables support on RHEL8
authorEmilien Macchi <emilien@redhat.com>
Mon, 11 Mar 2019 15:37:37 +0000 (11:37 -0400)
committerEmilien Macchi <emilien@redhat.com>
Mon, 1 Apr 2019 16:01:56 +0000 (12:01 -0400)
commit879838dfc111f1dd05b548d5b80b528b58ada889
treedc4004dac0cbdc4c828e05555154ec971029bed4tree | snapshot
parentd1e54f923cca03b0d9725877a0c3573752c36097commit | diff
(MODULES-8736) IPtables support on RHEL8

In order to persist the nftables rules on RHEL8, we need the init scripts:
"Warning: Firewall[998 log all ipv4](provider=iptables): Unable to persist firewall rules:
Execution of '/usr/libexec/iptables/iptables.init save' returned 1:
Error: Could not execute posix command: No such file or directory - /usr/libexec/iptables/iptables.init",

Those are contained in the iptables-services package, so this patch aims
to add it into package_name for RHEL8.

Also, to make the IPtables-managed rules persistent at reboot, we need
to enable iptables (and ip6tables) service(s) like we did in previous
versions of RHEL ecosystem.
manifests/linux/redhat.pp diff | blob | history
manifests/params.pp diff | blob | history
spec/unit/classes/firewall_linux_redhat_spec.rb diff | blob | history