Code Review / puppet-modules / puppetlabs-firewall.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d9ab1c0) | patch
(MODULES-2159) ignore the --connlimit-saddr switch when parsing rules
authorPaul Seward <ispms@bris.ac.uk>
Mon, 1 Feb 2016 12:05:39 +0000 (12:05 +0000)
committerPaul Seward <ispms@bris.ac.uk>
Mon, 1 Feb 2016 12:39:54 +0000 (12:39 +0000)
commitb85faedb0ac2c2b7844dcca3da0efbc7b460a10f
treecc4b595ac4edc6b8ec9bafec49662f8cefd73825tree | snapshot
parentd9ab1c0b1530853b326bb4eb76f1f612d8a831f0commit | diff
(MODULES-2159) ignore the --connlimit-saddr switch when parsing rules

Workaround for https://tickets.puppetlabs.com/browse/MODULES-2159 (as described by Greg Murphy in that ticket)

On some distributions (notably on Ubuntu 14.04 and above, and Centos7 and above) the --connlimit-saddr switch is added after the rule is applied causing rule_to_hash to ignore the rule.  Puppet then attempts (and failes) to re-create the rule every time it runs.
lib/puppet/provider/firewall/iptables.rb diff | blob | history