Change - Ensure that firewalld is stopped before iptables starts

firewalld must be stopped and disabled before the iptables service
will start properly.

diff --git a/manifests/linux/redhat.pp b/manifests/linux/redhat.pp
index e174b80b6f5dae7e6d7132e0eafdf9105de46fee..1a54e90553c80fd2f0e5e03cf6fd7e78d0ebb1c1 100644 (file)
--- a/manifests/linux/redhat.pp
+++ b/manifests/linux/redhat.pp
@@ -30,7 +30,7 @@ class firewall::linux::redhat (
     service { 'firewalld':
       ensure => stopped,
       enable => false,
-      before => Package[$package_name],
+      before => [Package[$package_name], Service[$service_name]],
     }
   }
 

diff --git a/spec/unit/classes/firewall_linux_redhat_spec.rb b/spec/unit/classes/firewall_linux_redhat_spec.rb
index 90dbcd5d9d49c0d2ffb36a71bd01e0020dd17e2b..bd80d076a6b84aa0abd6eba31f7f33bd568f1662 100644 (file)
--- a/spec/unit/classes/firewall_linux_redhat_spec.rb
+++ b/spec/unit/classes/firewall_linux_redhat_spec.rb
@@ -87,7 +87,7 @@ describe 'firewall::linux::redhat', :type => :class do
         it { should contain_service('firewalld').with(
           :ensure => 'stopped',
           :enable => false,
-          :before => 'Package[iptables-services]'
+          :before => ['Package[iptables-services]', 'Service[iptables]']
         )}
 
         it { should contain_package('iptables-services').with(