From: Ken Barber <ken@bob.sh>
Date: Tue, 24 Jul 2012 19:29:54 +0000 (+0100)
Subject: (#10322) Insert order hash included chains from different tables
X-Git-Tag: 0.1.0~15^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=47318a009c50f2625bd3df8a1de78d5477d35b57;p=puppet-modules%2Fpuppetlabs-firewall.git

(#10322) Insert order hash included chains from different tables

This fix corrects the insert_order handling to make sure that not only are
rules from the same chain evaulated, but we also check that the table
matches as well.
---

diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index d8538ed..34a17e6 100644
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -288,9 +288,11 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
     debug("[insert_order]")
     rules = []
 
-    # Find list of current rules based on chain
+    # Find list of current rules based on chain and table
     self.class.instances.each do |rule|
-      rules << rule.name if rule.chain == resource[:chain].to_s
+      if rule.chain == resource[:chain].to_s and rule.table == resource[:table].to_s
+        rules << rule.name
+      end
     end
 
     # No rules at all? Just bail now.