From: pellisesol <55718611+pellisesol@users.noreply.github.com>
Date: Fri, 2 Oct 2020 17:06:33 +0000 (-0500)
Subject: Update firewall.rb
X-Git-Tag: v3.3.0~8^2~1
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=e0794453e0768d77f055e7eda9da8cd9ef79811f;p=puppet-modules%2Fpuppetlabs-firewall.git

Update firewall.rb

On Gentoo using 'vrrp' sets the proto to 112 but when puppet runs it interprets 112 as 'carp' which it then corrects to 'vrrp' which is still 112. So it redoes the rule every time puppet runs. Adding carp here allows carp to be set as a valid option which removes the loop.
---

diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index d46316b..ae751e0 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -554,7 +554,7 @@ Puppet::Type.newtype(:firewall) do
       The specific protocol to match for this rule.
     PUPPETCODE
 
-    newvalues(*[:ip, :tcp, :udp, :icmp, :"ipv6-icmp", :esp, :ah, :vrrp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :cbt, :sctp, :pim, :all].map { |proto|
+    newvalues(*[:ip, :tcp, :udp, :icmp, :"ipv6-icmp", :esp, :ah, :vrrp, :carp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :cbt, :sctp, :pim, :all].map { |proto|
       [proto, "! #{proto}".to_sym]
     }.flatten)
     defaultto 'tcp'