From e0794453e0768d77f055e7eda9da8cd9ef79811f Mon Sep 17 00:00:00 2001
From: pellisesol <55718611+pellisesol@users.noreply.github.com>
Date: Fri, 2 Oct 2020 12:06:33 -0500
Subject: [PATCH] Update firewall.rb

On Gentoo using 'vrrp' sets the proto to 112 but when puppet runs it interprets 112 as 'carp' which it then corrects to 'vrrp' which is still 112. So it redoes the rule every time puppet runs. Adding carp here allows carp to be set as a valid option which removes the loop.
---
 lib/puppet/type/firewall.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index d46316b..ae751e0 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -554,7 +554,7 @@ Puppet::Type.newtype(:firewall) do
       The specific protocol to match for this rule.
     PUPPETCODE
 
-    newvalues(*[:ip, :tcp, :udp, :icmp, :"ipv6-icmp", :esp, :ah, :vrrp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :cbt, :sctp, :pim, :all].map { |proto|
+    newvalues(*[:ip, :tcp, :udp, :icmp, :"ipv6-icmp", :esp, :ah, :vrrp, :carp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :cbt, :sctp, :pim, :all].map { |proto|
       [proto, "! #{proto}".to_sym]
     }.flatten)
     defaultto 'tcp'
-- 
2.45.2