Hi, I manage my iptables setup with the concat module and nail together a rules file and then reload it if it's changed I also have a define setup so other classes can define rules and my firewall class pulls them all in. works well for me because when i remove a class the firewall rull associated with it goes away too.
I am intending on putting my modules in githib but have been super busy and haven't had a chance yet. On 16 August 2012 07:07, Geoff Galitz <ggal...@shutterstock.com> wrote: > > We are executing iptables <rule>, not editing the backend files, though we > could do that if that were the only option. > > -G > > > On Wed, Aug 15, 2012 at 4:54 PM, Luke Baker <bake...@missouri.edu> wrote: >> >> By dynamically loading rules do you mean executing iptables <rule> or are >> you editing your iptables-save file and then reloading? >> >> >> On Wednesday, August 15, 2012 1:48:44 PM UTC-5, Geoff Galitz wrote: >>> >>> >>> I'm still a bit noobish with puppet... >>> >>> In short what I want to do is merge puppet managed iptables with >>> dynamically added rules added by some scripts. We have a basic config setup >>> with a template (iptables.erb) and we can add rules to that in manifests. >>> But of course puppet will wipe any changes made from the OS. Any advice on >>> how to get puppet to respect the dynamically loaded rules? >>> >>> Thanks. >>> -G >>> >>> >>> -- >>> ----------------------------------------------- >>> Geoff Galitz, gga...@shutterstock.com >>> WebOps >>> Shutterstock Images >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/puppet-users/-/VX2Sj8i2-ssJ. >> >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. > > > > > -- > ----------------------------------------------- > Geoff Galitz, ggal...@shutterstock.com > WebOps > Shutterstock Images > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
