Hi Jeff, Let me try to clarify as the node is on a disconnected network and I am not able to transmit logs from it.
If I stop iptables, delete everything in the file, and then run the firewall rules on the server, all the rules are applied with no errors. However, when I trigger another run of puppet, on that same node after the rules have been added, the puppet run fails with errors in regards to the iptables provider can not handle fields like proto, log_level etc that had worked on first run. It seems to me that we need to flush all rules and then the class should execute to apply the firewall rules. To flush the rules, I set the resources purge true for firewall. Not really sure if this clarified anything. When I ran debug myself, I did not see the purge actually execute as I would expect. On Tue, Nov 20, 2012 at 4:35 PM, Jeff McCune <[email protected]> wrote: > On Tue, Nov 20, 2012 at 4:09 PM, gilbertc777 <[email protected]> > wrote: > > Hi everyone, > > > > I am working now to introduce the puppet firewall module to our > environment. > > > > On the first run, all our rules are deployed on the server with no > errors. > > > > However, on subsequent runs, even without changing rules, I get errors > like > > the following: > > > > The iptables provider can not handle attribute proto.....i get multiple > > errors but the rules work if I stop iptables and clear the > > /etc/sysconfig/iptables file. > > I'm having difficulty understanding the nature of the problem, could > you run the agent with --verbose and --debug turned on and paste the > full output? This will help us troubleshoot the problem more > efficiently. > > -Jeff > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
