Hi, So... no answers... bug report filed! :-)
https://tickets.puppetlabs.com/browse/MODULES-2376 Matthias On Mon, 3 Aug 2015 13:26:07 +0200 Matthias Saou <matth...@saou.eu> wrote: > Hi, > > I had this applied to my nodes : > > firewall { "${prenumber}7 portknock let connections through": > action => 'accept', > chain => 'INPUT', > dport => $dports, > proto => 'tcp', > recent => 'rcheck', > rname => "${prefix}_heaven", > rseconds => $seconds, > } > > With $seconds set to '3'. Now I want to remove it entirely, which will > mean "forever", but I just can't figure out how to do it, or even if > it's possible at all. > > When I set to undef, false or even remove the $rseconds line entirely, > puppet just leaves the previous value on existing nodes. For new nodes > or if I manually remove all iptables rules first, then the new rule > gets created without any "--seconds 3" as expected. > > How can I tell puppet to actually remove that parameter from existing > rules instead of stop caring about the value? > > Matthias > -- Matthias Saou ██ ██ ██ ██ Web: http://matthias.saou.eu/ ██████████████ Mail/XMPP: matth...@saou.eu ████ ██████ ████ ██████████████████████ GPG: 4096R/E755CC63 ██ ██████████████ ██ 8D91 7E2E F048 9C9C 46AF ██ ██ ██ ██ 21A9 7A51 7B82 E755 CC63 ████ ████ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20150810133509.16e8af53%40r2d2.marmotte.net. For more options, visit https://groups.google.com/d/optout.
