Hi, So... no answers... bug report filed! :-)
https://tickets.puppetlabs.com/browse/MODULES-2376 Matthias On Mon, 3 Aug 2015 13:26:07 +0200 Matthias Saou <[email protected]> wrote: > Hi, > > I had this applied to my nodes : > > firewall { "${prenumber}7 portknock let connections through": > action => 'accept', > chain => 'INPUT', > dport => $dports, > proto => 'tcp', > recent => 'rcheck', > rname => "${prefix}_heaven", > rseconds => $seconds, > } > > With $seconds set to '3'. Now I want to remove it entirely, which will > mean "forever", but I just can't figure out how to do it, or even if > it's possible at all. > > When I set to undef, false or even remove the $rseconds line entirely, > puppet just leaves the previous value on existing nodes. For new nodes > or if I manually remove all iptables rules first, then the new rule > gets created without any "--seconds 3" as expected. > > How can I tell puppet to actually remove that parameter from existing > rules instead of stop caring about the value? > > Matthias > -- Matthias Saou ██ ██ ██ ██ Web: http://matthias.saou.eu/ ██████████████ Mail/XMPP: [email protected] ████ ██████ ████ ██████████████████████ GPG: 4096R/E755CC63 ██ ██████████████ ██ 8D91 7E2E F048 9C9C 46AF ██ ██ ██ ██ 21A9 7A51 7B82 E755 CC63 ████ ████ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20150810133509.16e8af53%40r2d2.marmotte.net. For more options, visit https://groups.google.com/d/optout.
