Hello,
The source and destination parameters accept both IP address or a
hostname. If using a hostname, the firewall module thinks the rule
changed each time it runs reporting:
notice: /Firewall[300 allow netbackup traffic from
nbmaster2-63.example.com]/source: current_value 192.168.63.42/32,
should be nbmaster2-63.example.com (noop)
Is there an easy workaround to this? other than not using hostnames?
A similar issue is also seen with the value of debug-level. From some
reason it always thinks it needs to be reset:
notice: /Firewall[998 drop noisy local traffic]/log_level:
current_value , should be warning (noop)
# Log everything else, then reject it with the default deny rule
firewall { '998 drop noisy local traffic':
state => 'NEW',
log_level => warning,
jump => 'LOG',
}
iptables -nL shows this rule as:
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 /* 998
drop noisy local traffic */ state NEW LOG flags 0 level 4
I tried setting "log_level" to 4, instead of "warning" and got :
notice: /Firewall[998 drop noisy local traffic]/log_level:
current_value , should be 4 (noop)
Thanks a lot.
Mohamed.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
