Hi Folks,
I''m trying to figure our why if I pass an array to a augeas resource
type
it ends up being concatenated eg for the following example I would expect
2 firewall rules, but instead I get one rule with the dport = 17001701
class {''test'':
port => [''1700'', ''1701''],
}
class test ($port) {
augeas{"$port":
context => "/files/etc/sysconfig/iptables/table",
changes => [''ins append before
append[.="INPUT"][last()]'',
''defnode INPUT append[.=""] INPUT'',
''set $INPUT INPUT'',
''set $INPUT/match[1] state'',
''set $INPUT/state NEW'',
''set $INPUT/match[2] tcp'',
''set $INPUT/protocol tcp'',
"set \$INPUT/dport $port",
''set $INPUT/jump ACCEPT''],
onlyif => "match append[*]/dport[.=\"$port\"] size ==
0",
}
}
Anyone got any suggestions?
Cheers
Steve
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/0S89Gxr5rHgJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
> > augeas{"$port": >There''s a difference between $var and "$var". With quotes the array is forced to a string. Cheers, Paul -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/ajim27vmNLUJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Adding to Paul''s answer, if you want to set more than one port here, you''ll probably want to make a define for a port and loop on resources. The define can then use augeas to set the port. On Monday, May 28, 2012 5:47:52 PM UTC+2, Steve Foster wrote:> > Hi Folks, > > I''m trying to figure our why if I pass an array to a augeas resource type > it ends up being concatenated eg for the following example I would expect > 2 firewall rules, but instead I get one rule with the dport = 17001701 > > class {''test'': > port => [''1700'', ''1701''], > } > > class test ($port) { > > augeas{"$port": > context => "/files/etc/sysconfig/iptables/table", > changes => [''ins append before append[.="INPUT"][last()]'', > ''defnode INPUT append[.=""] INPUT'', > ''set $INPUT INPUT'', > ''set $INPUT/match[1] state'', > ''set $INPUT/state NEW'', > ''set $INPUT/match[2] tcp'', > ''set $INPUT/protocol tcp'', > "set \$INPUT/dport $port", > ''set $INPUT/jump ACCEPT''], > onlyif => "match append[*]/dport[.=\"$port\"] size == 0", > > } > } > > Anyone got any suggestions? > > Cheers > > Steve >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/vJ1PQ9bhhsUJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Thanks for the suggestions... so now we have:
class {''test'':
tport => [''1700'', ''1701''],
}
class test ($tport) {
fwport{"spoo": fport => $tport, }
}
define fwport ($fport) {
augeas{$fport:
context => "/files/etc/sysconfig/iptables/table",
changes => [''ins append before
append[.="INPUT"][last()]'',
''defnode INPUT append[.=""] INPUT'',
''set $INPUT INPUT'',
''set $INPUT/match[1] state'',
''set $INPUT/state NEW'',
''set $INPUT/match[2] tcp'',
''set $INPUT/protocol tcp'',
"set \$INPUT/dport $title",
''set $INPUT/jump ACCEPT''],
onlyif => "match append[*]/dport[.=\"$title\"] size ==
0",
}
}
but now in the augeas resource $title is evaluated to "spoo", i would
have
though that it would have been the name or title passed to augeas??? very
confused.
Additionally if I use $fport in the changes or matches section of augeas I
still get a concatenation of the array... even more confused!
TIA
Steve
On Monday, May 28, 2012 9:13:54 PM UTC+1, Raphink wrote:>
> Adding to Paul''s answer, if you want to set more than one port
here,
> you''ll probably want to make a define for a port and loop on
resources.
>
> The define can then use augeas to set the port.
>
>
> On Monday, May 28, 2012 5:47:52 PM UTC+2, Steve Foster wrote:
>>
>> Hi Folks,
>>
>> I''m trying to figure our why if I pass an array to a augeas
resource type
>> it ends up being concatenated eg for the following example I would
expect
>> 2 firewall rules, but instead I get one rule with the dport = 17001701
>>
>> class {''test'':
>> port => [''1700'', ''1701''],
>> }
>>
>> class test ($port) {
>>
>> augeas{"$port":
>> context => "/files/etc/sysconfig/iptables/table",
>> changes => [''ins append before
append[.="INPUT"][last()]'',
>> ''defnode INPUT append[.=""]
INPUT'',
>> ''set $INPUT INPUT'',
>> ''set $INPUT/match[1] state'',
>> ''set $INPUT/state NEW'',
>> ''set $INPUT/match[2] tcp'',
>> ''set $INPUT/protocol tcp'',
>> "set \$INPUT/dport $port",
>> ''set $INPUT/jump ACCEPT''],
>> onlyif => "match append[*]/dport[.=\"$port\"]
size == 0",
>>
>> }
>> }
>>
>> Anyone got any suggestions?
>>
>> Cheers
>>
>> Steve
>>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/zbR2TYVe8hcJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Hi Steve, I believe he meant that you pass your array directly to the defined type:> class test ($tport) { > fwport{ $fport: } > }> define fwport { > $fport = $name > augeas{$fport: > context => "/files/etc/sysconfig/iptables/table",I hope that gives you the idea. Regards, Den On 29/05/2012, at 17:21, steve foster <steve.p.foster@gmail.com> wrote:> Thanks for the suggestions... so now we have: > > class {''test'': > tport => [''1700'', ''1701''], > } > > class test ($tport) { > fwport{"spoo": fport => $tport, } > } > > define fwport ($fport) { > > augeas{$fport: > context => "/files/etc/sysconfig/iptables/table", > changes => [''ins append before append[.="INPUT"][last()]'', > ''defnode INPUT append[.=""] INPUT'', > ''set $INPUT INPUT'', > ''set $INPUT/match[1] state'', > ''set $INPUT/state NEW'', > ''set $INPUT/match[2] tcp'', > ''set $INPUT/protocol tcp'', > "set \$INPUT/dport $title", > ''set $INPUT/jump ACCEPT''], > onlyif => "match append[*]/dport[.=\"$title\"] size == 0", > } > > } > > but now in the augeas resource $title is evaluated to "spoo", i would have though that it would have been the name or title passed to augeas??? very confused. > > Additionally if I use $fport in the changes or matches section of augeas I still get a concatenation of the array... even more confused! > > TIA > > Steve > > On Monday, May 28, 2012 9:13:54 PM UTC+1, Raphink wrote: > Adding to Paul''s answer, if you want to set more than one port here, you''ll probably want to make a define for a port and loop on resources. > > The define can then use augeas to set the port. > > > On Monday, May 28, 2012 5:47:52 PM UTC+2, Steve Foster wrote: > Hi Folks, > > I''m trying to figure our why if I pass an array to a augeas resource type it ends up being concatenated eg for the following example I would expect 2 firewall rules, but instead I get one rule with the dport = 17001701 > > class {''test'': > port => [''1700'', ''1701''], > } > > class test ($port) { > > augeas{"$port": > context => "/files/etc/sysconfig/iptables/table", > changes => [''ins append before append[.="INPUT"][last()]'', > ''defnode INPUT append[.=""] INPUT'', > ''set $INPUT INPUT'', > ''set $INPUT/match[1] state'', > ''set $INPUT/state NEW'', > ''set $INPUT/match[2] tcp'', > ''set $INPUT/protocol tcp'', > "set \$INPUT/dport $port", > ''set $INPUT/jump ACCEPT''], > onlyif => "match append[*]/dport[.=\"$port\"] size == 0", > > } > } > > Anyone got any suggestions? > > Cheers > > Steve > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/zbR2TYVe8hcJ. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Cheers for the clarification Den... Works a charm now :-) S On Tuesday, May 29, 2012 11:43:21 AM UTC+1, denmat wrote:> > Hi Steve, > > I believe he meant that you pass your array directly to the defined type: > > class test ($tport) { > fwport{ $fport: } > } > > > define fwport { > $fport = $name > augeas{$fport: > context => "/files/etc/sysconfig/iptables/table", > > > I hope that gives you the idea. > > Regards, > Den > > On 29/05/2012, at 17:21, steve foste wrote: > > Thanks for the suggestions... so now we have: > > class {''test'': > tport => [''1700'', ''1701''], > } > > class test ($tport) { > fwport{"spoo": fport => $tport, } > } > > define fwport ($fport) { > > augeas{$fport: > context => "/files/etc/sysconfig/iptables/table", > changes => [''ins append before append[.="INPUT"][last()]'', > ''defnode INPUT append[.=""] INPUT'', > ''set $INPUT INPUT'', > ''set $INPUT/match[1] state'', > ''set $INPUT/state NEW'', > ''set $INPUT/match[2] tcp'', > ''set $INPUT/protocol tcp'', > "set \$INPUT/dport $title", > ''set $INPUT/jump ACCEPT''], > onlyif => "match append[*]/dport[.=\"$title\"] size == 0", > } > > } > > but now in the augeas resource $title is evaluated to "spoo", i would have > though that it would have been the name or title passed to augeas??? very > confused. > > Additionally if I use $fport in the changes or matches section of augeas I > still get a concatenation of the array... even more confused! > > TIA > > Steve > > On Monday, May 28, 2012 9:13:54 PM UTC+1, Raphink wrote: >> >> Adding to Paul''s answer, if you want to set more than one port here, >> you''ll probably want to make a define for a port and loop on resources. >> >> The define can then use augeas to set the port. >> >> >> On Monday, May 28, 2012 5:47:52 PM UTC+2, Steve Foster wrote: >>> >>> Hi Folks, >>> >>> I''m trying to figure our why if I pass an array to a augeas resource >>> type it ends up being concatenated eg for the following example I would >>> expect 2 firewall rules, but instead I get one rule with the dport = >>> 17001701 >>> >>> class {''test'': >>> port => [''1700'', ''1701''], >>> } >>> >>> class test ($port) { >>> >>> augeas{"$port": >>> context => "/files/etc/sysconfig/iptables/table", >>> changes => [''ins append before append[.="INPUT"][last()]'', >>> ''defnode INPUT append[.=""] INPUT'', >>> ''set $INPUT INPUT'', >>> ''set $INPUT/match[1] state'', >>> ''set $INPUT/state NEW'', >>> ''set $INPUT/match[2] tcp'', >>> ''set $INPUT/protocol tcp'', >>> "set \$INPUT/dport $port", >>> ''set $INPUT/jump ACCEPT''], >>> onlyif => "match append[*]/dport[.=\"$port\"] size == 0", >>> >>> } >>> } >>> >>> Anyone got any suggestions? >>> >>> Cheers >>> >>> Steve >>> >> -- > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/4UwHOJiBcecJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.