similar to: Firewall module error

Hi, First, some software versions, just to get them out of the way: - CentOS 5.x through Centos 6.2 - Ruby 1.8.5 - 1.8.7 - Puppet 2.7.19 - Facter 1.6.11 Just a note - we''re working from the EPEL repos almost exclusively. I am working with the firewall module, and so far I am unable to use firewallchain. Some digging suggests that it''s not completely user error (though I

Hi there! Is there a timeline on when the puppetlabs-firewall forge module will be updated (not necessarily to 1.0) ? the github version has the firewallchain type (as well as other nifty) that the forge version seems to be lacking, but it''s not clear from my perusing that the two are different. They both appear to be the same version superficially*…. The github version points to the

We''re testing out the Puppetlabs-Firewall module. And it seems I''m either missing something fundamental or Logging/Accpet works/doesn''t work in an irregular way. I would be most grateful for some input. *COMMON:* firewall { ''002 accept related established rules INPUT'': proto => ''all'', state =>

I''m using puppetlabs/firewall with Puppet 2.7.2, and for the most part it''s working great. I have this in my sites.pp, which I took from this list sometime ago, to save firewall rules to disk when they''re changed: # Always persist firewall rules if ($kernel == ''Linux'') { exec { ''persist-firewall'':

Hello, I''m having some trouble. I keep getting the following warnings when trying to run: $ puppet master --no-daemonize /usr/local/build/puppet-bundle/vendor/gems/ruby/1.9.1/gems/ puppet-2.7.12/lib/puppet/external/pson/pure.rb:7:in `<module:PSON>'': iconv will be deprecated in the future, use String#encode instead. Could not load confine test

Hello, I can''t figure out how I can use the module puppetlabs-firewall only for some targeted nodes. If I put : resources { "firewall": purge => true } in top scope (i.e. site.pp), then all the firewall rules on all my nodes are purged. Even for nodes for which I don''t apply any module containing specific firewall { ... } resources. If I put it in a module

I am currently using Puppet''s firewall module: http://forge.puppetlabs.com/puppetlabs/firewall I am trying to have Puppet flush iptables before it applies firewall rules. I tried the following: exec { ''clear-firewall'': command => ''/sbin/iptables -F'', refreshonly => true, } Firewall { subscribe =>

For a few reasons: There is a missing bit of functionality that is important to me. I know WHAT I want to fox, but I do not know HOW. Also, if I am understanding how this module operates, I have ideas for other modules that use the same base methods. So, I am looking for either the folks that wrote this module or someone who can help me understand it enough for me to make some enhancements to

Folks -- I am attempting to retrieve a new certificate on a Puppet client whose certificate was revoked on the Puppet master. The original certificate was revoked using the command: # puppet cert --revoke el5-puptest-2.localdomain I have deleted the /var/lib/puppet/ssl directory on the client, and issued the following command: # puppet agent --test --waitforcert=20 This produces the

Greetings, I have a question about "best practices" for the puppet firewall module. I have pasted my basic config files below and I am curious about a few things. * The ports that all nodes share in common I am adding to the modules/my_firewall/manifests/init.pp file, but the ports that are specific to a node I am adding to the node definition in manifests/site.pp. What should I do

From my iptables-save output: -A INPUT -m state --state RELATED,ESTABLISHED -m comment --comment "000b allow established or related sessions" -j ACCEPT Then from "puppet resource firewall" Error: Could not run: Parameter name failed on Firewall[RELATED,ESTABLISHED]: Invalid value "RELATED,ESTABLISHED". Valid values match

Hi all, I''m cleaning up some puppet manifests, and thought it would be a good opportunity to move from my own monolithic iptables/ip6tables modules to the official puppetlabs-firewall module. But... what''s the deal with IPv6? My first concern was that there is no easy way to have simple rules be applied to both iptables and ip6tables. Fair enough, I just wrote a simple wrapper

Hi, I am testing https://github.com/puppetlabs/puppetlabs-firewall and get this error: err: Could not prefetch firewall provider ''iptables'': private method `gsub'' called for nil:NilClass I don''t know ruby so any help appreciated! -- Bjørge Solli -- You received this message because you are subscribed to the Google Groups "Puppet Users" group.

$ sudo yum install devtoolset-7 Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.vcu.edu * epel: mirror.siena.edu * extras: mirror.vcu.edu * updates: mirror.vcu.edu No package devtoolset-7 available. Error: Nothing to do On Wed, Sep 11, 2019 at 12:17 PM Gordon Messmer <gordon.messmer at gmail.com> wrote: > > On 9/11/19 9:05 AM,

I''m trying to be able to use puppet to modify an existing firewall on a web server. The idea is that if I use puppet to do this, then if the machine ever has to be rebuilt, aside from backups, I have a documented configuration. I looked at the module that was on the wiki that had a perl program and what not, but I don''t think I''m clear on what my thinking should be

In the documentation, it says: With the latest version, we now have in-built persistence, so this is no longer needed. However, you will still need some basic setup to define pre & post rules. resources { "firewall": purge => true } Firewall { before => Class['my_fw::post'], require => Class['my_fw::pre'], } class {

When we call a lattice function such as xyplot, to what extent does the "data" designation cause the function to look inside the "data" for variables? In the examples below, the "subset" argument understands that "Variety" is a variable in the data. But the "scales" argument does not understand that "nitro" is a variable in the data.

Full_Name: John Noble Version: 2.10 OS: Solaris 10 SPARC Submission from: (NULL) (128.172.190.27) The make of Recommended fails. All sections of Make work up to this point and the compiled version of R appears to be correct. Only when adding the recommended modules does the problem appear. The best I can figure the problem appears to be related to the fact that gzip will not decompress

Consider all the text that one sees on the console during an R session. Is there a way, within R, to make all this text--both the "output" and the "messages"--automatically get copied to a single text file, in addition to seeing it on the console? If I remember to save the console to a file at the end of my R session, that does it. But (1) That requires pointing and

The following code produces a legend ("key") that mentions the unused levels of Block. library(MEMSS) xyplot(yield~nitro, subset=(Block=="I" | Block=="II"), data=Oats, group=Block, auto.key=T) and adding "drop.unused.levels=T" does not fix it. And in fact even the following does not solve the problem: xyplot(yield~nitro,