Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Creating Rich Rules with IPSets fails #165

Closed
darkmudley opened this issue Jan 29, 2018 · 1 comment
Closed

Creating Rich Rules with IPSets fails #165

darkmudley opened this issue Jan 29, 2018 · 1 comment

Comments

@darkmudley
Copy link

Rich_rule creation works OK if the source is specified as an address, but not if specified as an ipset.
Specify the source as a valid IPset and the rule creation fails because the source is empty, the rule is not surrounded by single quotes, and the --add-rich-rule param does not have a "=" sign after it.

I'm not sure that IPSets get created at all as calling firewall-cmd --get-ipsets on the target node doesn't list any ipsets, whether I specified them in manifests or in Hiera.
It's possible that my syntax is wrong, but no IPset errors are generated and the hiera is valid.

Would you have time to test the IPset creation and rich rule creation, and post the hiera and/or manifest code to call, please?
Many thanks
Mark
@darkmudley
Copy link
Author

Please ignore - a modulepath clash was causing an older module without IPsets to be used
Thanks for the great module!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@darkmudley