Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

icmp_blocks in 'Firewalld Zones' not working #86

Closed
charmms opened this issue Aug 23, 2016 · 4 comments
Closed

icmp_blocks in 'Firewalld Zones' not working #86

charmms opened this issue Aug 23, 2016 · 4 comments
Labels
bug Something isn't working
Milestone
3.1.4

Comments

@charmms
Copy link

charmms commented Aug 23, 2016

icmp_blocks: 'echo-request' not working in hiera file:

firewalld::zones:
  webserver:
    ensure: 'present'
    target: 'default'
    icmp_blocks: 'echo-request'
    purge_rich_rules: true
    purge_services: true
    purge_ports: true

get an error on puppet client:

Error: Execution of '/usr/bin/firewall-cmd --permanent --zone webserver --get-icmptypes' returned 2: usage: see firewall-cmd man page
Wrong usage of --get-zones | --get-services | --get-icmptypes.
Error: /Stage[main]/Firewalld/Firewalld_zone[webserver]/icmp_blocks: change from [] to echo-request failed: Execution of '/usr/bin/firewall-cmd --permanent --zone webserver --get-icmptypes' returned 2: usage: see firewall-cmd man page
Wrong usage of --get-zones | --get-services | --get-icmptypes.

OS: CentOS Linux release 7.2.1511 (Core)
Firewalld: firewalld-0.3.9-14.el7.noarch
@gothicx
Copy link
Contributor

gothicx commented Aug 23, 2016

Which version of the module firewalld are you using ?

@charmms
Copy link
Author

charmms commented Aug 23, 2016

i use crayfishx-firewalld (v3.1.3)

@crayfishx crayfishx added bug Something isn't working testing and removed testing labels Aug 23, 2016
@crayfishx
Copy link
Contributor

@charmms thanks for reporting this - it looks like the resource type is trying to execute --get-icmptypes against the zone, which is incorrect - I'll come up with a patch for this soon.

crayfishx added a commit that referenced this issue Aug 24, 2016
@crayfishx
#86 --get-icmptypes should not be run against the zone
308b0d9
@crayfishx crayfishx mentioned this issue Aug 24, 2016
Merged
@crayfishx crayfishx added this to the 3.1.4 milestone Aug 24, 2016
crayfishx added a commit that referenced this issue Aug 24, 2016
@crayfishx
Merge pull request #88 from crayfishx/bug/icmptypes
1194b43 
#86 --get-icmptypes should not be run against the zone
@crayfishx
Copy link
Contributor

@charmms this fix has been released and is available in 3.1.4. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
3.1.4
Development

No branches or pull requests
3 participants
@gothicx @crayfishx @charmms