The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

Bug #15646

iptables rules parsing fails on invert match

Added by Lee Standen almost 3 years ago. Updated about 2 years ago.

Status:ClosedStart date:07/23/2012
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:firewallSpent time:-
Target version:-
Keywords: Branch:

We've Moved!

Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com


Description

When using an invert match in iptables (for example manually added rule), the parser blows up and fails to parse the record.

An example output from iptables-save which fails: -A INPUT -p tcp -m multiport —sports 8140 -m comment —comment “050 allow puppet master connections” -m tcp ! —tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT

At the very least, I’d expect this to give some useful feedback so someone can manually fix the broken rule.

History

#1 Updated by William Van Hevelingen over 2 years ago

  • Category set to firewall

#2 Updated by Ken Barber about 2 years ago

  • Status changed from Unreviewed to Closed

Hiya … I’ve fall behind a bit on all this work, also the bug tracker is moving to here: https://github.com/puppetlabs/puppet-firewall/issues I’ve managed to move what I still think is relevant and merge up items that are related. Consider this a slight declaration of ‘ticket debt’. If you think you’re issue isn’t represented in the new tracker feel free to open a new one.

Apologies for any confusion :–).

Ken.

#3 Updated by Ken Barber about 2 years ago

Sorry – the new URL is actually: http://github.com/puppetlabs/puppetlabs-firewall/issues … thanks @Wolfspyre.

Also available in: Atom PDF