The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com
iptables rules parsing fails on invert match
Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com
This issue is currently not available for export. If you are experiencing the issue described below, please file a new ticket in JIRA. Once a new ticket has been created, please add a link to it that points back to this Redmine ticket.
When using an invert match in iptables (for example manually added rule), the parser blows up and fails to parse the record.
An example output from iptables-save which fails: -A INPUT -p tcp -m multiport —sports 8140 -m comment —comment “050 allow puppet master connections” -m tcp ! —tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
At the very least, I’d expect this to give some useful feedback so someone can manually fix the broken rule.
#2 Updated by Ken Barber about 1 year ago
- Status changed from Unreviewed to Closed
Hiya … I’ve fall behind a bit on all this work, also the bug tracker is moving to here: https://github.com/puppetlabs/puppet-firewall/issues I’ve managed to move what I still think is relevant and merge up items that are related. Consider this a slight declaration of ‘ticket debt’. If you think you’re issue isn’t represented in the new tracker feel free to open a new one.
Apologies for any confusion :–).
#3 Updated by Ken Barber about 1 year ago
Sorry – the new URL is actually: http://github.com/puppetlabs/puppetlabs-firewall/issues … thanks @Wolfspyre.