The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

Activity

From 10/18/2011 to 10/24/2011

10/25/2011

11:00 pm Bug #10239: Unable to purge rules not matching regex
Thought I might chime in here for a second...
It's probably worth mentioning that we're using a heavily bastardize...
Chris Boulton
10:41 pm Bug #9082: puppetlabs-firewall: using an array for the state property results in rule updating on...
Alright, I've had some time to think over the changes and because of my misunderstanding of how munging works, the so... Chris Boulton
05:23 pm Bug #10085 (Accepted): firewall: ip6tables/iptables provider keeps appends mask to source and des...
James Turnbull

10/24/2011

10:41 am Bug #10239: Unable to purge rules not matching regex
Okay - I've got it now re: ordering parameter. I see your point. Probably worth thinking about thanks Dan. Ken Barber
10:34 am Bug #10239: Unable to purge rules not matching regex
Dan Carley wrote:
> It's not just number prefixes. I don't think there's any restriction on the characters that can ...
Ken Barber
09:18 am Bug #10239: Unable to purge rules not matching regex
I don't think there's any need for the MD5 of the rule, just throw a number in front of the existing comment and keep... Jonathan Boyett
09:02 am Bug #10239: Unable to purge rules not matching regex
It's not just number prefixes. I don't think there's any restriction on the characters that can go into a comment str... Dan Carley
08:58 am Refactor #10242 (Merged - Pending Release): remove unneccessary variable munging
This module reassigns all variables to a _real value.
It should be refactored to only re-assign variables when mun...
Dan Bode
08:43 am Bug #10162: firewall: User custom Chain not getting created when first rule applies
Autorequires with a default 'ACCEPT' would be perfect :) Pablo Iranzo Gómez
08:36 am Bug #10162 (Accepted): firewall: User custom Chain not getting created when first rule applies
I'd like to add a new facility to add chains. This shouldn't be automatic IMHO. A new resource such as:
iptabl...
Ken Barber
08:32 am Bug #10164 (Accepted): firewall: ICMP type 'any'
Ken Barber
08:31 am Bug #10086 (Accepted): firewall: ip6tables lacks tests
Ken Barber
08:30 am Bug #10239: Unable to purge rules not matching regex
Hmm. How can we get the best of both worlds I wonder. Still - I think transforming a rule to a hash in this case feel... Ken Barber
07:47 am Bug #10208: iptables in EL4 doesn't support 'comments' so puppetlabs-firewall doesn't work
Package is: iptables-1.2.11-3.3.el4_8.i386.rpm
Name : iptables
Version : 1.2.11
Release : 3.3.el4...
Pablo Iranzo Gómez
07:44 am Bug #10208 (Accepted): iptables in EL4 doesn't support 'comments' so puppetlabs-firewall doesn't ...
Accepted. No decision needed. Ken Barber
07:43 am Bug #10165 (Accepted): When dport changes it's displayed without spaces or separators
Ken Barber
07:42 am Bug #10208 (Needs Decision): iptables in EL4 doesn't support 'comments' so puppetlabs-firewall do...
Agreed - we should bail properly on that version of iptables. What version is it specifically? Ken Barber
07:38 am Feature #10166 (Accepted): Clean rules not defined by module except on CHAIN
Ken Barber
07:37 am Bug #10239: Unable to purge rules not matching regex
I'm inclined to agree. It's a kind of arbitrary restriction. However I almost prefer it to the workarounds I've had t... Dan Carley
07:36 am Bug #10163 (Merged - Pending Release): firewall: cleanup documentation to align with module relea...
Ken Barber
07:35 am Feature #10240 (Closed): firewall: use proper resource ordering instead of lexical ordering
We need to fix the lexical v resource ordering issue at some point. Luke provided some comment on how to do this:
...
Ken Barber
07:31 am Bug #10239: Unable to purge rules not matching regex
I hate the fact we rely on lexical ordering. The validation was added to force people to use numbers for ordering but... Ken Barber
07:14 am Bug #10239 (In Topic Branch Pending Review): Unable to purge rules not matching regex
Ken Barber
04:50 am Bug #9082: puppetlabs-firewall: using an array for the state property results in rule updating on...
Ken Barber wrote:
> The code looks good after a cursory glance Chris - but we'll need to add tests to avoid regressio...
Chris Boulton
03:48 am Bug #10239: Unable to purge rules not matching regex
Pull request submitted.
https://github.com/puppetlabs/puppetlabs-firewall/pull/19
Arguably "`! hash[:name] or`"...
Dan Carley
03:41 am Bug #10239 (Closed): Unable to purge rules not matching regex
The puppetlabs-firewall module is unable to purge existing IPtables rules that don't have a comment matching the rege... Dan Carley
01:50 am Bug #9082 (Tests Insufficient): puppetlabs-firewall: using an array for the state property result...
The code looks good after a cursory glance Chris - but we'll need to add tests to avoid regression. Can you do this? ... Ken Barber
11:32 pm Bug #9082: puppetlabs-firewall: using an array for the state property results in rule updating on...
- disregard Chris Boulton
11:32 pm Bug #9082: puppetlabs-firewall: using an array for the state property results in rule updating on...
Quick fix here w/ a pull request which does the trick: https://github.com/puppetlabs/puppetlabs-firewall/pull/18 Chris Boulton

10/23/2011

12:14 pm Bug #9364: puppetlabs-firewall: Some iptables versions converting CIDR to netmask for source/dest...
Looks like for a slightly different problem though Nan. And the solution would be quite different.
In the prior ca...
Ken Barber
12:01 pm Bug #9364: puppetlabs-firewall: Some iptables versions converting CIDR to netmask for source/dest...
It also seems to keep applying on CentOS 5.6 iptables v1.3.5:
notice: /Firewall[081 puppetdashboard allow]/sourc...
Nan Liu

10/22/2011

11:52 am Bug #10231 (Closed): Default ports should be different
(moved from github)
We really should be using 61613 and 61616 for the ports in activemq.xml. I know the example co...
Ken Barber

10/21/2011

06:17 am Bug #10208 (Closed): iptables in EL4 doesn't support 'comments' so puppetlabs-firewall doesn't work
I know puppet-firewall requires it to work, but as I use a common set of puppet rules for EL4 and EL5 machines, when ... Pablo Iranzo Gómez

10/20/2011

10:41 pm Bug #10163 (In Topic Branch Pending Review): firewall: cleanup documentation to align with module...
Ken Barber

10/19/2011

12:55 am Feature #10166 (Closed): Clean rules not defined by module except on CHAIN
Everything from INPUT or FORWARD is sent to RH-Firewall rule, when we input all the rules required by system services... Pablo Iranzo Gómez
12:37 am Bug #10165 (Merged - Pending Release): When dport changes it's displayed without spaces or separa...
Hi
When redefining a rule and port changes, they all shown together:
/dport: dport changed '1761175217681766'...
Pablo Iranzo Gómez
12:24 am Bug #10164 (Merged - Pending Release): firewall: ICMP type 'any'
When defining icmp type to "any" it fails, so I used the numerical type '255', but each time puppet runs, shows this ... Pablo Iranzo Gómez
12:20 am Bug #10163 (Closed): firewall: cleanup documentation to align with module release in forge
This ticket is to track the effort to cleanup the documentation now that we have released a module to the forge.
*...
Ken Barber
12:17 am Bug #10162 (Merged - Pending Release): firewall: User custom Chain not getting created when first...
Hi
When defining a new rule to a custom chain, if the chain hasn't been already created will start throwing errors i...
Pablo Iranzo Gómez
09:42 pm Bug #10116 (Accepted): firewall: rules with source array only create rule for first item in array
Ken Barber

10/18/2011

02:44 pm Bug #10088 (Merged - Pending Release): Providing clear contribution guidelines
Ken Barber
02:42 pm Feature #9362 (Merged - Pending Release): puppetlabs-firewall: action property
Ken Barber
09:33 am Bug #8331 (Needs Decision): vcsrepo: svn provider flags local repository as absent even when it w...
Nan Liu
09:30 am Bug #8331: vcsrepo: svn provider flags local repository as absent even when it was created with p...
Well, SVN isn't a distributed version control software, so the central repo isn't really a SVN repository. If you run... Nan Liu
12:52 am Feature #10136 (Merged - Pending Release): kwalify: add a function to gather arguments from the c...
For the purposes of validating class and defined resources with kwalify, I need a function that exposes the current p... Ken Barber
 

Also available in: Atom