The Puppet Labs Issue Tracker has Moved:

This issue tracker is now in read-only archive mode and automatic ticket export has been disabled. Redmine users will need to create a new JIRA account to file tickets using See the following page for information on filing tickets with JIRA:

Bug #13331

Firewall Module doesn't handle services by name correctly

Added by Michael Hsu about 4 years ago. Updated about 3 years ago.

Status:ClosedStart date:03/22/2012
Priority:NormalDue date:
Assignee:-% Done:


Category:firewallSpent time:-
Target version:-
Keywords:firewall iptables Branch:

We've Moved!

Ticket tracking is now hosted in JIRA:


In the string_to_port(value) def, it uses Socket.getservbyname(value) to convert service names to a port value. However this produces unexpected results where if you try to user a service name that doesn’t have a tcp definition it fails with the error:

err: Could not run Puppet configuration client: Parameter dport failed: Munging failed for value “” in class dport: no such service /tcp

replace with whatever named service you choose that doesn’t have a tcp service definition. The current work around is to NOT use service names for non-tcp services. The fix would be somehow using Socket.getservbyname(value, proto) assuming ‘proto’ is defined. Below is an example of a use of the firewall provider that fails:

firewall { "0200 INPUT allow ${name} to syslog port":
    chain  => 'INPUT',
    action => 'accept',
    proto  => 'udp',
    source => $name,
    dport  => 'syslog'


#1 Updated by Ken Barber about 3 years ago

  • Status changed from Unreviewed to Closed

Hiya … I’ve fall behind a bit on all this work, also the bug tracker is moving to here: I’ve managed to move what I still think is relevant and merge up items that are related. Consider this a slight declaration of ‘ticket debt’. If you think you’re issue isn’t represented in the new tracker feel free to open a new one.

Apologies for any confusion :–).


#2 Updated by Ken Barber about 3 years ago

Sorry – the new URL is actually: … thanks @Wolfspyre.

Also available in: Atom PDF