puppetlabs
enable correct service for EL9 using legacy IPv4
probably not many people still using IPv4 in their systems, after all IPv6 is soon 25 years old, but... we still want to support it.
nftables.service loads nft rules from /etc/sysconfig/nftables.conf, but this module generates classic iptables rules. The service to load these on boot is simply "iptables.service".
IPv6 rules are loaded correctly by ip6tables.service.
firewall::params is a class
that may have no external impact to Forge modules.
This module is declared in 106 of 580 indexed public Puppetfiles.
These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.
Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.
![puppet-community-rangefinder[bot] avatar](https://avatars.githubusercontent.com/in/22507?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @kjetilho, sorry for the delay in feedback. While reviewing pending PRs for the module, we have merged a different PR that also seems to be addressing this issue, thus causing a conflict. https://github.com/puppetlabs/puppetlabs-firewall/pull/1103
hmm. as I mentioned in my comment above, nftables.service uses files not managed by this module - so I think it is not correct to enable the service. who know what rules are left behind in /etc/sysconfig/nftables.conf. I prefer my patch, which only enables iptables.service.
hmm, the "mend" tests failed due to missing api key. does this mean merge requests need to use project branches rather than external forks?
