puppetlabs-firewall
puppetlabs-firewall copied to clipboard
puppetlabs
single quotes in rule comments produces errors
Describe the Bug
If you add a rule with single quotes in the comment or if you use
resources { 'firewall': purge => true, }
to get rid of unmanaged rules, but with single quotes you will get an error
Example:
Error: firewall[100 allow SSH gateway \'10.79.251.5/32\']: Deleting: Failed after 0.016324 seconds: Execution of 'iptables -t filter -D INPUT -s 10.79.251.5/32 -p tcp -m comment --comment "100 allow SSH gateway \'10.79.251.5/32\'" -j ACCEPT' returned 1: iptables: Bad rule (does a matching rule exist in that chain?). Error: /Stage[main]/Poma_profiles::Firewall/Firewall[100 allow SSH gateway \'10.79.251.5/32\']: Could not evaluate: Execution encountered an error
Expected Behavior
the firewall module should be able to handle single quotes
Steps to Reproduce
Steps to reproduce the behavior:
- create manually a rule with single quotes in the comment
- let the puppet module purge unmanaged rules
- get the error
Environment
- Version: 8.0.1
- Platform: don't know, Puppetmaster is running somewhere in Kubernetes, but a new version of Puppet :-)
Additional Context
I updated the module version from a very old version 3.3.0 to 8.0.1.
With 3.3.0 single quotes were no problem.
I removed all single quotes from our rules.
Right know i have to run a iptables -F with puppet exec once, to get rid of unwanted rules, else i would have duplicated rules, because purge => true will throw errors
I'm not the author of the module, just a contributor, but thank you.
I recently too upgraded from 3.3.0 and found a lot of problems with the latest version. I recommend to downgrade to the latest 6.X for a time being @capull0