Skip to content

Commit

Permalink
enable correct service for EL9 using legacy IPv4
Browse files Browse the repository at this point in the history 
nftables.service loads nft rules from /etc/sysconfig/nftables.conf,
but this module generates classic iptables rules which are stored in
/etc/sysconfig/iptables.  The service to load these on boot is simply
and only "iptables.service".

IPv6 rules are loaded correctly by ip6tables.service.
  • Loading branch information
@kjetilho
kjetilho committed Mar 25, 2024
1 parent 6620ad2 commit af89e71
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions manifests/params.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,14 @@
}
default: {
if versioncmp($facts['os']['release']['full'], '9') >= 0 {
$service_name = ['nftables','iptables']
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
$package_name = ['iptables-services', 'nftables', 'iptables-nft-services']
$iptables_name = 'iptables-nft'
$sysconfig_manage = false
$firewalld_manage = true
} elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 {
$service_name = ['iptables', 'nftables']
$service_name = ['iptables']
$service_name_v6 = 'ip6tables'
$package_name = ['iptables-services', 'nftables']
$iptables_name = 'iptables'
Expand Down

0 comments on commit af89e71

Please sign in to comment.