From af89e718a6f9734d0539c5b7eaf2295352726cef Mon Sep 17 00:00:00 2001
From: Kjetil Torgrim Homme <kjetil.homme@redpill-linpro.com>
Date: Tue, 13 Dec 2022 22:13:41 +0100
Subject: [PATCH] enable correct service for EL9 using legacy IPv4

nftables.service loads nft rules from /etc/sysconfig/nftables.conf,
but this module generates classic iptables rules which are stored in
/etc/sysconfig/iptables.  The service to load these on boot is simply
and only "iptables.service".

IPv6 rules are loaded correctly by ip6tables.service.
---
 manifests/params.pp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/manifests/params.pp b/manifests/params.pp
index 5fbe89832..e623b0b7e 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -30,14 +30,14 @@
         }
         default: {
           if versioncmp($facts['os']['release']['full'], '9') >= 0 {
-            $service_name = ['nftables','iptables']
+            $service_name = 'iptables'
             $service_name_v6 = 'ip6tables'
             $package_name = ['iptables-services', 'nftables', 'iptables-nft-services']
             $iptables_name = 'iptables-nft'
             $sysconfig_manage = false
             $firewalld_manage = true
           } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 {
-            $service_name = ['iptables', 'nftables']
+            $service_name = ['iptables']
             $service_name_v6 = 'ip6tables'
             $package_name = ['iptables-services', 'nftables']
             $iptables_name = 'iptables'