search

chef-cookbooks / iptables

Development repository for Chef Cookbook iptables
https://supermarket.chef.io/cookbooks/iptables
Apache License 2.0
102 stars 141 forks source link

Doesn't work on ubuntu bionic with netplan #104

Closed lneva-fastly closed 3 years ago

lneva-fastly commented 4 years ago

Cookbook version

4.5.0, master

Chef-client version

14.8.12

Platform Details

Brand new minimal Ubuntu Bionic installation.

Scenario:

Basic usage (any).

Steps to Reproduce:

Try any standard example.

Expected Result:

It should work.

Actual Result:

Chef errors out when iptables::default tries to write to /etc/network/if-pre-up.d/iptables_load because that directory does not exist by default. Ubuntu switched to netplan instead of ifupdown.

Discussion

See #103 for more details on what's going on here. It looks like this cookbook doesn't even need to write a hook into if-pre-up.d anymore.

Workaround

Create the directory /etc/network/if-pre-up.d and let the cookbook install the obselete iptables_load hook there. It won't ever be triggered on a host with netplan, and it wouldn't work anyway because /etc/iptables/general doesn't exist.

xorima commented 3 years ago

Hey, since @bmhughes put in a fix in #109 can you check if this is still an issue?