search

sous-chefs / firewall

Development repository for the firewall cookbook
https://supermarket.chef.io/cookbooks/firewall
Apache License 2.0
99 stars 150 forks source link

Windows Server 2012 R2 - undefined method `source_interface' for Chef::Resource::FirewallRule #123

Closed chekkan closed 8 years ago

chekkan commented 8 years ago

I am getting the following error when running firewall resources. Anyone else came across this issue before? Any help will be appreciated.

I am using version '~> 2.4.0'

* firewall[default] action restart[2016-02-26T13:35:28+00:00] INFO: Processing firewall[default] actio
n restart (mobility_bi::firewall line 7)                                                                       

================================================================================                    
Error executing action `restart` on resource 'firewall[default]'                                    
================================================================================                    

NoMethodError                                                                                       
-------------                                                                                       
undefined method `source_interface' for Chef::Resource::FirewallRule                                

Resource Declaration:                                                                               
---------------------                                                                               
# In C:/Users/vagrant/AppData/Local/Temp/kitchen/cache/cookbooks/mobility_bi/recipes/firewall.rb    

 7: firewall 'default'                                                                             
 8:                                                                                                

Compiled Resource:                                                                                  
------------------                                                                                  
# Declared in C:/Users/vagrant/AppData/Local/Temp/kitchen/cache/cookbooks/mobility_bi/recipes/firewa
ll.rb:7:in `from_file'                                                                                         

firewall("default") do                                                                              
   action [:install]                                                                                 
   updated true                                                                                      
   retries 0                                                                                         
   retry_delay 2                                                                                     
   default_guard_interpreter :default                                                                
   declared_type :firewall                                                                           
   cookbook_name "mobility_bi"                                                                       
   recipe_name "firewall"                                                                            
   enabled true                                                                                      
   rules {"windows"=>{"firewall add rule name=\"RPC Port Range In\" description=\"RPC Port Range In\"
   dir=in service=any protocol=tcp localip=any localport=5000-5100 interfacetype=any remoteip=any remoteport=any 
  action=allow"=>50}}                                                                                            
end
martinb3 commented 8 years ago

Hi there -- the resource parameters are:

    attribute(:source, callbacks: { 'must be a valid ip address' => ->(ip) { !!IPAddr.new(ip) } })
    attribute(:source_port, kind_of: [Integer, Array, Range]) # source port
    attribute(:interface, kind_of: String)

I don't see source_interface as one of the valid ones. Did that come from an example somewhere?

chekkan commented 8 years ago

Hi @martinb3 thanks for the quick reply. I was following the example on the Readme.md file for port range. I did not want to restrict this firewall rule to any particular ip address. My resource declaration looks like so

firewall_rule 'RPC Port Range In' do
  port 5000..5100
  protocol :tcp
  command :allow
  direction :in
end
martinb3 commented 8 years ago

This definitely looks like a bug. Bear with me to fix it :)

martinb3 commented 8 years ago

@chekkan I'm not able to reproduce this when I converge the same rule. Are you sure you aren't using direction :out?

martinb3 commented 8 years ago

Hi -- I've committed a fix for the issue when direction :out is set -- could you try master and let me know if it resolves your issue? Thanks!

chekkan commented 8 years ago

thanks @martinb3 i just tested with version 2.5.0 and it works as expected.