Open qha opened 2 years ago
firewalld_rich_rule { 'Demo': ensure => present, zone => 'fudge, masquerade => true, dest => { 'address' => '192.0.2.0/24' }, action => 'accept', }
Applying the catalog fails and when trying the command manually firewall-cmd notes that masqerade and action is not valid in the same rule:
Error: Execution of '/bin/firewall-cmd --permanent --zone fudge --add-rich-rule rule family="ipv4" destination address="192.0.2.0/24" masquerade accept' returned 122: Error: /Stage[main]/Demo/Firewalld_rich_rule[Demo]/ensure: change from 'absent' to 'present' failed: Execution of '/bin/firewall-cmd --permanent --zone fudge --add-rich-rule rule family="ipv4" destination address="192.0.2.0/24"" masquerade accept' returned 122: (corrective) # /bin/firewall-cmd --permanent --zone fudge --add-rich-rule 'rule family="ipv4" destination address="192.0.2.0/24" masquerade accept' Error: INVALID_RULE: masquerade and action
I expected the validate function of firewalld_rich_rule to make catalog compilation fail with some informative message.
See above.
firewalld.richlanguage(5) notes under the "Masquerade" heading "It is not allowed to specify an action here."
Affected Puppet, Ruby, OS and module versions/distributions
How to reproduce (e.g Puppet code you use)
What are you seeing
Applying the catalog fails and when trying the command manually firewall-cmd notes that masqerade and action is not valid in the same rule:
What behaviour did you expect instead
I expected the validate function of firewalld_rich_rule to make catalog compilation fail with some informative message.
Output log
See above.
Any additional information you'd like to impart
firewalld.richlanguage(5) notes under the "Masquerade" heading "It is not allowed to specify an action here."