search

voxpupuli / puppet-firewalld

Puppet module for managing firewalld
Apache License 2.0
40 stars 77 forks source link

enable ping/icmp for ipv6? #323

Closed ghost closed 1 year ago

ghost commented 2 years ago

Hi,

I looked at the docs, but I can't figure out how to enable icmp/echo-reply for ipv6?

firewalld_rich_rule { 'Accept icmpv4':
    ensure => present,
    zone   => 'public',
    protocol => icmp,
    action  => 'accept',
  }
  firewalld_rich_rule { 'Accept icmpv6':
    ensure => present,
    zone   => 'public',
    protocol => icmp,
    action  => 'accept',
    family => 'ipv6',
  }

That are my two rules, it works for ipv4, but not for ipv6, I get no errors, it just doesn't work! how do I fix that? I tried changing service to icmpv6 but that didn't work at all.

It would be great if icmp could be configured as a global rule when loading the firewalld module, I always want echo-reply to be active, otherwise I get confused and think the host is down.

KarimChaouch commented 1 year ago

Hello, Try protocol => ipv6-icmp