tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Don't set empty $firewall_modules to prevent unnecessary iptables restart

Browse source
This commit is contained in:
Ossi Salmi 2012-11-16 19:09:02 +02:00
parent 170c882b18
commit 1706aee7af
1 changed files with 2 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
firewall/manifests/init.pp
View file

@ -30,9 +30,6 @@ class firewall {
if ! $firewall_rules {
$firewall_rules = []
}
if ! $firewall_modules {
$firewall_modules = []
}
case $operatingsystem {
centos,debian,fedora,ubuntu: {
@ -125,10 +122,10 @@ class firewall::common::iptables {
require => Package["iptables"],
}
if $firewall_modules {
$firewall_modules_str = inline_template('\'"<%= @firewall_modules.join(" ") -%>"\'')
$firewall_modules_str = inline_template('<%= @firewall_modules.join(" ") -%>')
augeas { "iptables-config":
context => "/files/etc/sysconfig/iptables-config",
changes => [ "set IPTABLES_MODULES ${firewall_modules_str}" ],
changes => [ "set IPTABLES_MODULES '${firewall_modules_str}'" ],
notify => Service["iptables"],
}
}