Disable firewalld on centos7 and greater
Firewalld is enabled by default on centos7. Unfortunately iptables-service and firewalld appear to confuse each other resulting in no firewall rules at all. Fix this by disabling firewalld allowing iptables-service to be in charge and apply the rules it has configured. Change-Id: I0089502b134c91ef2e8d11cef1e016ce314ecf96
This commit is contained in:
parent
a2d7123013
commit
7503162cc4
|
@ -39,6 +39,17 @@ class iptables(
|
|||
enable => true,
|
||||
}
|
||||
$notify_iptables = Service['iptables']
|
||||
|
||||
# On centos 7 firewalld and iptables-service confuse each other and you
|
||||
# end up with no firewall rules at all. Disable firewalld so that
|
||||
# iptables-service can be in charge.
|
||||
if ($::osfamily == 'RedHat' and $::operatingsystemmajrelease >= '7') {
|
||||
service { 'firewalld':
|
||||
ensure => 'stopped',
|
||||
enable => false,
|
||||
before => Package['iptables'],
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
file { $::iptables::params::rules_dir:
|
||||
|
|
Loading…
Reference in New Issue