tripleo-image-elements

History

Michele Baldessari 48c2a3f7ce Add a script to zero /etc/sysconfig/iptables at build time When including this element we empty the stock /etc/sysconfig/iptables file as shipped by the iptables rpm package. The reason for this is that puppet firewall has a hard time to cope with exiting rules when /etc/sysconfig/iptables is populated and the iptables service is not active. The referenced bug has a full explanation for the problem. Partial-Bug: #1657108 Change-Id: Iddc21316a1a3d42a1a43cbb4b9c178adba8f8db3		2017-01-19 20:02:01 +01:00
..
bin	Support RedHatEnterpriseWorkstation in add-rule	2014-12-23 09:49:27 -05:00
install.d	Add a script to zero /etc/sysconfig/iptables at build time	2017-01-19 20:02:01 +01:00
pre-install.d	Disable save of iptables on package install	2014-11-19 20:22:55 +00:00
README.md	Adds iptables element	2014-01-17 09:18:19 -05:00
svc-map	Fix incorrect service name on Debian in `add-rule`	2014-11-10 18:53:30 +00:00

README.md

##iptables

This element installs a single script that consolidates the logic required to handle inserting iptables rules. This script uses the check (-C) argument to check whether a rule matching the specification does exist in the selected chain before inserting it.

RULE: The rule to insert into iptables