Created
February 28, 2013 19:52
-
-
Save blkperl/5059555 to your computer and use it in GitHub Desktop.
Invalid address from IPAddr.new puppet errors
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# puppet agent --test --environment=blkperl_firewall2 --noop | |
[..] | |
Error: Could not prefetch firewall provider 'iptables': Invalid address from IPAddr.new: ! | |
Error: /Firewall[241 ipv4 deny vnc ports for all]: Could not evaluate: Invalid address from IPAddr.new: ! | |
Error: /Firewall[240 ipv4 allow vnc ports for localhost]: Could not evaluate: Invalid address from IPAddr.new: ! | |
Error: /Firewall[240 ipv4 allow all ports for 208]: Could not evaluate: Invalid address from IPAddr.new: ! | |
Error: /Firewall[240 ipv4 allow all ports for 10 net]: Could not evaluate: Invalid address from IPAddr.new: ! | |
Error: /Firewall[240 ipv4 allow vnc ports for webmgr]: Could not evaluate: Invalid address from IPAddr.new: ! | |
[..] | |
# iptables -L | |
Chain INPUT (policy ACCEPT) | |
target prot opt source destination | |
ACCEPT tcp -- 10.0.0.0/8 anywhere multiport dports 10500:14000 /* 240 ipv4 allow all ports for 10 net */ | |
ACCEPT tcp -- 131.252.208.0/24 anywhere multiport dports 10500:14000 /* 240 ipv4 allow all ports for 208 */ | |
ACCEPT tcp -- localhost.localdomain anywhere multiport dports 10500:14000 /* 240 ipv4 allow vnc ports for localhost */ | |
ACCEPT tcp -- mist.cat.pdx.edu anywhere multiport dports 10500:14000 /* 240 ipv4 allow vnc ports for webmgr */ | |
DROP tcp -- anywhere anywhere multiport dports 10500:14000 /* 241 ipv4 deny vnc ports for all */ | |
DROP tcp -- anywhere anywhere multiport dports 10500:14000 /* 241 ipv6 deny vnc ports for all */ | |
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh | |
ACCEPT udp -- anywhere anywhere udp dpt:domain | |
ACCEPT tcp -- anywhere anywhere tcp dpt:domain | |
ACCEPT udp -- anywhere anywhere udp dpt:bootps | |
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps | |
Chain FORWARD (policy ACCEPT) | |
target prot opt source destination | |
ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED | |
ACCEPT all -- 192.168.122.0/24 anywhere | |
ACCEPT all -- anywhere anywhere | |
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable | |
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable | |
Chain OUTPUT (policy ACCEPT) | |
target prot opt source destination | |
Chain fail2ban-ssh (1 references) | |
target prot opt source destination | |
RETURN all -- anywhere anywhere |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment