IP tables not updating on master #5837
Replies: 1 comment 2 replies
-
|
Have you reviewed our Firewall documentation? |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
Yes, that's what I've been using. When I remove the IP from a host group and run salt the IP is still in the iptable. Does the remove excludehost work on custom hostgroups? |
Beta Was this translation helpful? Give feedback.
-
Have you tried it? |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
When I run:
sudo salt _ state.apply firewall
The command appends to the iptable rather than updateing. Which can cause issues..
Such as if I add an IP to portgroup:all then change IP portgroup to portgroup:syslog; it doesn't remove the allow all from the iptable. That means the IP still has access to all ports on the master.
How can I prevent this from happening and regenerate the iptable each time the command is ran.
Beta Was this translation helpful? Give feedback.
All reactions