explicitly do AAAA lookups even if IPv6 is unavailable

Resolv will only return IPv6 records if there is a local IPv6 address,
and this is problematic since the agent may be in a completely different
situation than the master - where this code runs.

Author: kjetilho

lib/puppet_x/puppetlabs/firewall/utility.rb

@@ -93,27 +93,29 @@ def self.host_to_ip(value, proto = nil)
       begin
         value = PuppetX::Firewall::IPCidr.new(value)
       rescue StandardError
-        family = case proto
-                 when 'IPv4', 'iptables'
-                   Socket::AF_INET
-                 when 'IPv6', 'ip6tables'
-                   Socket::AF_INET6
-                 when nil
-                   raise ArgumentError, 'Proto must be specified for a hostname'
-                 else
-                   raise ArgumentError, "Unsupported address family: #{proto}"
-                 end
+        case proto
+        when 'IPv4', 'iptables'
+          family = Socket::AF_INET
+          rr = Resolv::DNS::Resource::IN::A
+        when 'IPv6', 'ip6tables'
+          family = Socket::AF_INET6
+          rr = Resolv::DNS::Resource::IN::AAAA
+        when nil
+          raise ArgumentError, 'Proto must be specified for a hostname'
+        else
+          raise ArgumentError, "Unsupported address family: #{proto}"
+        end
 
         new_value = nil
-        Resolv.each_address(value) do |addr|
+        Resolv::DNS.new.each_resource(value, rr) do |addr|
           begin # rubocop:disable Style/RedundantBegin
-            new_value = PuppetX::Firewall::IPCidr.new(addr, family)
+            new_value = PuppetX::Firewall::IPCidr.new(addr.address.to_s, family)
             break
           rescue StandardError # looking for the one that works # rubocop:disable Lint/SuppressedException
           end
         end
 
-        raise "Failed to resolve hostname #{value}" if new_value.nil?
+        raise "Failed to resolve hostname #{proto} #{value}" if new_value.nil?
 
         value = new_value
       end