IP tables not updating on master #5837
Replies: 1 comment 2 replies
-
|
Have you reviewed our Firewall documentation? |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
Yes, that's what I've been using. When I remove the IP from a host group and run salt the IP is still in the iptable. Does the remove excludehost work on custom hostgroups? |
Beta Was this translation helpful? Give feedback.
-
Have you tried it? |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
When I run:
sudo salt _ state.apply firewall
The command appends to the iptable rather than updateing. Which can cause issues..
Such as if I add an IP to portgroup:all then change IP portgroup to portgroup:syslog; it doesn't remove the allow all from the iptable. That means the IP still has access to all ports on the master.
How can I prevent this from happening and regenerate the iptable each time the command is ran.
Beta Was this translation helpful? Give feedback.
All reactions