Page MenuHomePhabricator
Create Task
Maniphest T141957

ferm rules on icinga are broken,
Closed, ResolvedPublic
Actions

Description

i made some changes that were supposed to edit ferm rules on neon (icinga).

they did not get applied after merge.. i was checking why

i noticed that the code snippets in /etc/ferm/conf.d/ got created but the actual iptables rules did _not_ get updated

(there was no puppet fail !)

i tried to manually restart the ferm service and got this unrelated error.

the firewall.pp file has been touched last in January and that did not even change this network name.

 * Reloading Firewall configuration...                                            Error in /etc/ferm/conf.d/10_ncsa_allowed line 13:
        chain INPUT 
        { 
            saddr 
            ( 
                127.0.0.1 $ EQIAD_PRIVATE_ANALYTICS1_A_EQIAD $ EQIAD_PRIVATE_ANALYTICS1_B_EQIAD $ EQIAD_PRIVATE_ANALYTICS1_C_EQIAD $ EQIAD_PRIVATE_ANALYTICS1_D_EQIAD $ EQIAD_PRIVATE_LABS_HOSTS1_A_EQIAD <--
no such variable: $EQIAD_PRIVATE_LABS_HOSTS1_A_EQIAD

what happened?

Related Objects

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL