Merge branch 'firewall_fixes' into 'master'

Firewall fixes See merge request !42

Merge branch 'firewall_fixes' into 'master'
Firewall fixes See merge request !42
1833db09 · m.pausch · 66b0927a · 7aa600dc · 1833db09 · 1833db09
Commit 1833db09 authored Mar 28, 2022 by m.pausch
--- a/metadata.rb
+++ b/metadata.rb
@@ -16,4 +16,4 @@ supports         'debian'
 depends          'line', '< 1.0'
 depends          'chef-vault'

-version          '1.64.0'
+version          '1.64.1'
--- a/recipes/firewall.rb
+++ b/recipes/firewall.rb
@@ -51,6 +51,7 @@ end

 # allow established connections
 firewall_rule 'established' do
+  position 40
  stateful [:related, :established]
  protocol :none # explicitly don't specify protocol
  command :allow

--- a/resources/firewall.rb
+++ b/resources/firewall.rb
@@ -79,7 +79,7 @@ if Gem::Requirement.new('>= 12.15').satisfied_by?(Gem::Version.new(Chef::VERSION
  end

  action :rebuild do
-    return if !managed?
+    return unless managed?

    ensure_default_rules_exist(node, new_resource)
    # prints all the firewall rules

--- a/resources/firewall_rule.rb
+++ b/resources/firewall_rule.rb
@@ -94,13 +94,14 @@ if Gem::Requirement.new('>= 12.15').satisfied_by?(Gem::Version.new(Chef::VERSION

  action :create do
    return if return_early?(new_resource)
+    fwr = build_firewall_rule(new_resource)

    with_run_context :root do
      begin
        edit_resource!('sys_firewall', new_resource.firewall_name) do |fw_rule|
          r = rules.dup || {}
          r.merge!({
-            build_firewall_rule(fw_rule) => fw_rule.position
+            fwr => fw_rule.position
          })
          rules(r)
          delayed_action :rebuild