系统:
Debian GNU/Linux 8.6 (jessie)
salt-master 2016.3.3 (Boron)
salt-minion 2016.3.3 (Boron)
尝试添加 icmp 规则将导致错误消息。
初始化文件
INPUT:
iptables.chain_present:
- table: filter
- family: ipv4
icmp:
iptables.insert:
- table: filter
- chain: INPUT
- jump: ACCEPT
- proto: icmp
- position: 1
- save: True
- require:
- iptables: INPUT
错误信息:
ID: icmp
Function: iptables.insert
Result: False
Comment: Failed to set iptables rule for icmp.
Attempted rule was /sbin/iptables -t filter -I INPUT 1 -p icmp -m icmp --jump ACCEPT
我还尝试了以下操作:
icmp:
iptables.append:
- table: filter
- chain: INPUT
- jump: ACCEPT
- proto: icmp
- save: True
...但都是一样的:
ID: icmp
Function: iptables.append
Result: False
Comment: Failed to set iptables rule for icmp.
Attempted rule was /sbin/iptables -t filter -A INPUT -p icmp -m icmp --jump ACCEPT for ipv4
有人有想法吗?
答案1
我重新安装了有问题的 minions,问题就解决了。
此外,其中一个 minion 上有一个较旧的 saltstack 版本,这导致了这个问题。