我在“ dservice”个人资料中使用了puppet module to handle firewalld。跑木偶时似乎创建了规则:
Notice: /Stage[main]/Profile::dservice/Firewalld_port[Open port 1337 in the public zone]/ensure: created
但是当我用netstat -tulpn命令检查时,端口似乎没有打开:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 655/rpcbind
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 14439/named
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1507/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1031/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1029/cupsd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 14439/named
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1511/master
tcp6 0 0 :::111 :::* LISTEN 655/rpcbind
tcp6 0 0 ::1:53 :::* LISTEN 14439/named
tcp6 0 0 :::22 :::* LISTEN 1031/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1029/cupsd
tcp6 0 0 ::1:953 :::* LISTEN 14439/named
tcp6 0 0 ::1:25 :::* LISTEN 1511/master
udp 0 0 0.0.0.0:5353 0.0.0.0:* 681/avahi-daemon: r
udp 0 0 0.0.0.0:58682 0.0.0.0:* 681/avahi-daemon: r
udp 0 0 127.0.0.1:323 0.0.0.0:* 663/chronyd
udp 0 0 0.0.0.0:822 0.0.0.0:* 655/rpcbind
udp 0 0 127.0.0.1:53 0.0.0.0:* 14439/named
udp 0 0 192.168.122.1:53 0.0.0.0:* 1507/dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 1507/dnsmasq
udp 0 0 0.0.0.0:68 0.0.0.0:* 13374/dhclient
udp 0 0 0.0.0.0:111 0.0.0.0:* 655/rpcbind
udp6 0 0 ::1:323 :::* 663/chronyd
udp6 0 0 :::822 :::* 655/rpcbind
udp6 0 0 ::1:53 :::* 14439/named
udp6 0 0 :::111 :::* 655/rpcbind
包括防火墙模块的我的代码dservice配置文件。尝试使用include ::firewalld和不使用它。这是个人资料:
class profile::dservice {
include helloworld
include ::firewalld
firewalld_port { 'Open port 1337 in the public zone':
ensure => present,
zone => 'public',
port => 1337,
protocol => 'tcp',
}
}
我已经重新启动防火墙服务并重新检查。结果还是一样。