System:
Debian GNU/Linux 8.6 (jessie)
salt-master 2016.3.3 (Boron)
salt-minion 2016.3.3 (Boron)
Trying to add an icmp rule will result in an error message.
init.sls
INPUT:
iptables.chain_present:
- table: filter
- family: ipv4
icmp:
iptables.insert:
- table: filter
- chain: INPUT
- jump: ACCEPT
- proto: icmp
- position: 1
- save: True
- require:
- iptables: INPUT
Error Message:
ID: icmp
Function: iptables.insert
Result: False
Comment: Failed to set iptables rule for icmp.
Attempted rule was /sbin/iptables -t filter -I INPUT 1 -p icmp -m icmp --jump ACCEPT
I also tried following:
icmp:
iptables.append:
- table: filter
- chain: INPUT
- jump: ACCEPT
- proto: icmp
- save: True
... but it's the same:
ID: icmp
Function: iptables.append
Result: False
Comment: Failed to set iptables rule for icmp.
Attempted rule was /sbin/iptables -t filter -A INPUT -p icmp -m icmp --jump ACCEPT for ipv4
Has anyone an idea?
I reinstalled the problematic minions and this solves the problem.
And additionally on one of the minions there was an older saltstack version which causes the problem.