Open
Description
Describe the Bug
After testing latest version of firewall module i've noticed that puppet applies catalog significantly longer compared to the previous version.
After a bit of strace it looks like new version makes several iptables-save calls every time it applies each rule.
Old version
~# grep -c "execve(\"/usr/sbin/iptables-save" strace1.out
60
New version
~# grep -c "execve(\"/usr/sbin/iptables-save" strace2.out
296
For some machines catalog application time increased more than 2x (from 50 to 120 seconds, for example).
Expected Behavior
Firewall resource should not make multiple iptables-save calls for each rule.
Environment
- Version [3.1.0 and 8.0.1]
- Platform [Ubuntu 20.04]
Additional Context
It is related to #1100