chore: add pass analyzers to arp preflights

replicatedhq · Nov 13, 2024 · 3735481 · 3735481
1 parent a5c30aa
commit 3735481
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/pkg/preflights/host-preflight.yaml b/pkg/preflights/host-preflight.yaml
@@ -841,21 +841,33 @@ spec:
           - fail:
               when: 'net.ipv4.conf.default.arp_filter > 0'
               message: "ARP filtering must be disabled by default for newly created interfaces on the host. To disable it, edit /etc/sysctl.conf, add the line 'net.ipv4.conf.default.arp_filter=0', and run 'sudo sysctl -p'."
+          - pass:
+              when: 'net.ipv4.conf.default.arp_filter == 0'
+              message: "ARP filtering is disabled by default for newly created interfaces on the host."
     - sysctl:
         checkName: "ARP Filter value for all interfaces"
         outcomes:
           - fail:
               when: 'net.ipv4.conf.all.arp_filter > 0'
               message: "ARP filtering must be disabled for all interfaces on the host. To disable it, edit /etc/sysctl.conf, add the line 'net.ipv4.conf.all.arp_filter=0', and run 'sudo sysctl -p'."
+          - pass:
+              when: 'net.ipv4.conf.all.arp_filter == 0'
+              message: "ARP filtering is disabled for all interfaces on the host."
     - sysctl:
         checkName: "ARP Ignore default value for newly created interfaces"
         outcomes:
           - fail:
               when: 'net.ipv4.conf.default.arp_ignore > 0'
               message: "ARP ignore must be disabled by default for newly created interfaces on the host. To disable it, edit /etc/sysctl.conf, add the line 'net.ipv4.conf.default.arp_ignore=0', and run 'sudo sysctl -p'."
+          - pass:
+              when: 'net.ipv4.conf.default.arp_ignore == 0'
+              message: "ARP ignore is disabled by default for newly created interfaces on the host."
     - sysctl:
         checkName: "ARP Ignore value for all interfaces"
         outcomes:
           - fail:
               when: 'net.ipv4.conf.all.arp_ignore > 0'
               message: "ARP ignore must be disabled for all interfaces on the host. To disable it, edit /etc/sysctl.conf, add the line 'net.ipv4.conf.all.arp_ignore=0', and run 'sudo sysctl -p'."
+          - pass:
+              when: 'net.ipv4.conf.all.arp_ignore == 0'
+              message: "ARP ignore is disabled for all interfaces on the host."