Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/voxpupuli/puppet-firewalld
Puppet module for managing firewalld
https://github.com/voxpupuli/puppet-firewalld
Co-Authored-By: Alexander Fisher <[email protected]>
6b827b46d0684d8a0bf504ab8cbfe2803a3dc928 authored over 5 years ago by djschaap <[email protected]>Fixes #191
2d49d6e29c53be0b1bd06292b9727837e1d4eea2 authored about 6 years ago by Doug Schaapveld <[email protected]>Fixing syntax in firewalld::custom_service example
3f3c3398cba9835ea7030f645d6cf70d66480dc3 authored over 6 years ago by Nick <[email protected]>Removed puppet < 4.3 support
135a0cf8f420581553f0c67bed78f151db67626b authored over 6 years ago by Craig Dunn <[email protected]>aa08d70eebaf99aef0911f8f7aefac75e5113e4c authored over 6 years ago by Craig Dunn <[email protected]>
Add validation for rich rule action
d3a8b5d1f64dcfdb5d1ad8834dd109731767e358 authored over 6 years ago by Craig Dunn <[email protected]>Ipset name can have dash
7ccf7a0abb4473d98622ea9f464a40e2152d2ffb authored over 6 years ago by Craig Dunn <[email protected]>Use types and remove validate
3d70a1dcb58ddae0e3916ae267034cd0128fd263 authored over 6 years ago by Craig Dunn <[email protected]>In a service definition, the port is optional
77bbdca88b5157749b38970f74a4183e3c66e1bd authored over 6 years ago by Craig Dunn <[email protected]>Ipset options
017e6bd1aa1d983328a402254cdeab4c6c34cc0d authored over 6 years ago by Craig Dunn <[email protected]>4b9b368124e3ad37f4a12a2b7bf231a1f05cd9eb authored over 6 years ago by Craig Dunn <[email protected]>
Add description and short option for firewalld zone
7ad9cdf88414e867950d351228fff885f6ec8be6 authored over 6 years ago by Craig Dunn <[email protected]>Add firewalld config options
e0d913d8e7973a3145e951de9a8959108307c1de authored over 6 years ago by Craig Dunn <[email protected]>42fb26925f77516d61a3ddff9e30c63680d5d41e authored over 6 years ago by Craig Dunn <[email protected]>
Add defaults for services and ports
86737d9b24a8dc7addd2142e3356ff49ecf6f6b8 authored over 6 years ago by Craig Dunn <[email protected]>Fix ordering when checking insync
05612301a015f8c959b319b0fd6f0f05c1f48530 authored over 6 years ago by Craig Dunn <[email protected]>Pin old rspec-puppet
81ca50f6cd1d0a06d935731aaa2e9cc6f4769f4a authored over 6 years ago by Craig Dunn <[email protected]>Verify if firewalld is online before self.execute_firewall_cmd
25b7778240800e6212f952c57b86bf8addd4f380 authored over 6 years ago by Jean-François Roche <[email protected]>
self.instances method on the provider class did not verify if firewalld had a
correct state befo...
Latest version (2.6.11) has a compatibility problem with 4.0
9aa9751af4af4d66b1316fef2c9bba80ab4cd60f authored over 6 years ago by Jean-Francois Roche <[email protected]>Do not check if ipset exists again
7b42412bf1deb598288172b0fcec6de62bff8664 authored over 6 years ago by Jean-François Roche <[email protected]>
If ipset is created with `instances` and `prefetch`, there is no need to
verify if the set exist...
It can be a string or a hash. We validate string content and hash
content.
+tests
ef733bb0c76d954442a1ddcd0176f4a6897fe302 authored over 6 years ago by Jean-Francois Roche <[email protected]>Add option to remove unknown ipsets
9b59f34e47620f1d01ae5ec1fafa03cdc7612a31 authored over 6 years ago by Jean-François Roche <[email protected]>This option is useful if you want to control ipsets only with puppet.
5ae166ca2293303acda986b5af920a7c5280a713 authored over 6 years ago by Jean-Francois Roche <[email protected]>
From documentation: Parameters change how Puppet manages a resource, but
do not necessarily map ...
Add new firewalld_ipset option: manage_entries
f043611594c909f6870263e453d6aee53b3ca68a authored over 6 years ago by Jean-François Roche <[email protected]>
Sometimes firewalld ipset entries are modified by another process than puppet.
If you want to de...
4924f6c336154ece58e86e55a1d450f748ada046 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Give more details about a zone
6e08dce275128529cf4f9820f0747b9e4a0f5110 authored over 6 years ago by Jean-Francois Roche <[email protected]>9faf3fd332f6b64619d23b726015e84bad643fa2 authored over 6 years ago by Jean-Francois Roche <[email protected]>
We can now declare service as a protocol without port
4ab0f5172a81417cde838e01d1a73ca622ce20e6 authored over 6 years ago by Jean-Francois Roche <[email protected]>
We parse actual ipset rules to define existing resource. We avoid
declaration of getter.
When you have a long list of ips in a set, it is easier to only show what
actually changed (remo...
/32 is stripped by ipset when the rules is created.
7dc859224dfa72bbb762fac806e18f0ea2f1ded7 authored over 6 years ago by Jean-Francois Roche <[email protected]>Define firewalld ipset options using properties:
- family
- hashsize
- maxelem
- timeout
T...
69eb4ee9fb30cd9b84e0a3d983d55be691f15551 authored over 6 years ago by Jean-Francois Roche <[email protected]>1b04338d3f95dbec4bf8cd07d89876db4aad17ac authored over 6 years ago by Jean-Francois Roche <[email protected]>
6e0561e736c3243da3db31f4385d1716b319c367 authored over 6 years ago by Jean-Francois Roche <[email protected]>
ef7c35407d54afe95e4c02cac51e7a187fadbe82 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Control CleanupOnExit, MinimalMark, Lockdown, IPv6_rpfilter
735b15029de4e6b04e67fbed27d3f9eae803e8e8 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Having to specify service/port, zone and ensure for each service or port
is highly redundant and...
`is` is not guaranteed to be sorted so we need to sort it before
comparing to `should.sort`
882e722140c0ab21a2a55f782c76b777a9c073af authored over 7 years ago by Craig Dunn <[email protected]>
f8151a5c1039a8d82ea2741ce92ec37aa374a401 authored over 7 years ago by Craig Dunn <[email protected]>
064e930be9df34048d3d62b945943c29bc062a90 authored over 7 years ago by Craig Dunn <[email protected]>
[skip ci] prepped 3.4.0
1649b845fe4ab6242e5e855c41e713b0a901667a authored over 7 years ago by Craig Dunn <[email protected]>a5000823f2628e57a75a6b88f21ad61078ebae82 authored over 7 years ago by Craig Dunn <[email protected]>
Added --set-log-denied option
17bf8d8b35b5f2108be6728d8cd8f5004babda19 authored over 7 years ago by Craig Dunn <[email protected]>2866717280184f934368253fcd3c200037508f2a authored over 7 years ago by Craig Dunn <[email protected]>
51dafa741fa9a7d1bbefee8307bb6e96f059ed3e authored over 7 years ago by Craig Dunn <[email protected]>
b48c3a776dea77a4e3485b95f99402819f6b78fd authored over 7 years ago by Craig Dunn <[email protected]>
Add creation of icmp_blocks to create method of firewalld_zone
0d9064cc19bee04ec1596f06f9d3ca76316ee353 authored over 7 years ago by Craig Dunn <[email protected]>6e0222f3fd1e70645b5033ee9c7de07a324dc58b authored over 7 years ago by Craig Dunn <[email protected]>
Closes #139
f6158adf4a966cf778152e6b86ae7fbbc53868b1 authored over 7 years ago by Craig Dunn <[email protected]>[skip ci] prepped 3.3.2
25ced22bddff17e72821d458a63d653750e726b0 authored over 7 years ago by Craig Dunn <[email protected]>Add spec test changes for fixes in #144
f49412258e7bf884573d59408fbf756b6e670220 authored over 7 years ago by Craig Dunn <[email protected]>Ensure sources always sorts alphanumerically
1a48b223a8c58ecf3944a26378474a8c5c2c77d4 authored over 7 years ago by Craig Dunn <[email protected]>Fix typos
f521fa1fb720c9295e5e20df1c308230b3addf12 authored over 7 years ago by Craig Dunn <[email protected]>9d864cdc69aef9f07fc167de5cab4cc9377a2f48 authored over 7 years ago by Craig Dunn <[email protected]>
cc25ae1204aded7d4203fe61cbb7a246a8c6aff0 authored over 7 years ago by Craig Dunn <[email protected]>
46414d766aa172c5d640613de78c5f2c25115a4b authored over 7 years ago by Craig Dunn <[email protected]>
a69198b452f60b18aa7c551ad2fa994e1d6aa54e authored over 7 years ago by Gabriel M Schuyler <[email protected]>
968336fe9a2d74e8a9e556da56a104acb2b0c5d0 authored over 7 years ago by Quien Sabe <[email protected]>
[ci skip] prepped 3.3.1
39fb0e3b04b38b17ce03bc98b106aaaf706dde57 authored over 7 years ago by Craig Dunn <[email protected]>Changed dependancy on set-default-zone exec
adf1d33d8d8de77a5002230099230cb6d614f207 authored over 7 years ago by Craig Dunn <[email protected]>037d7dca41911d6eb53d131e092104202ad41747 authored over 7 years ago by Craig Dunn <[email protected]>
9e2345233f3c1e00258aef5a9bafb64dc268e0e9 authored over 7 years ago by Craig Dunn <[email protected]>
35533e690c57fdd57d401024fbf2adec4f87dd47 authored over 7 years ago by Craig Dunn <[email protected]>
441c30319c41a555b63e03059cbd30aee6180b8d authored over 7 years ago by Craig Dunn <[email protected]>
9121279bc37e92fe685b01f9c24e29b3146127d9 authored over 7 years ago by Craig Dunn <[email protected]>
030ba99556b7f97158c1a9080ae33763d51b9b11 authored over 7 years ago by Craig Dunn <[email protected]>
69bd44dbd58f84c62a486e10004bf379c5bb4d05 authored over 7 years ago by Craig Dunn <[email protected]>
[skip-ci] : prepped 3.3.0
685fd183b468b72a607d738840f94b3861334f89 authored over 7 years ago by Craig Dunn <[email protected]>1f77ac12e71a9a4d30e67ee946b459c4f18c0ff2 authored over 7 years ago by Craig Dunn <[email protected]>
[skip-ci]: added protocol to README for rich_rules (closes #127)
2e40817e28325c7ee71d6f52b101063c31bee300 authored over 7 years ago by Craig Dunn <[email protected]>Add IPset type and provider
e09f23cf9ebf460e19366266188b0424eab9b001 authored over 7 years ago by Craig Dunn <[email protected]>Added masquerade option to firewalld_zone type
6a5d5de48c4af4ade5e506e6832c72eeb7152c7d authored over 7 years ago by Craig Dunn <[email protected]>20d9681b28911f781cb5fb327c843e1bc0ed5838 authored over 7 years ago by Craig Dunn <[email protected]>
18e09124b70c67e5d6af5e436a0bb0cd8ae8036a authored over 7 years ago by Craig Dunn <[email protected]>
c5adbf629ebe68a423487eae69cad0413dbbe9cb authored over 7 years ago by Craig Dunn <[email protected]>
a10badb67dda968397c5d81c25e3c8fe69bd535b authored over 7 years ago by Craig Dunn <[email protected]>
Closes #126
2bed510118b2d90b0879a137b0b8ee67ec4b3629 authored over 7 years ago by Craig Dunn <[email protected]>9a086929bf8150b0517dc44870db850471631dc5 authored over 7 years ago by Craig Dunn <[email protected]>
8b33dbb7fe8189e05f6c1328f15ff4074c92913a authored over 7 years ago by Craig Dunn <[email protected]>
837d2404d209d1a12d5252ab564120942edbab97 authored over 7 years ago by Craig Dunn <[email protected]>
Closes #129
0e4bde39ab9321030d34a85f5add10c45269a32e authored over 7 years ago by Craig Dunn <[email protected]>ca8be47db2503a30222e2ba0e6b234c43b3ab9c9 authored almost 8 years ago by Chuck Schweizer <[email protected]>
[ci skip] : prepped 3.2.1
55f60623c555b6482079da86a384fc07fdd856a9 authored almost 8 years ago by Craig Dunn <[email protected]>Added tests to #123
74085349dbbef5aa550d28bfbef53cbd7a1a85e8 authored almost 8 years ago by Craig Dunn <[email protected]>b8024c272d2c0522e092a5ceca7340dce316227d authored almost 8 years ago by Craig Dunn <[email protected]>
Closes #122
Closes #123
2e30eba138cdb5957394f96a8085709f42b5fb23 authored almost 8 years ago by Craig Dunn <[email protected]>
(maint) Add firewalld::service_ensure to readme
69f539b605d3303dde4ce1a282ef0076347fc742 authored almost 8 years ago by Craig Dunn <[email protected]>462e8a0d0f29d6f4a81932f84d428ac8aee9f6b7 authored almost 8 years ago by Robert Heinzmann <[email protected]>
bdebc7ffef85794c5ade2eeaf49879faaa8318c6 authored almost 8 years ago by Hunter Haugen <[email protected]>
[ci-skip]: prepped 3.2.0
e70e7ef9532495af46f1451f8dbc1bfd93c0aa49 authored almost 8 years ago by Craig Dunn <[email protected]>Evaluate target correctly when firewall-cmd --get-target doesn't use %%
3f80b28db7171a1e35fe8c4cae841908e4a8b685 authored almost 8 years ago by Craig Dunn <[email protected]>8b2d0e72d00af25db63fd268a010188623119fff authored almost 8 years ago by Craig Dunn <[email protected]>
Closes #111
https://github.com/crayfishx/puppet-firewalld/issues/111
a0b62941affc03969c8e11c1f34225d131bb1723 authored almost 8 years ago by Craig Dunn <[email protected]>Port ranges (#107) and default_zone option (#98)
bb509a1530031641d097c633281051ef27b39658 authored almost 8 years ago by Craig Dunn <[email protected]>