Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/voxpupuli/puppet-firewalld

Puppet module for managing firewalld
https://github.com/voxpupuli/puppet-firewalld

Update metadata.json to allow stdlib 6.x

Co-Authored-By: Alexander Fisher <[email protected]>

6b827b46d0684d8a0bf504ab8cbfe2803a3dc928 authored over 5 years ago by djschaap <[email protected]>
Allow puppetlabs-stdlib < 6.0.0

Fixes #191

2d49d6e29c53be0b1bd06292b9727837e1d4eea2 authored about 6 years ago by Doug Schaapveld <[email protected]>
Update README.md custom_service example

Fixing syntax in firewalld::custom_service example

3f3c3398cba9835ea7030f645d6cf70d66480dc3 authored over 6 years ago by Nick <[email protected]>
Merge pull request #184 from crayfishx/remove_puppet_43

Removed puppet < 4.3 support

135a0cf8f420581553f0c67bed78f151db67626b authored over 6 years ago by Craig Dunn <[email protected]>
Removed puppet < 4.3 support

aa08d70eebaf99aef0911f8f7aefac75e5113e4c authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #174 from jfroche/enhancement/validate-rich-rule-action

Add validation for rich rule action

d3a8b5d1f64dcfdb5d1ad8834dd109731767e358 authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #173 from jfroche/feature/enable-dash-in-ipset-name

Ipset name can have dash

7ccf7a0abb4473d98622ea9f464a40e2152d2ffb authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #172 from jfroche/enhancement/remove_validate

Use types and remove validate

3d70a1dcb58ddae0e3916ae267034cd0128fd263 authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #171 from jfroche/feature/optional_port

In a service definition, the port is optional

77bbdca88b5157749b38970f74a4183e3c66e1bd authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #170 from jfroche/ipset-options

Ipset options

017e6bd1aa1d983328a402254cdeab4c6c34cc0d authored over 6 years ago by Craig Dunn <[email protected]>
Merge branch 'master' into ipset-options

4b9b368124e3ad37f4a12a2b7bf231a1f05cd9eb authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #169 from jfroche/add-service-description-short

Add description and short option for firewalld zone

7ad9cdf88414e867950d351228fff885f6ec8be6 authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #168 from jfroche/add-firewalld-config-options

Add firewalld config options

e0d913d8e7973a3145e951de9a8959108307c1de authored over 6 years ago by Craig Dunn <[email protected]>
Merge branch 'master' into add-firewalld-config-options

42fb26925f77516d61a3ddff9e30c63680d5d41e authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #167 from michaelweiser/defaults

Add defaults for services and ports

86737d9b24a8dc7addd2142e3356ff49ecf6f6b8 authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #166 from markeganfuller/fix_ordering

Fix ordering when checking insync

05612301a015f8c959b319b0fd6f0f05c1f48530 authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #179 from jfroche/bug/fix-puppet40-tests

Pin old rspec-puppet

81ca50f6cd1d0a06d935731aaa2e9cc6f4769f4a authored over 6 years ago by Craig Dunn <[email protected]>
Merge pull request #6 from jfroche/bug/ipset-check-firewalld-enabled

Verify if firewalld is online before self.execute_firewall_cmd

25b7778240800e6212f952c57b86bf8addd4f380 authored over 6 years ago by Jean-François Roche <[email protected]>
Verify if firewalld is online before self.execute_firewall_cmd

self.instances method on the provider class did not verify if firewalld had a
correct state befo...

eece5e77bcbc4ca98aa2e13a1e9edc1df54b5978 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Pin old rspec-puppet

Latest version (2.6.11) has a compatibility problem with 4.0

9aa9751af4af4d66b1316fef2c9bba80ab4cd60f authored over 6 years ago by Jean-Francois Roche <[email protected]>
Merge pull request #5 from jfroche/enhancement/ipset-exists-speedup

Do not check if ipset exists again

7b42412bf1deb598288172b0fcec6de62bff8664 authored over 6 years ago by Jean-François Roche <[email protected]>
Do not check if ipset exists again

If ipset is created with `instances` and `prefetch`, there is no need to
verify if the set exist...

dc0247f92306f597692149417c8eb856616729fc authored over 6 years ago by Jean-Francois Roche <[email protected]>
Add validation for rich rule action

It can be a string or a hash. We validate string content and hash
content.

+tests

ef733bb0c76d954442a1ddcd0176f4a6897fe302 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Merge pull request #2 from jfroche/feature/purge-unknown-ipset

Add option to remove unknown ipsets

9b59f34e47620f1d01ae5ec1fafa03cdc7612a31 authored over 6 years ago by Jean-François Roche <[email protected]>
Add option to remove unknown ipsets

This option is useful if you want to control ipsets only with puppet.

5ae166ca2293303acda986b5af920a7c5280a713 authored over 6 years ago by Jean-Francois Roche <[email protected]>
manage_entries should be a parameter

From documentation: Parameters change how Puppet manages a resource, but
do not necessarily map ...

ad8edb438350ac8043e10d45f8c3729ff6355973 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Merge pull request #1 from jfroche/feature/manage-ipset-entries-option

Add new firewalld_ipset option: manage_entries

f043611594c909f6870263e453d6aee53b3ca68a authored over 6 years ago by Jean-François Roche <[email protected]>
Add new firewalld_ipset option: `manage_entries`

Sometimes firewalld ipset entries are modified by another process than puppet.
If you want to de...

d97ea56daedbd996c162919a4d1707c1b6e14714 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Ipset name can have dash

4924f6c336154ece58e86e55a1d450f748ada046 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Add description and short option for zone

Give more details about a zone

6e08dce275128529cf4f9820f0747b9e4a0f5110 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Use types and remove validate

9faf3fd332f6b64619d23b726015e84bad643fa2 authored over 6 years ago by Jean-Francois Roche <[email protected]>
In a service definition, the port is optional

We can now declare service as a protocol without port

4ab0f5172a81417cde838e01d1a73ca622ce20e6 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Use instances & prefetch to define ipset state

We parse actual ipset rules to define existing resource. We avoid
declaration of getter.

0b3fe0232848c305960b53b22108d417d2fff18e authored over 6 years ago by Jean-Francois Roche <[email protected]>
Improve logging of the ipset member changes

When you have a long list of ips in a set, it is easier to only show what
actually changed (remo...

3b9423631e66f6f7b1918e06e4ac19018189f6a2 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Remove /32 as they get removed by ipset

/32 is stripped by ipset when the rules is created.

7dc859224dfa72bbb762fac806e18f0ea2f1ded7 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Add new options

Define firewalld ipset options using properties:

- family
- hashsize
- maxelem
- timeout

T...

69eb4ee9fb30cd9b84e0a3d983d55be691f15551 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Add constraint for ipset types

1b04338d3f95dbec4bf8cd07d89876db4aad17ac authored over 6 years ago by Jean-Francois Roche <[email protected]>
Fix ipset documentation

6e0561e736c3243da3db31f4385d1716b319c367 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Fix lint

ef7c35407d54afe95e4c02cac51e7a187fadbe82 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Add firewalld options

Control CleanupOnExit, MinimalMark, Lockdown, IPv6_rpfilter

735b15029de4e6b04e67fbed27d3f9eae803e8e8 authored over 6 years ago by Jean-Francois Roche <[email protected]>
Add defaults for services and ports

Having to specify service/port, zone and ensure for each service or port
is highly redundant and...

2d1e74650a8cacf29c5de40feacd135f0dd58e63 authored over 6 years ago by Michael Weiser <[email protected]>
Fix ordering when checking insync

`is` is not guaranteed to be sorted so we need to sort it before
comparing to `should.sort`

f8a90d649ca105a71eb1f3606367bf71190a2e62 authored almost 7 years ago by Mark Egan-Fuller <[email protected]>
[skip ci] compatibility with Puppet 5.0 added

882e722140c0ab21a2a55f782c76b777a9c073af authored over 7 years ago by Craig Dunn <[email protected]>
changed travis coverage

f8151a5c1039a8d82ea2741ce92ec37aa374a401 authored over 7 years ago by Craig Dunn <[email protected]>
changed travis coverage

064e930be9df34048d3d62b945943c29bc062a90 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #158 from crayfishx/release/3.4.0

[skip ci] prepped 3.4.0

1649b845fe4ab6242e5e855c41e713b0a901667a authored over 7 years ago by Craig Dunn <[email protected]>
[skip ci] prepped 3.4.0

a5000823f2628e57a75a6b88f21ad61078ebae82 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #156 from crayfishx/feature/log_denied

Added --set-log-denied option

17bf8d8b35b5f2108be6728d8cd8f5004babda19 authored over 7 years ago by Craig Dunn <[email protected]>
Test additions for log_denied and set_default_zone

2866717280184f934368253fcd3c200037508f2a authored over 7 years ago by Craig Dunn <[email protected]>
Added --set-log-denied option

51dafa741fa9a7d1bbefee8307bb6e96f059ed3e authored over 7 years ago by Craig Dunn <[email protected]>
[skip ci] removed network from metadata, forge quality score improvement

b48c3a776dea77a4e3485b95f99402819f6b78fd authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #150 from crayfishx/bug/create_icmp_groups

Add creation of icmp_blocks to create method of firewalld_zone

0d9064cc19bee04ec1596f06f9d3ca76316ee353 authored over 7 years ago by Craig Dunn <[email protected]>
[skip ci] updated CHANGELOG

6e0222f3fd1e70645b5033ee9c7de07a324dc58b authored over 7 years ago by Craig Dunn <[email protected]>
Add creation of icmp_blocks to create method of firewalld_zone

Closes #139

f6158adf4a966cf778152e6b86ae7fbbc53868b1 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #149 from crayfishx/release/3.3.2

[skip ci] prepped 3.3.2

25ced22bddff17e72821d458a63d653750e726b0 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #148 from crayfishx/pr/144

Add spec test changes for fixes in #144

f49412258e7bf884573d59408fbf756b6e670220 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #147 from crayfishx/bug/sort_sources

Ensure sources always sorts alphanumerically

1a48b223a8c58ecf3944a26378474a8c5c2c77d4 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #145 from gabe-sky/fix_typos

Fix typos

f521fa1fb720c9295e5e20df1c308230b3addf12 authored over 7 years ago by Craig Dunn <[email protected]>
[skip ci] prepped 3.3.2

9d864cdc69aef9f07fc167de5cab4cc9377a2f48 authored over 7 years ago by Craig Dunn <[email protected]>
fixed spec tests for changes in #144

cc25ae1204aded7d4203fe61cbb7a246a8c6aff0 authored over 7 years ago by Craig Dunn <[email protected]>
ensure that the sources attribute in the firewalld_zone provider always returns in alphanumeric order

46414d766aa172c5d640613de78c5f2c25115a4b authored over 7 years ago by Craig Dunn <[email protected]>
Fix typos

a69198b452f60b18aa7c551ad2fa994e1d6aa54e authored over 7 years ago by Gabriel M Schuyler <[email protected]>
default shell on ubuntu is dash, fixed a bashism, changed == to = which caused the default zone to be set on each run for ubuntu

968336fe9a2d74e8a9e556da56a104acb2b0c5d0 authored over 7 years ago by Quien Sabe <[email protected]>
Merge pull request #137 from crayfishx/release/3.3.1

[ci skip] prepped 3.3.1

39fb0e3b04b38b17ce03bc98b106aaaf706dde57 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #136 from crayfishx/issue/135

Changed dependancy on set-default-zone exec

adf1d33d8d8de77a5002230099230cb6d614f207 authored over 7 years ago by Craig Dunn <[email protected]>
[ci skip] prepped 3.3.1

037d7dca41911d6eb53d131e092104202ad41747 authored over 7 years ago by Craig Dunn <[email protected]>
fixed => alignment for failed tests

9e2345233f3c1e00258aef5a9bafb64dc268e0e9 authored over 7 years ago by Craig Dunn <[email protected]>
updated spec tests for #135

35533e690c57fdd57d401024fbf2adec4f87dd47 authored over 7 years ago by Craig Dunn <[email protected]>
Changed dependencies on set-default-zone to be run after the firewall reloads

441c30319c41a555b63e03059cbd30aee6180b8d authored over 7 years ago by Craig Dunn <[email protected]>
[ci skip]: Added missing entry from CHANGELOG for 3.2

9121279bc37e92fe685b01f9c24e29b3146127d9 authored over 7 years ago by Craig Dunn <[email protected]>
Merge branch 'master' of https://github.com/crayfishx/puppet-firewalld

030ba99556b7f97158c1a9080ae33763d51b9b11 authored over 7 years ago by Craig Dunn <[email protected]>
pinned parralel_tests for ruby 1.9

69bd44dbd58f84c62a486e10004bf379c5bb4d05 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #133 from crayfishx/release/3.3.0

[skip-ci] : prepped 3.3.0

685fd183b468b72a607d738840f94b3861334f89 authored over 7 years ago by Craig Dunn <[email protected]>
[skip-ci] minor README update on formatting

1f77ac12e71a9a4d30e67ee946b459c4f18c0ff2 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #132 from crayfishx/bug/protocol_readme

[skip-ci]: added protocol to README for rich_rules (closes #127)

2e40817e28325c7ee71d6f52b101063c31bee300 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #131 from crayfishx/feature/ipset

Add IPset type and provider

e09f23cf9ebf460e19366266188b0424eab9b001 authored over 7 years ago by Craig Dunn <[email protected]>
Merge pull request #130 from crayfishx/feature/masquerade

Added masquerade option to firewalld_zone type

6a5d5de48c4af4ade5e506e6832c72eeb7152c7d authored over 7 years ago by Craig Dunn <[email protected]>
[skip-ci] : prepped 3.3.0

20d9681b28911f781cb5fb327c843e1bc0ed5838 authored over 7 years ago by Craig Dunn <[email protected]>
[skip-ci]: added protocol to README for rich_rules (closes #127)

18e09124b70c67e5d6af5e436a0bb0cd8ae8036a authored over 7 years ago by Craig Dunn <[email protected]>
spec tests for ipset

c5adbf629ebe68a423487eae69cad0413dbbe9cb authored over 7 years ago by Craig Dunn <[email protected]>
fixes and rspec tests/docs for ipsets

a10badb67dda968397c5d81c25e3c8fe69bd535b authored over 7 years ago by Craig Dunn <[email protected]>
Merge remote-tracking branch 'StateFarmIns/ipset_support_for_zones' into feature/ipset

Closes #126

2bed510118b2d90b0879a137b0b8ee67ec4b3629 authored over 7 years ago by Craig Dunn <[email protected]>
blank line

9a086929bf8150b0517dc44870db850471631dc5 authored over 7 years ago by Craig Dunn <[email protected]>
initial ipset functionality

8b33dbb7fe8189e05f6c1328f15ff4074c92913a authored over 7 years ago by Craig Dunn <[email protected]>
added test for masquerade=false

837d2404d209d1a12d5252ab564120942edbab97 authored over 7 years ago by Craig Dunn <[email protected]>
Added masquerade option to firewalld_zone type

Closes #129

0e4bde39ab9321030d34a85f5add10c45269a32e authored over 7 years ago by Craig Dunn <[email protected]>
Add support for ipset for zone files using rich_rules

ca8be47db2503a30222e2ba0e6b234c43b3ab9c9 authored almost 8 years ago by Chuck Schweizer <[email protected]>
Merge pull request #125 from crayfishx/release/3.2.1

[ci skip] : prepped 3.2.1

55f60623c555b6482079da86a384fc07fdd856a9 authored almost 8 years ago by Craig Dunn <[email protected]>
Merge pull request #124 from crayfishx/tests/123

Added tests to #123

74085349dbbef5aa550d28bfbef53cbd7a1a85e8 authored almost 8 years ago by Craig Dunn <[email protected]>
[ci skip] : prepped 3.2.1

b8024c272d2c0522e092a5ceca7340dce316227d authored almost 8 years ago by Craig Dunn <[email protected]>
Merge remote-tracking branch 'contrib/fix_issue_122' into tests/123

Closes #122
Closes #123

a5a58b25b518e0b69d955595bf1c5c31069b4503 authored almost 8 years ago by Craig Dunn <[email protected]>
Added regression tests for #123 #122

2e30eba138cdb5957394f96a8085709f42b5fb23 authored almost 8 years ago by Craig Dunn <[email protected]>
Merge pull request #121 from hunner/docs

(maint) Add firewalld::service_ensure to readme

69f539b605d3303dde4ce1a282ef0076347fc742 authored almost 8 years ago by Craig Dunn <[email protected]>
Fix Issue https://github.com/crayfishx/puppet-firewalld/issues/122

462e8a0d0f29d6f4a81932f84d428ac8aee9f6b7 authored almost 8 years ago by Robert Heinzmann <[email protected]>
(maint) Add firewalld::service_ensure to readme

bdebc7ffef85794c5ade2eeaf49879faaa8318c6 authored almost 8 years ago by Hunter Haugen <[email protected]>
Merge pull request #120 from crayfishx/release/3.2.0

[ci-skip]: prepped 3.2.0

e70e7ef9532495af46f1451f8dbc1bfd93c0aa49 authored almost 8 years ago by Craig Dunn <[email protected]>
Merge pull request #119 from crayfishx/ticket/111

Evaluate target correctly when firewall-cmd --get-target doesn't use %%

3f80b28db7171a1e35fe8c4cae841908e4a8b685 authored almost 8 years ago by Craig Dunn <[email protected]>
[ci-skip]: prepped 3.2.0

8b2d0e72d00af25db63fd268a010188623119fff authored almost 8 years ago by Craig Dunn <[email protected]>
Evaluate target correctly when firewall-cmd --get-target doesn't use %%

Closes #111

https://github.com/crayfishx/puppet-firewalld/issues/111

a0b62941affc03969c8e11c1f34225d131bb1723 authored almost 8 years ago by Craig Dunn <[email protected]>
Merge pull request #118 from crayfishx/ticket/107

Port ranges (#107) and default_zone option (#98)

bb509a1530031641d097c633281051ef27b39658 authored almost 8 years ago by Craig Dunn <[email protected]>