Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/sous-chefs/firewall
Development repository for the firewall cookbook
https://github.com/sous-chefs/firewall
This adds support for the firewall rules required for using the [mobile
shell](https://mosh.mit....
When passing in a port, our string-ifying helper function was modifying the variable if it happe...
8136c429fdabd9a8ee8594b3745106bd5b65eb15 authored almost 9 years ago by Martin Smith <[email protected]>3690636116e7756c1f12f82476ed1613d69d8ef4 authored almost 9 years ago by Martin Smith <[email protected]>
Example should have had `command :allow`, as :allow is no longer an action.
77800f8f72ebf8ecef608f8f1e8bc5ff0123bbf8 authored almost 9 years ago by Martin Smith <[email protected]>51587739ad99c0b81b19197c32a692e6742c07f1 authored almost 9 years ago by Martin Smith <[email protected]>
f33312d5d26b763b2ae7b6503fe632b2badd52a3 authored almost 9 years ago by Martin Smith <[email protected]>
This is a backwards compatible new feature to override the default ruleset, or add additional ru...
af2c17c59241590001dc09333cf0f4444989ac6b authored almost 9 years ago by Martin Smith <[email protected]>Because of some legacy code that was fixed, we had two variables that represented the same value...
c155b7329a8b95be0360358bba8103024989f1b7 authored almost 9 years ago by Martin Smith <[email protected]>9635780856f6c021a89995b09fbc22e3cf4b2836 authored almost 9 years ago by Andrew Burns <[email protected]>
This adds support to the ufw provider so that it actually supports the
:raw command as currently...
- Rubocop had some new complaints from the latest release. Fixing those.
a30b8430e1a3a4b2a771dcfcbd78a86e577b024d authored almost 9 years ago by Martin Smith <[email protected]>9f30d2fbc6889c449048193cd34f332d1db359be authored almost 9 years ago by Martin Smith <[email protected]>
812b2b5b944e74676a945b18d3f1c163c6db078d authored almost 9 years ago by Martin Smith <[email protected]>
Ensure we support raw rules on ufw, add tests for it as well.
Fixes #113.
53f3fca0299a36641b9f1562761d42e3d080daca authored almost 9 years ago by Martin Smith <[email protected]>3536a3b36ba617977c9693acc7dbd31d57764af6 authored almost 9 years ago by Martin Smith <[email protected]>
We should be checking the iptables command, not the resource action here.
RE: #112
9080c913e0be04e74d1eb9c0baee45170b23d746 authored almost 9 years ago by Martin Smith <[email protected]>- Instead of accumulating the firewall rules as each `firewall_rule` resource's action fires, ac...
c6f5bf99a0ebe7f5595706bebda315b0e88f157e authored almost 9 years ago by Martin Smith <[email protected]>Fix the `port_to_s` function so it also works for Windows
eb0e6345dc53a4e3eac679b2ae4c1b810b96e48e authored about 9 years ago by Martin Smith <[email protected]>ec52c734fc4c07f095a98aa75537ee913a5dc47e authored about 9 years ago by Sander van Harmelen <[email protected]>
Add proper Windows support & serverspec tests.
76d8017d267fd903c4945b2855019611fa1be761 authored about 9 years ago by Martin Smith <[email protected]>Add a flag for 'enabled' to make it easier to understand the logic on the firewall resource. We'...
6b5ebc884d25b922382e2d5bead8e4ef20ef02c9 authored about 9 years ago by Martin Smith <[email protected]>- Rename `persistent` to `permanent` to match the firewalld name, and scope the attribute under ...
d36337edff6655320022f156e137d045949cd818 authored about 9 years ago by Martin Smith <[email protected]>Added persistent option defaulted to true to allow --permament auto a…
eefad6ab12d8f60d63036ebb5b5d90d90abc64af authored about 9 years ago by Martin Smith <[email protected]>0cebd39f7d778ce7b475b1a15a5e433664a726c6 authored about 9 years ago by jasonmcintosh <[email protected]>
ec93e9e81894ea6d0c2f25cd775845e6c8a463db authored about 9 years ago by jasonmcintosh <[email protected]>
ebd36656ed19450f7cb1bee9551d9262026c05a9 authored about 9 years ago by jasonmcintosh <[email protected]>
Fixed the issue creating a firewall rule for windows with 'program' set to 'any' is invalid
e3a65c0586f7a25b25ad6c617b824cd0d964a0f1 authored about 9 years ago by Martin Smith <[email protected]>Add support for using iptables in RHEL 7
e408c1c40f9a82171d89572808d29ff8b1881581 authored about 9 years ago by Martin Smith <[email protected]>ee437c7cfe2a71cdc927526bb8a05a97fad892f3 authored about 9 years ago by strawhatboy <[email protected]>
Fix 'Any' program for windows firewall
bf1cc84572ee73f0c98ee1965578aef624aaddd5 authored about 9 years ago by strawhatboy <[email protected]>Windows adv firewall consider no 'program' parameter specified as the 'Any' option:
Usage: ad...
0ad591ef31af1532dfbcdda9a0d3f2d6dc5882cb authored about 9 years ago by strawhatboy <[email protected]>e45fdb83542e97dc14c85461ff4135f7d0a9acfd authored about 9 years ago by Daniel Silverman <[email protected]>
2211691b02f5a87a437dee70511da3990ef8c2be authored about 9 years ago by Martin Smith <[email protected]>
In ipv6, ICMP is required for all kinds of basic functionality. Unless someone has overriden `al...
4353695da89c6686354e8b0d554264b112f5f3bb authored about 9 years ago by Martin Smith <[email protected]>7278d0ed2ecc91d2932fc39dd2ab2bf4ddfccd9e authored about 9 years ago by Tim Smith <[email protected]>
b515582ffa33dcb23df10b437a5d3726e07dbd20 authored about 9 years ago by Tim Smith <[email protected]>
- Rubocop doesn't like !!
- Berkshelf 3.x has compatibility issues with Faraday/Ridley atm.
f1f0f2e136142eeff2135c87de41003ccfc9a657 authored about 9 years ago by Tim Smith <[email protected]>
6fb5096c2d0705d26cc8e5c2cdcc12fd4e4241c1 authored about 9 years ago by Tim Smith <[email protected]>
53435d52b15231648bcbed29e4b198ede86566c0 authored about 9 years ago by Tim Smith <[email protected]>
b145efc06d2bdfd39994b2fc6f2aff563b77441b authored about 9 years ago by Tim Smith <[email protected]>
7715f54e163cbfdfa9bd2aa425b459524138b944 authored about 9 years ago by Martin Smith <[email protected]>
Ensure all of the distros/versions and provides blocks yield exactly one provider, no more.
RE:...
682d523771890d308dffdf8a9d2c99d19f840173 authored about 9 years ago by Martin Smith <[email protected]>Also ensure firewalld_rule is not attempted on el6
fbe3e8cc6c8d47508e14e7144689aee356438f0a authored about 9 years ago by Martin Smith <[email protected]>62b42f769c568e69057cfba4f9aa21fbecbcf7e8 authored about 9 years ago by Glen Mailer <[email protected]>
Ensure firewalld is not attempted on el6
d24f3c9c619cfc66772fdbfa50dc7bca9e9c4a98 authored about 9 years ago by Martin Smith <[email protected]>4e4ff5e1181d1457fddc7d407b0befec6914ac12 authored about 9 years ago by Glen Mailer <[email protected]>
Update docs references to :enabled action
81b3781dfda0645c0fb55516ea3dfc0b16f2e916 authored about 9 years ago by Martin Smith <[email protected]>a2bb94cc128c4d8ded51237755656687a156c386 authored about 9 years ago by Glen Mailer <[email protected]>
2414fe1a20619ab5ec5fbb690876116b5557f519 authored about 9 years ago by Martin Smith <[email protected]>
- Foodcritic wanted node['platform_version'] vs. :platform_version
- Add back require_relative o...
- Allow override of default iptables' filter chain's default policy, fixes #94
- Fix test-kitche...
ee0f8977fd93095a880c380286b628996d6d8c04 authored over 9 years ago by Martin Smith <[email protected]>
Fixes #92 where firewall_rule misses '--to-ports'
1624d2169e28905cf8ba3666c90a3054a7c8c41a authored over 9 years ago by Martin Smith <[email protected]>Be sure we initialize ipv6 and ipv4 hash keys regardless of using them or not.
Fixes #91.
0c42c217422244e46ca922c4b60a521803bc2adb authored over 9 years ago by Martin Smith <[email protected]>Per #91, add an attribute for disabling ipv6, so folks don't have to resort to resource cloning ...
c3b6cd33637c4a8bd521cbf0c790ea46d1c07084 authored over 9 years ago by Martin Smith <[email protected]>a3d43396bcae051e6afb5c39a783823a76955da0 authored over 9 years ago by Thomas Pike <[email protected]>
66502e222027d192efd293039007d087991e8c83 authored over 9 years ago by Tim Smith <[email protected]>
8065c8a5d33e5c2021bc72cf23af92f4904ebafe authored over 9 years ago by Tim Smith <[email protected]>
d639184e20b283c025c82f7693b2a2a6eed70cb7 authored over 9 years ago by Tim Smith <[email protected]>
95f322be1a6065f3ec42f386b4f654adc5b1aec9 authored over 9 years ago by Tim Smith <[email protected]>
3420cc853a615f1ebf7250b7b523dff757601a26 authored over 9 years ago by Tim Smith <[email protected]>
5fcb7dd81c1267e592945ee1d63abf090a7336e4 authored over 9 years ago by Tim Smith <[email protected]>
03d7941a2e2e9809d87656d895eed6d23932b7f4 authored over 9 years ago by Tim Smith <[email protected]>
a29ee0714e4c456837885b8900d07f0ddef680de authored over 9 years ago by Tim Smith <[email protected]>
6c87861c08947181c577fc8b2ac18bcad18d8bf5 authored over 9 years ago by Tim Smith <[email protected]>
5cf877f83f0513ffd2cb2ffc3a08f84805e50ec9 authored over 9 years ago by Tim Smith <[email protected]>
42ebcf7e98eb42827ab0ef859e2bd6789bc59ed7 authored over 9 years ago by Tim Smith <[email protected]>
0099204dacc683ceb05774d4a5aa16402bc7b27f authored over 9 years ago by Tim Smith <[email protected]>
e6e9b6c51fe56bd6a90c56c9dfa2b6b4ea754dea authored over 9 years ago by Tim Smith <[email protected]>
91406061f660a5454a20c60a4d7b496d6e384c1c authored over 9 years ago by Martin Smith <[email protected]>
Work to ensure Travis CI passes
3c4832f3498141287981a8687855531b0d746fc9 authored over 9 years ago by Martin Smith <[email protected]>
- Fix chefspec tests (needs more work)
- Correct actions in matchers
- Clean up groups in Gemfil...
4e2c438a3bf5b23a0969dabcb6090a85af7d81f6 authored over 9 years ago by Martin Smith <[email protected]>
- By default, allow related/established on iptables (ufw defaults to this)
- Add `default['firew...
a1bf37966dcf50dbed3be8770098509ca8c1fecb authored over 9 years ago by Martin Smith <[email protected]>
Add ipv6 toggle for not running ipv6 commands. Fixes #73.
c7729611c41c328b48e145fdcb6fbdedb3e8dcad authored over 9 years ago by Martin Smith <[email protected]>Rewritten to support 'Chef 12 style' for doing providers and resources, RE: #78. The new way to ...
35b235e67bdbe6f46070628cefbbeb83c1773652 authored over 9 years ago by Martin Smith <[email protected]>0934ab3f75fca33561c88a098bfa95bc019e30ef authored over 9 years ago by Martin Smith <[email protected]>
Introduce Windows firewall support, with much thanks to @svanharmelen.
Includes work from:
http...
2ffdf44e4e4b41a4e2ea246cf77b59d8c0addca7 authored over 9 years ago by Sander van Harmelen <[email protected]>
Add firewall resource parameters for default enabled and disabled firewalld zones.
Fixes #71.
a67bd2b6496add004ea61dc6dea661acde1ebb72 authored over 9 years ago by Martin Smith <[email protected]>add variable scope to svc in iptables flush.
943463630474286c20b4a17690abdce750898b9c authored over 9 years ago by Martin Smith <[email protected]>58af5fbaa7ac4706894c36618daefedf54b609ce authored over 9 years ago by lmunro <[email protected]>
We were appending '-A' for raw rules, for no real reason. This removes that limitation.
3db478e53886f1302e7d95ce317533e83fa15317 authored over 9 years ago by Martin Smith <[email protected]>This will further address the issue of being able to debug positional rules.
21c34b376a940ab446a0ca961199b4d60c82d39c authored over 9 years ago by Martin Smith <[email protected]>This is a major rewrite of the firewall cookbook, however tests were only slightly adjusted to r...
126f32479be8119e281848619a37aa1769a68b02 authored over 9 years ago by Martin Smith <[email protected]>5f78badb07783b878de7c834aba1572e2419633f authored over 9 years ago by Tim Smith <[email protected]>
insert_at attribute to insert at top or bottom.
0cfb596b4453528cd71a59fc17f5883c4f12a06f authored over 9 years ago by Martin Smith <[email protected]>c26ed9017ea686a9f7412f8ca68e6b2577135ae8 authored over 9 years ago by lmunro <[email protected]>
6d2c3e3ac145a2aa6d05a4719e6e01e853d3f08b authored over 9 years ago by Martin Smith <[email protected]>
Remove additional space after port range
052c900679a71600c94da53d20a1ab8a8657836f authored over 9 years ago by Martin Smith <[email protected]>Resolves #79
8e4ac193c6fb8e1abdc172687201fc5d2ae4f8b8 authored over 9 years ago by John Schwinghammer <[email protected]>d25363b96b766bbf6d6ac2554dbc6e29b09e90be authored over 9 years ago by Martin Smith <[email protected]>
Bug fix: Fixed redirect comparision; cdre-security-centos64-65 …
fd9b2dd7865b6d11e4a373778c8eff598126c014 authored over 9 years ago by Martin Smith <[email protected]>- We don't bump versions in PRs or write changelogs here, as it creates unnecessary merge confli...
689b558a2c521604595ccd54f655ff44b4a24d23 authored over 9 years ago by Martin Smith <[email protected]>d19ed093f0fc1f9453854343200da77239966df1 authored over 9 years ago by 212050466 <[email protected]>
87256608d721a0fed585c887cf9bed1f98bbc1a8 authored over 9 years ago by 212050466 <[email protected]>
6f123190ef9dfe4e43de5636edd6eabcfd235eab authored over 9 years ago by 212050466 <[email protected]>
cf5f3af300756b3799452c4163f9a647f97014c4 authored over 9 years ago by Martin Smith <[email protected]>