Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/sous-chefs/firewalld

[WIP] Extraction of firewalld components from unified firewall cookbook
https://github.com/sous-chefs/firewalld

Add windows to metadata and add chef_version

Signed-off-by: Tim Smith <[email protected]>

ab51fcbd223272b700ab01a4c75a0d9b1fdfbf62 authored over 8 years ago by Tim Smith <[email protected]>
Use the updated Rakefile

Signed-off-by: Tim Smith <[email protected]>

9faad61275cd9d5315af769ac310412ce49dc502 authored over 8 years ago by Tim Smith <[email protected]>
Update ignore files

Signed-off-by: Tim Smith <[email protected]>

6c6a1df1c3326fd0e7e8e74b13b1bf1cd0f318a9 authored over 8 years ago by Tim Smith <[email protected]>
Add maintainers files

Signed-off-by: Tim Smith <[email protected]>

8b28ad40ffdfcd7dfee806834f2eabf5a407609b authored over 8 years ago by Tim Smith <[email protected]>
Add additional excludes to special chains

For *nat and *filter and other chains that might need duplicated lines containing `:OUTPUT :INPU...

4aa07d71cdb0721d4a9879be54f01a4c8dbb8d4a authored over 8 years ago by Martin Smith <[email protected]>
Merge pull request #136 from erkki/ipsec_proto

allow ipv6/esp/ah protocol passthrough for ufw

d812098903b94cfd45c35af7ab6f1bc926220a4f authored over 8 years ago by Martin Smith <[email protected]>
allow ipv6/esp/ah protocols for ufw as per http://manpages.ubuntu.com/manpages/precise/man8/ufw.8.html

Obvious fix. (ref https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master...

16659e557c478eb79c7fbccfa139ec9fcf0a77c5 authored over 8 years ago by Erkki Eilonen <[email protected]>
Merge pull request #142 from gravitystorm/patch-1

Update chef tested version in readme

f33175284bfaa61c026f3b8bc5ed40f0e5f9b146 authored over 8 years ago by Martin Smith <[email protected]>
Update chef tested version in readme

This now matches the version used in .kitchen.yml

81b5b236f2400d5850f3c8d3a1310244682a6143 authored over 8 years ago by Andy Allan <[email protected]>
Release v2.5.2

v2.5.2 (2016-06-02)
-------------------
* Don't issue commands when firewalld isn't active (#140...

dada6ad8766a9bdb86f41e589db48688c0234ac9 authored over 8 years ago by Martin Smith <[email protected]>
Check if firewalld is active

Before issuing commands, check if firewalld is active. If the action is :disable on the firewall...

0d1e9269b465e293675acc0473752087064e598b authored over 8 years ago by Martin Smith <[email protected]>
Install iptables-services on CentOS / Red Hat 7 and higher.

Install iptables-services on CentOS / Red Hat 7 and higher.

Fixes #131.

ca7e1d62bf980752f851e3a7edbfe2b99172130c authored over 8 years ago by Martin Smith <[email protected]>
Ensure iptables-persistent is always started

Closes https://github.com/chef-cookbooks/firewall/pull/137.

0263af86980d914066c0030a0f6c8725e073558d authored over 8 years ago by Martin Smith <[email protected]>
Update Ruby version on Travis for listen gem

c06da8195658818a6f287a3a91e5fe8db523f419 authored over 8 years ago by Martin Smith <[email protected]>
Release v2.5.1

Release v2.5.1 (2016-05-31)
-------------------
* Protocol guard incorrectly prevents "none" pro...

27465b15f583c5669e17c7070663bb2c3d603ff6 authored over 8 years ago by Martin Smith <[email protected]>
Add ipv6 attribute respect to Ubuntu iptables

- Don't write rules.v6 on ubuntu if `node['firewall']['ipv6_enabled']` is disabled

13f9e1c945630a4e32eeb9571d4b6a317837e3f3 authored over 8 years ago by Martin Smith <[email protected]>
Update platforms in Test Kitchen [skip-ci]

0264f4f1988a3dadc49efebc700b831e739e353b authored over 8 years ago by Tim Smith <[email protected]>
Pin chef higher

568855b6c3d26f3b30e969cd7c2921a0bb49fcb4 authored over 8 years ago by Martin Smith <[email protected]>
Add chef to Gemfile

2c335d25220de31cd4ff1e2205a3b2e9fbcc5bcd authored over 8 years ago by Martin Smith <[email protected]>
Bump ruby version to 2.2

a85d87142e1f9d20d98d4dede282bfccc93f2ff2 authored over 8 years ago by Martin Smith <[email protected]>
Add warning if firewall rule opens all traffic

Warn when a firewall_rule resource appears to be opening all traffic. This should help avoid ina...

cd3ed9036c555678f0a5bc3123b062e2afa2ebb3 authored over 8 years ago by Martin Smith <[email protected]>
Add issues and PR templates

e429c99d96384ba9dbc6254dfbcd67062421f894 authored over 8 years ago by Tim Smith <[email protected]>
Merge pull request #130 from williamsjj/master

Fix notify_firewall attribute crashing firewall_rule provider when set to false.

9ac90377c2d7473917978afef3623ac928ee4b98 authored over 8 years ago by Martin Smith <[email protected]>
Fix notify_firewall attribute crashing firewall_rule provider when set

to false.
* firewall_rule.notify_firewall if set to False crashes the provider
because the code...

b77b8e646657c057f134434257e9da6ea33ca34d authored over 8 years ago by Jason J. W. Williams <[email protected]>
Merge pull request #128 from williamsjj/master

protocol guard incorrectly prevents "none" protocol type on UFW helper.

8863b973b9bde71e66fb0fb20959af93d6863d59 authored over 8 years ago by Martin Smith <[email protected]>
protocol guard incorrectly prevents "none" protocol type on UFW helper.

209ece67721b36aef8bb857d567cfe507773c6d7 authored almost 9 years ago by Jason J. W. Williams <[email protected]>
Fix wrongly ordered conditional

Check the value, then use port_to_s, not the other way around.

771835c68fba1dab9e149771ed9ed30707989853 authored almost 9 years ago by Martin Smith <[email protected]>
Release v2.5.0

2008ac75274cb0a5bff47965be9aa1ed0055eb85 authored almost 9 years ago by Martin Smith <[email protected]>
Fix incorrect attribute reference

We shouldn't reference `source_interface`, since that doesn't exist.

Fixes #123.

af73c9eb671d532e4fd66e4b029e7166b1d4c8f8 authored almost 9 years ago by Martin Smith <[email protected]>
Don't require underscores unless >9 digits

e9fc73b16940a06a39ce2b35cd8dda59395c7124 authored almost 9 years ago by Martin Smith <[email protected]>
Add support for mobile shell firewall rules.

This adds support for the firewall rules required for using the [mobile
shell](https://mosh.mit....

61b71711deea58feaa6759bf4f242635f86ec28a authored almost 9 years ago by John Bellone <[email protected]>
Don't modify parameter for port

When passing in a port, our string-ifying helper function was modifying the variable if it happe...

8136c429fdabd9a8ee8594b3745106bd5b65eb15 authored almost 9 years ago by Martin Smith <[email protected]>
Fix some style rules that were failing the build.

3690636116e7756c1f12f82476ed1613d69d8ef4 authored almost 9 years ago by Martin Smith <[email protected]>
Fix errant example with command and action

Example should have had `command :allow`, as :allow is no longer an action.

77800f8f72ebf8ecef608f8f1e8bc5ff0123bbf8 authored almost 9 years ago by Martin Smith <[email protected]>
Rubocop fixes

51587739ad99c0b81b19197c32a692e6742c07f1 authored almost 9 years ago by Martin Smith <[email protected]>
Release v2.4.0

f33312d5d26b763b2ae7b6503fe632b2badd52a3 authored almost 9 years ago by Martin Smith <[email protected]>
Expose default table and chains for iptables

This is a backwards compatible new feature to override the default ruleset, or add additional ru...

af2c17c59241590001dc09333cf0f4444989ac6b authored almost 9 years ago by Martin Smith <[email protected]>
Remove 'type' variable, fix duplicate allow

Because of some legacy code that was fixed, we had two variables that represented the same value...

c155b7329a8b95be0360358bba8103024989f1b7 authored almost 9 years ago by Martin Smith <[email protected]>
ufw: Add support for :raw

This adds support to the ufw provider so that it actually supports the
:raw command as currently...

3af3c26a60212dba66cb2709b4099ee8cd754714 authored almost 9 years ago by Andrew Burns <[email protected]>
ufw: Remove straggler 'raw' line

9635780856f6c021a89995b09fbc22e3cf4b2836 authored almost 9 years ago by Andrew Burns <[email protected]>
Fix rubocop complaints

- Rubocop had some new complaints from the latest release. Fixing those.

a30b8430e1a3a4b2a771dcfcbd78a86e577b024d authored almost 9 years ago by Martin Smith <[email protected]>
Fix rubocop warnings

9f30d2fbc6889c449048193cd34f332d1db359be authored almost 9 years ago by Martin Smith <[email protected]>
Release v2.3.1

812b2b5b944e74676a945b18d3f1c163c6db078d authored almost 9 years ago by Martin Smith <[email protected]>
Allow raw rules on ufw

Ensure we support raw rules on ufw, add tests for it as well.

Fixes #113.

53f3fca0299a36641b9f1562761d42e3d080daca authored almost 9 years ago by Martin Smith <[email protected]>
Release v2.3.0

3536a3b36ba617977c9693acc7dbd31d57764af6 authored almost 9 years ago by Martin Smith <[email protected]>
Fix typo in action vs. command

We should be checking the iptables command, not the resource action here.

RE: #112

9080c913e0be04e74d1eb9c0baee45170b23d746 authored almost 9 years ago by Martin Smith <[email protected]>
Refactor firewall_rule providers

- Instead of accumulating the firewall rules as each `firewall_rule` resource's action fires, ac...

c6f5bf99a0ebe7f5595706bebda315b0e88f157e authored almost 9 years ago by Martin Smith <[email protected]>
Merge pull request #111 from schubergphilis/b-port-to-s

Fix the `port_to_s` function so it also works for Windows

eb0e6345dc53a4e3eac679b2ae4c1b810b96e48e authored about 9 years ago by Martin Smith <[email protected]>
Fix the `port_to_s` function so it also works for Windows

ec52c734fc4c07f095a98aa75537ee913a5dc47e authored about 9 years ago by Sander van Harmelen <[email protected]>
Add proper Windows support back in

Add proper Windows support & serverspec tests.

76d8017d267fd903c4945b2855019611fa1be761 authored about 9 years ago by Martin Smith <[email protected]>
Switch to positive logic (enabled vs. disabled)

Add a flag for 'enabled' to make it easier to understand the logic on the firewall resource. We'...

6b5ebc884d25b922382e2d5bead8e4ef20ef02c9 authored about 9 years ago by Martin Smith <[email protected]>
Cleanup from persistent rules

- Rename `persistent` to `permanent` to match the firewalld name, and scope the attribute under ...

d36337edff6655320022f156e137d045949cd818 authored about 9 years ago by Martin Smith <[email protected]>
Merge pull request #104 from jasonmcintosh/option_for_permanent

Added persistent option defaulted to true to allow --permament auto a…

eefad6ab12d8f60d63036ebb5b5d90d90abc64af authored about 9 years ago by Martin Smith <[email protected]>
Version bumped

0cebd39f7d778ce7b475b1a15a5e433664a726c6 authored about 9 years ago by jasonmcintosh <[email protected]>
Fixed formatting issues

ec93e9e81894ea6d0c2f25cd775845e6c8a463db authored about 9 years ago by jasonmcintosh <[email protected]>
Added persistent option defaulted to true to allow --permament auto added on all rules created

ebd36656ed19450f7cb1bee9551d9262026c05a9 authored about 9 years ago by jasonmcintosh <[email protected]>
Merge pull request #100 from strawhatboy/master

Fixed the issue creating a firewall rule for windows with 'program' set to 'any' is invalid

e3a65c0586f7a25b25ad6c617b824cd0d964a0f1 authored about 9 years ago by Martin Smith <[email protected]>
Merge pull request #99 from agperson/master

Add support for using iptables in RHEL 7

e408c1c40f9a82171d89572808d29ff8b1881581 authored about 9 years ago by Martin Smith <[email protected]>
replaced single line 'if' to '&&' flow

ee437c7cfe2a71cdc927526bb8a05a97fad892f3 authored about 9 years ago by strawhatboy <[email protected]>
Merge pull request #1 from strawhatboy/strawhatboy-patch-1

Fix 'Any' program for windows firewall

bf1cc84572ee73f0c98ee1965578aef624aaddd5 authored about 9 years ago by strawhatboy <[email protected]>
Fix 'Any' program for windows firewall

Windows adv firewall consider no 'program' parameter specified as the 'Any' option:

Usage: ad...

0ad591ef31af1532dfbcdda9a0d3f2d6dc5882cb authored about 9 years ago by strawhatboy <[email protected]>
Add support for using iptables in RHEL 7

e45fdb83542e97dc14c85461ff4135f7d0a9acfd authored about 9 years ago by Daniel Silverman <[email protected]>
Release v2.1.0

2211691b02f5a87a437dee70511da3990ef8c2be authored about 9 years ago by Martin Smith <[email protected]>
Open ICMP in ipv6, required

In ipv6, ICMP is required for all kinds of basic functionality. Unless someone has overriden `al...

4353695da89c6686354e8b0d554264b112f5f3bb authored about 9 years ago by Martin Smith <[email protected]>
Add basic converge chefspec

7278d0ed2ecc91d2932fc39dd2ab2bf4ddfccd9e authored about 9 years ago by Tim Smith <[email protected]>
Resolve rubocop warnings

b515582ffa33dcb23df10b437a5d3726e07dbd20 authored about 9 years ago by Tim Smith <[email protected]>
Fix rubocop, berkshelf breakage

- Rubocop doesn't like !!
- Berkshelf 3.x has compatibility issues with Faraday/Ridley atm.

21815668884b10fa310892344532a07bfe6dafa4 authored about 9 years ago by Martin Smith <[email protected]>
Exclude rules that aren't applicable

f1f0f2e136142eeff2135c87de41003ccfc9a657 authored about 9 years ago by Tim Smith <[email protected]>
Resolve a few rubocop warnings

6fb5096c2d0705d26cc8e5c2cdcc12fd4e4241c1 authored about 9 years ago by Tim Smith <[email protected]>
Update chefignore

b145efc06d2bdfd39994b2fc6f2aff563b77441b authored about 9 years ago by Tim Smith <[email protected]>
Update rubocop to standard file

53435d52b15231648bcbed29e4b198ede86566c0 authored about 9 years ago by Tim Smith <[email protected]>
Release v2.0.5

7715f54e163cbfdfa9bd2aa425b459524138b944 authored about 9 years ago by Martin Smith <[email protected]>
Ensure all provide blocks are mutually exclusive

Ensure all of the distros/versions and provides blocks yield exactly one provider, no more.

RE:...

682d523771890d308dffdf8a9d2c99d19f840173 authored about 9 years ago by Martin Smith <[email protected]>
Merge pull request #98 from glenjamin/never-firewalld-el6

Also ensure firewalld_rule is not attempted on el6

fbe3e8cc6c8d47508e14e7144689aee356438f0a authored about 9 years ago by Martin Smith <[email protected]>
Also ensure firewalld_rule is not attempted on el6

62b42f769c568e69057cfba4f9aa21fbecbcf7e8 authored about 9 years ago by Glen Mailer <[email protected]>
Merge pull request #97 from glenjamin/never-firewalld-el6

Ensure firewalld is not attempted on el6

d24f3c9c619cfc66772fdbfa50dc7bca9e9c4a98 authored about 9 years ago by Martin Smith <[email protected]>
Ensure firewalld is not attempted on el6

4e4ff5e1181d1457fddc7d407b0befec6914ac12 authored about 9 years ago by Glen Mailer <[email protected]>
Merge pull request #96 from glenjamin/patch-1

Update docs references to :enabled action

81b3781dfda0645c0fb55516ea3dfc0b16f2e916 authored about 9 years ago by Martin Smith <[email protected]>
Update docs references to :enabled action

a2bb94cc128c4d8ded51237755656687a156c386 authored about 9 years ago by Glen Mailer <[email protected]>
Release v2.0.4

2414fe1a20619ab5ec5fbb690876116b5557f519 authored about 9 years ago by Martin Smith <[email protected]>
Fix chefspec and foodcritic complaints

- Foodcritic wanted node['platform_version'] vs. :platform_version
- Add back require_relative o...

7820cf6f38ac30e409a8a81a71165a5aaf897b8b authored about 9 years ago by Martin Smith <[email protected]>
Override iptables filter chain policy, cleanup

- Allow override of default iptables' filter chain's default policy, fixes #94
- Fix test-kitche...

7a4026327691f4a67c7795c4ab660ff2d2d528ea authored about 9 years ago by Martin Smith <[email protected]>
Release v2.0.3

ee0f8977fd93095a880c380286b628996d6d8c04 authored over 9 years ago by Martin Smith <[email protected]>
Merge pull request #93 from crossroads/redirect_fix

Fixes #92 where firewall_rule misses '--to-ports'

1624d2169e28905cf8ba3666c90a3054a7c8c41a authored over 9 years ago by Martin Smith <[email protected]>
Ensure default hash regardless of ipv6

Be sure we initialize ipv6 and ipv4 hash keys regardless of using them or not.

Fixes #91.

0c42c217422244e46ca922c4b60a521803bc2adb authored over 9 years ago by Martin Smith <[email protected]>
Add attribute-friendly way to disable ipv6

Per #91, add an attribute for disabling ipv6, so folks don't have to resort to resource cloning ...

c3b6cd33637c4a8bd521cbf0c790ea46d1c07084 authored over 9 years ago by Martin Smith <[email protected]>
Fixes #92 where firewall_rule misses '--to-ports'

a3d43396bcae051e6afb5c39a783823a76955da0 authored over 9 years ago by Thomas Pike <[email protected]>
Update URL

66502e222027d192efd293039007d087991e8c83 authored over 9 years ago by Tim Smith <[email protected]>
Add back chef-sugar

8065c8a5d33e5c2021bc72cf23af92f4904ebafe authored over 9 years ago by Tim Smith <[email protected]>
Fix the extra line I introduced

d639184e20b283c025c82f7693b2a2a6eed70cb7 authored over 9 years ago by Tim Smith <[email protected]>
Opscode -> Chef, supermarket metadata, additional platforms

95f322be1a6065f3ec42f386b4f654adc5b1aec9 authored over 9 years ago by Tim Smith <[email protected]>
Add badges

3420cc853a615f1ebf7250b7b523dff757601a26 authored over 9 years ago by Tim Smith <[email protected]>
Update ignored files

5fcb7dd81c1267e592945ee1d63abf090a7336e4 authored over 9 years ago by Tim Smith <[email protected]>
Disable a few rules entirely

03d7941a2e2e9809d87656d895eed6d23932b7f4 authored over 9 years ago by Tim Smith <[email protected]>
Remove the version constraint for integration testing

a29ee0714e4c456837885b8900d07f0ddef680de authored over 9 years ago by Tim Smith <[email protected]>
Pin versions and use our standard group list

6c87861c08947181c577fc8b2ac18bcad18d8bf5 authored over 9 years ago by Tim Smith <[email protected]>
Update platforms and A->Z the boxes

5cf877f83f0513ffd2cb2ffc3a08f84805e50ec9 authored over 9 years ago by Tim Smith <[email protected]>
Add copyright to the license

42ebcf7e98eb42827ab0ef859e2bd6789bc59ed7 authored over 9 years ago by Tim Smith <[email protected]>
Let ruby version float in travis

0099204dacc683ceb05774d4a5aa16402bc7b27f authored over 9 years ago by Tim Smith <[email protected]>
Update docs

e6e9b6c51fe56bd6a90c56c9dfa2b6b4ea754dea authored over 9 years ago by Tim Smith <[email protected]>