Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/sous-chefs/firewalld
[WIP] Extraction of firewalld components from unified firewall cookbook
https://github.com/sous-chefs/firewalld
Signed-off-by: Tim Smith <[email protected]>
ab51fcbd223272b700ab01a4c75a0d9b1fdfbf62 authored over 8 years ago by Tim Smith <[email protected]>Signed-off-by: Tim Smith <[email protected]>
9faad61275cd9d5315af769ac310412ce49dc502 authored over 8 years ago by Tim Smith <[email protected]>Signed-off-by: Tim Smith <[email protected]>
6c6a1df1c3326fd0e7e8e74b13b1bf1cd0f318a9 authored over 8 years ago by Tim Smith <[email protected]>Signed-off-by: Tim Smith <[email protected]>
8b28ad40ffdfcd7dfee806834f2eabf5a407609b authored over 8 years ago by Tim Smith <[email protected]>For *nat and *filter and other chains that might need duplicated lines containing `:OUTPUT :INPU...
4aa07d71cdb0721d4a9879be54f01a4c8dbb8d4a authored over 8 years ago by Martin Smith <[email protected]>allow ipv6/esp/ah protocol passthrough for ufw
d812098903b94cfd45c35af7ab6f1bc926220a4f authored over 8 years ago by Martin Smith <[email protected]>Obvious fix. (ref https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master...
16659e557c478eb79c7fbccfa139ec9fcf0a77c5 authored over 8 years ago by Erkki Eilonen <[email protected]>Update chef tested version in readme
f33175284bfaa61c026f3b8bc5ed40f0e5f9b146 authored over 8 years ago by Martin Smith <[email protected]>This now matches the version used in .kitchen.yml
81b5b236f2400d5850f3c8d3a1310244682a6143 authored over 8 years ago by Andy Allan <[email protected]>
v2.5.2 (2016-06-02)
-------------------
* Don't issue commands when firewalld isn't active (#140...
Before issuing commands, check if firewalld is active. If the action is :disable on the firewall...
0d1e9269b465e293675acc0473752087064e598b authored over 8 years ago by Martin Smith <[email protected]>Install iptables-services on CentOS / Red Hat 7 and higher.
Fixes #131.
ca7e1d62bf980752f851e3a7edbfe2b99172130c authored over 8 years ago by Martin Smith <[email protected]>Closes https://github.com/chef-cookbooks/firewall/pull/137.
0263af86980d914066c0030a0f6c8725e073558d authored over 8 years ago by Martin Smith <[email protected]>c06da8195658818a6f287a3a91e5fe8db523f419 authored over 8 years ago by Martin Smith <[email protected]>
Release v2.5.1 (2016-05-31)
-------------------
* Protocol guard incorrectly prevents "none" pro...
- Don't write rules.v6 on ubuntu if `node['firewall']['ipv6_enabled']` is disabled
13f9e1c945630a4e32eeb9571d4b6a317837e3f3 authored over 8 years ago by Martin Smith <[email protected]>0264f4f1988a3dadc49efebc700b831e739e353b authored over 8 years ago by Tim Smith <[email protected]>
568855b6c3d26f3b30e969cd7c2921a0bb49fcb4 authored over 8 years ago by Martin Smith <[email protected]>
2c335d25220de31cd4ff1e2205a3b2e9fbcc5bcd authored over 8 years ago by Martin Smith <[email protected]>
a85d87142e1f9d20d98d4dede282bfccc93f2ff2 authored over 8 years ago by Martin Smith <[email protected]>
Warn when a firewall_rule resource appears to be opening all traffic. This should help avoid ina...
cd3ed9036c555678f0a5bc3123b062e2afa2ebb3 authored over 8 years ago by Martin Smith <[email protected]>e429c99d96384ba9dbc6254dfbcd67062421f894 authored over 8 years ago by Tim Smith <[email protected]>
Fix notify_firewall attribute crashing firewall_rule provider when set to false.
9ac90377c2d7473917978afef3623ac928ee4b98 authored over 8 years ago by Martin Smith <[email protected]>to false.
* firewall_rule.notify_firewall if set to False crashes the provider
because the code...
protocol guard incorrectly prevents "none" protocol type on UFW helper.
8863b973b9bde71e66fb0fb20959af93d6863d59 authored over 8 years ago by Martin Smith <[email protected]>209ece67721b36aef8bb857d567cfe507773c6d7 authored almost 9 years ago by Jason J. W. Williams <[email protected]>
Check the value, then use port_to_s, not the other way around.
771835c68fba1dab9e149771ed9ed30707989853 authored almost 9 years ago by Martin Smith <[email protected]>2008ac75274cb0a5bff47965be9aa1ed0055eb85 authored almost 9 years ago by Martin Smith <[email protected]>
We shouldn't reference `source_interface`, since that doesn't exist.
Fixes #123.
af73c9eb671d532e4fd66e4b029e7166b1d4c8f8 authored almost 9 years ago by Martin Smith <[email protected]>e9fc73b16940a06a39ce2b35cd8dda59395c7124 authored almost 9 years ago by Martin Smith <[email protected]>
This adds support for the firewall rules required for using the [mobile
shell](https://mosh.mit....
When passing in a port, our string-ifying helper function was modifying the variable if it happe...
8136c429fdabd9a8ee8594b3745106bd5b65eb15 authored almost 9 years ago by Martin Smith <[email protected]>3690636116e7756c1f12f82476ed1613d69d8ef4 authored almost 9 years ago by Martin Smith <[email protected]>
Example should have had `command :allow`, as :allow is no longer an action.
77800f8f72ebf8ecef608f8f1e8bc5ff0123bbf8 authored almost 9 years ago by Martin Smith <[email protected]>51587739ad99c0b81b19197c32a692e6742c07f1 authored almost 9 years ago by Martin Smith <[email protected]>
f33312d5d26b763b2ae7b6503fe632b2badd52a3 authored almost 9 years ago by Martin Smith <[email protected]>
This is a backwards compatible new feature to override the default ruleset, or add additional ru...
af2c17c59241590001dc09333cf0f4444989ac6b authored almost 9 years ago by Martin Smith <[email protected]>Because of some legacy code that was fixed, we had two variables that represented the same value...
c155b7329a8b95be0360358bba8103024989f1b7 authored almost 9 years ago by Martin Smith <[email protected]>
This adds support to the ufw provider so that it actually supports the
:raw command as currently...
9635780856f6c021a89995b09fbc22e3cf4b2836 authored almost 9 years ago by Andrew Burns <[email protected]>
- Rubocop had some new complaints from the latest release. Fixing those.
a30b8430e1a3a4b2a771dcfcbd78a86e577b024d authored almost 9 years ago by Martin Smith <[email protected]>9f30d2fbc6889c449048193cd34f332d1db359be authored almost 9 years ago by Martin Smith <[email protected]>
812b2b5b944e74676a945b18d3f1c163c6db078d authored almost 9 years ago by Martin Smith <[email protected]>
Ensure we support raw rules on ufw, add tests for it as well.
Fixes #113.
53f3fca0299a36641b9f1562761d42e3d080daca authored almost 9 years ago by Martin Smith <[email protected]>3536a3b36ba617977c9693acc7dbd31d57764af6 authored almost 9 years ago by Martin Smith <[email protected]>
We should be checking the iptables command, not the resource action here.
RE: #112
9080c913e0be04e74d1eb9c0baee45170b23d746 authored almost 9 years ago by Martin Smith <[email protected]>- Instead of accumulating the firewall rules as each `firewall_rule` resource's action fires, ac...
c6f5bf99a0ebe7f5595706bebda315b0e88f157e authored almost 9 years ago by Martin Smith <[email protected]>Fix the `port_to_s` function so it also works for Windows
eb0e6345dc53a4e3eac679b2ae4c1b810b96e48e authored about 9 years ago by Martin Smith <[email protected]>ec52c734fc4c07f095a98aa75537ee913a5dc47e authored about 9 years ago by Sander van Harmelen <[email protected]>
Add proper Windows support & serverspec tests.
76d8017d267fd903c4945b2855019611fa1be761 authored about 9 years ago by Martin Smith <[email protected]>Add a flag for 'enabled' to make it easier to understand the logic on the firewall resource. We'...
6b5ebc884d25b922382e2d5bead8e4ef20ef02c9 authored about 9 years ago by Martin Smith <[email protected]>- Rename `persistent` to `permanent` to match the firewalld name, and scope the attribute under ...
d36337edff6655320022f156e137d045949cd818 authored about 9 years ago by Martin Smith <[email protected]>Added persistent option defaulted to true to allow --permament auto a…
eefad6ab12d8f60d63036ebb5b5d90d90abc64af authored about 9 years ago by Martin Smith <[email protected]>0cebd39f7d778ce7b475b1a15a5e433664a726c6 authored about 9 years ago by jasonmcintosh <[email protected]>
ec93e9e81894ea6d0c2f25cd775845e6c8a463db authored about 9 years ago by jasonmcintosh <[email protected]>
ebd36656ed19450f7cb1bee9551d9262026c05a9 authored about 9 years ago by jasonmcintosh <[email protected]>
Fixed the issue creating a firewall rule for windows with 'program' set to 'any' is invalid
e3a65c0586f7a25b25ad6c617b824cd0d964a0f1 authored about 9 years ago by Martin Smith <[email protected]>Add support for using iptables in RHEL 7
e408c1c40f9a82171d89572808d29ff8b1881581 authored about 9 years ago by Martin Smith <[email protected]>ee437c7cfe2a71cdc927526bb8a05a97fad892f3 authored about 9 years ago by strawhatboy <[email protected]>
Fix 'Any' program for windows firewall
bf1cc84572ee73f0c98ee1965578aef624aaddd5 authored about 9 years ago by strawhatboy <[email protected]>Windows adv firewall consider no 'program' parameter specified as the 'Any' option:
Usage: ad...
0ad591ef31af1532dfbcdda9a0d3f2d6dc5882cb authored about 9 years ago by strawhatboy <[email protected]>e45fdb83542e97dc14c85461ff4135f7d0a9acfd authored about 9 years ago by Daniel Silverman <[email protected]>
2211691b02f5a87a437dee70511da3990ef8c2be authored about 9 years ago by Martin Smith <[email protected]>
In ipv6, ICMP is required for all kinds of basic functionality. Unless someone has overriden `al...
4353695da89c6686354e8b0d554264b112f5f3bb authored about 9 years ago by Martin Smith <[email protected]>7278d0ed2ecc91d2932fc39dd2ab2bf4ddfccd9e authored about 9 years ago by Tim Smith <[email protected]>
b515582ffa33dcb23df10b437a5d3726e07dbd20 authored about 9 years ago by Tim Smith <[email protected]>
- Rubocop doesn't like !!
- Berkshelf 3.x has compatibility issues with Faraday/Ridley atm.
f1f0f2e136142eeff2135c87de41003ccfc9a657 authored about 9 years ago by Tim Smith <[email protected]>
6fb5096c2d0705d26cc8e5c2cdcc12fd4e4241c1 authored about 9 years ago by Tim Smith <[email protected]>
b145efc06d2bdfd39994b2fc6f2aff563b77441b authored about 9 years ago by Tim Smith <[email protected]>
53435d52b15231648bcbed29e4b198ede86566c0 authored about 9 years ago by Tim Smith <[email protected]>
7715f54e163cbfdfa9bd2aa425b459524138b944 authored about 9 years ago by Martin Smith <[email protected]>
Ensure all of the distros/versions and provides blocks yield exactly one provider, no more.
RE:...
682d523771890d308dffdf8a9d2c99d19f840173 authored about 9 years ago by Martin Smith <[email protected]>Also ensure firewalld_rule is not attempted on el6
fbe3e8cc6c8d47508e14e7144689aee356438f0a authored about 9 years ago by Martin Smith <[email protected]>62b42f769c568e69057cfba4f9aa21fbecbcf7e8 authored about 9 years ago by Glen Mailer <[email protected]>
Ensure firewalld is not attempted on el6
d24f3c9c619cfc66772fdbfa50dc7bca9e9c4a98 authored about 9 years ago by Martin Smith <[email protected]>4e4ff5e1181d1457fddc7d407b0befec6914ac12 authored about 9 years ago by Glen Mailer <[email protected]>
Update docs references to :enabled action
81b3781dfda0645c0fb55516ea3dfc0b16f2e916 authored about 9 years ago by Martin Smith <[email protected]>a2bb94cc128c4d8ded51237755656687a156c386 authored about 9 years ago by Glen Mailer <[email protected]>
2414fe1a20619ab5ec5fbb690876116b5557f519 authored about 9 years ago by Martin Smith <[email protected]>
- Foodcritic wanted node['platform_version'] vs. :platform_version
- Add back require_relative o...
- Allow override of default iptables' filter chain's default policy, fixes #94
- Fix test-kitche...
ee0f8977fd93095a880c380286b628996d6d8c04 authored over 9 years ago by Martin Smith <[email protected]>
Fixes #92 where firewall_rule misses '--to-ports'
1624d2169e28905cf8ba3666c90a3054a7c8c41a authored over 9 years ago by Martin Smith <[email protected]>Be sure we initialize ipv6 and ipv4 hash keys regardless of using them or not.
Fixes #91.
0c42c217422244e46ca922c4b60a521803bc2adb authored over 9 years ago by Martin Smith <[email protected]>Per #91, add an attribute for disabling ipv6, so folks don't have to resort to resource cloning ...
c3b6cd33637c4a8bd521cbf0c790ea46d1c07084 authored over 9 years ago by Martin Smith <[email protected]>a3d43396bcae051e6afb5c39a783823a76955da0 authored over 9 years ago by Thomas Pike <[email protected]>
66502e222027d192efd293039007d087991e8c83 authored over 9 years ago by Tim Smith <[email protected]>
8065c8a5d33e5c2021bc72cf23af92f4904ebafe authored over 9 years ago by Tim Smith <[email protected]>
d639184e20b283c025c82f7693b2a2a6eed70cb7 authored over 9 years ago by Tim Smith <[email protected]>
95f322be1a6065f3ec42f386b4f654adc5b1aec9 authored over 9 years ago by Tim Smith <[email protected]>
3420cc853a615f1ebf7250b7b523dff757601a26 authored over 9 years ago by Tim Smith <[email protected]>
5fcb7dd81c1267e592945ee1d63abf090a7336e4 authored over 9 years ago by Tim Smith <[email protected]>
03d7941a2e2e9809d87656d895eed6d23932b7f4 authored over 9 years ago by Tim Smith <[email protected]>
a29ee0714e4c456837885b8900d07f0ddef680de authored over 9 years ago by Tim Smith <[email protected]>
6c87861c08947181c577fc8b2ac18bcad18d8bf5 authored over 9 years ago by Tim Smith <[email protected]>
5cf877f83f0513ffd2cb2ffc3a08f84805e50ec9 authored over 9 years ago by Tim Smith <[email protected]>
42ebcf7e98eb42827ab0ef859e2bd6789bc59ed7 authored over 9 years ago by Tim Smith <[email protected]>
0099204dacc683ceb05774d4a5aa16402bc7b27f authored over 9 years ago by Tim Smith <[email protected]>
e6e9b6c51fe56bd6a90c56c9dfa2b6b4ea754dea authored over 9 years ago by Tim Smith <[email protected]>