sitefirewall

A module to provide the nessasary classes required by puppetlabs/firewall
Dan Foster

Dan Foster

danfoster

10,526 downloads

9,979 latest version

4.6 quality score

Version information

  • 0.1.2 (latest)
  • 0.1.1
  • 0.1.0
released Jul 3rd 2019
This version is compatible with:
  • RedHat
    ,
    CentOS
    ,
    OracleLinux
    ,
    Scientific
    ,
    SLES
    ,
    Debian
    ,
    Ubuntu

Start using this module

Documentation

danfoster/sitefirewall — version 0.1.2 Jul 3rd 2019

sitefirewall

Travis CI

Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with sitefirewall
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module

Overview

This module provides sensible defaults for extra classes as required for puppetlabs/firewall.

Module Description

This module defines defeaults for pre and post firewall rules. These are:

  • Allow IMCP
  • Allow all traffic to local (lo) interface
  • Allow RELATED and ESTABLISHED connections
  • Drop all other traffic

Setup

What sitefirewall affects

This module depends on puppet/firewall and therefore affects the following:

  • Every node running a firewall
  • Firewall settings in your system
  • Connection settings for managed nodes
  • Unmanaged resources (get purged)

Usage

Include sitefirewall to get started:

class { '::sitefirewall' }

Then you are able to use firewall rules as described on the (puppetlabs/firewall)[https://forge.puppetlabs.com/puppetlabs/firewall#usage] page.

Hiera

Firewall rules can also be defined in hiera using the firewall key .e.g.:

firewall:
  '10 accept SSH':
    port: 22
    proto: tcp
    action: accept

Development

Pull requests are gratefully received.