Forge Home

sitefirewall

A module to provide the nessasary classes required by puppetlabs/firewall

11,426 downloads

10,834 latest version

4.6 quality score

Version information

  • 0.1.2 (latest)
  • 0.1.1
  • 0.1.0
released Feb 17th 2015
This version is compatible with:
  • , , , , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'danfoster-sitefirewall', '0.1.2'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add danfoster-sitefirewall
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install danfoster-sitefirewall --version 0.1.2

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

danfoster/sitefirewall — version 0.1.2 Feb 17th 2015

sitefirewall

Travis CI

Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with sitefirewall
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module

Overview

This module provides sensible defaults for extra classes as required for puppetlabs/firewall.

Module Description

This module defines defeaults for pre and post firewall rules. These are:

  • Allow IMCP
  • Allow all traffic to local (lo) interface
  • Allow RELATED and ESTABLISHED connections
  • Drop all other traffic

Setup

What sitefirewall affects

This module depends on puppet/firewall and therefore affects the following:

  • Every node running a firewall
  • Firewall settings in your system
  • Connection settings for managed nodes
  • Unmanaged resources (get purged)

Usage

Include sitefirewall to get started:

class { '::sitefirewall' }

Then you are able to use firewall rules as described on the (puppetlabs/firewall)[https://forge.puppetlabs.com/puppetlabs/firewall#usage] page.

Hiera

Firewall rules can also be defined in hiera using the firewall key .e.g.:

firewall:
  '10 accept SSH':
    port: 22
    proto: tcp
    action: accept

Development

Pull requests are gratefully received.