firewalld2iptables

A Puppet module to replace firewalld with iptables

Gene Liverman

genebean

16,877 downloads

7,259 latest version

3.6 quality score

Version information

  • 0.2.0 (latest)
  • 0.1.2
  • 0.1.0
released Feb 24th 2017
This version is compatible with:
  • Puppet Enterprise 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 2.7.0 < 5.0.0
  • RedHat
    ,
    CentOS

Start using this module

Documentation

genebean/firewalld2iptables — version 0.2.0 Feb 24th 2017

Puppet Forge GitHub tag

firewalld2iptables

Table of Contents

  1. Overview
  2. Parameters
  3. Usage
  4. Limitations
  5. License
  6. Contributing

Overview

This module takes care of performing the conversion described at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html#sec-Using_iptables

Parameters:

manage_package

Installs the iptables-services package when true, which is the default value.
type: boolean

iptables_ensure

This value is passed to the ensure key of the resource. This should be 'present' or 'latest'. The default value is 'present'.

iptables_enable

Determines if iptables is enabled. Defaults to true.
type: boolean

ip6tables_enable

Determines if ip6tables is enabled. Defaults to true.
type: boolean

Usage:

Simple usage:

include ::firewalld2iptables

In manifests that also utilize puppetlabs-firewall or other methdods of configuring iptables you need to ensure that this is run first. To do that, just change the include line to require like so:

require ::firewalld2iptables

Manage the iptables-services package elsewhere

class { '::firewalld2iptables': $manage_package => false, }

Limitations

This module is targeted at systems that are known to include firewalld. Right now, that is solely the Red Hat 7 family of OS's. Contributions to expand coverage to other OS's are welcome.

License

This is released under the New BSD / BSD-3-Clause license. A copy of the license can be found in the root of the module.

Contributing

Pull requests are welcome!