fwknop

pdk
Install and configure fwknop-server

280 downloads

127 latest version

3.1 quality score

Version information

  • 1.0.2 (latest)
  • 1.0.1
  • 1.0.0
  • 0.1.0
released Oct 1st 2024
This version is compatible with:
  • Puppet Enterprise 2025.4.x, 2025.3.x, 2025.2.x, 2025.1.x, 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2021.7.x
  • Puppet >= 7.24 < 9.0.0
  • Debian
    ,
    Ubuntu

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'mlibrary-fwknop', '1.0.2'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add mlibrary-fwknop
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install mlibrary-fwknop --version 1.0.2

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

mlibrary/fwknop — version 1.0.2 Oct 1st 2024

fwknop

Table of Contents

  1. Description
  2. Usage - Configuration options and additional functionality
  3. Limitations - OS compatibility, etc.

Description

Install and manage the configuration for fwknop-server.

Usage

# By default, fwknop will just set PCAP_INTF to the
# networking.primary fact.
include fwknop

fwknop::access { 'bob':
  source                    => 'ANY',
  open_ports                => 'tcp/22, tcp/993',
  require_username          => 'bob',
  require_source_address    => true,
  fw_access_timeout_seconds => 30,
  key_base64                => Sensitive('kgohbCga6D5a4YZ0dtbL8SEVbjI1A5KYrRvj0oqcKEk='),
  hmac_key_base64           => Sensitive('Zig9ZYcqj5gYl2S/UpFNp76RlD7SniyN5Ser5WoIKM7zXS28eptWtLcuxCbnh/9R+MjVfUqmqVHqbEyWtHTj4w=='),
}

fwknop::access { 'alice':
  source                    => 'ANY',
  gpg_remote_id             => '7234ABCD',
  gpg_decrypt_id            => 'EBCD1234',
  gpg_allow_no_pw           => true,
  require_source_address    => true,
  require_username          => 'alice',
  fw_access_timeout_seconds => 30,
  hmac_key_base64           => Sensitive('STQ9m03hxj+WXwOpxMuNHQkTAx/EtfAKaXQ3tK8+Azcy2zZpimzRzo4+I53cNZvPJaMBfXjZ9NsB98iOpHY7Tg=='),
}

fwknop::access { 'john':
  source                    => '3.3.3.0/24, 4.4.0.0/16',
  open_ports                => 'tcp/80',
  require_username          => 'john',
  require_source_address    => true,
  fw_access_timeout_seconds => 300,
  key_base64                => Sensitive('bOx25a5kjXf8/TmNQO1IRD3s/E9iLoPaqUbOv8X4VBA='),
  hmac_key_base64           => Sensitive('i0mIhR//1146/T+IMxDVZm1gosNVatvpqpCfkv4X6Xzv4E3SHR6AivCCWk/K/uLDpymyJr95KdEkagfGU4o5yw=='),
}

Limitations

Currently only compatible with latest ubuntu and debian.