Forge Home


Manages SuSEfirewall2 in /etc/sysconfig/SuSEfirewall2


9,269 latest version

0.4 quality score

Version information

  • 0.3.0 (latest)
  • 0.2.1
  • 0.2.0
  • 0.1.0
released Jul 17th 2014
This version is compatible with:
  • Puppet 3.x
  • OpenSuSE

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'sharumpe-susefirewall2', '0.3.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add sharumpe-susefirewall2
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install sharumpe-susefirewall2 --version 0.3.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



sharumpe/susefirewall2 — version 0.3.0 Jul 17th 2014


This module is intended to perform the "most common" settings in SuSEfirewall2 on OpenSuSE 13.1.

These include:

"Allowed Services": both pre-defined and advanced (as referenced in YaST2 - firewall) "Custom Rules": See YaST2's help for allowed values.

All rules are done for the "Ext" zone.

This is provided as-is, YMMV. If you're in Vagrant, make sure to include at least "sshd" in the services.


Allow a pre-defined service such as "sshd":

susefirewall2::ext_service { 'allow_sshd': service => 'sshd' }

Allow non-standard tcp or udp ports:

susefirewall2::ext_port { 'allow_tcp_8080': type => 'tcp', port => '8080', } susefirewall2::ext_port { 'allow_udp_1234': type => 'udp', port => '1234', }

Allow tcp port 8443 from 192.168.1.*:

susefirewall2::custom { 'allow_tcp_to_8443_from_192.168.1.*': source => '', type => 'tcp', destport => '8443', }

Allow traffic from udp port 25 on 192.168.2.*:

susefirewall2::custom { 'allow_udp_from_25_from_192.168.2.*': source => '', type => 'udp', srcport => '25', }


If you send email, please include "sharumpe-susefirewall2" in the subject line.