tcpwrappers

pdk
Manages tcpd/tcpwrappers in /etc/hosts.allow and /etc/hosts.deny.

Tim

sharumpe

50,452 downloads

5,829 latest version

4.5 quality score

Version information

  • 1.0.4 (latest)
  • 1.0.3
  • 1.0.2
  • 1.0.1
  • 1.0.0
  • 0.1.0
released Sep 4th 2018
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0
  • CentOS
    ,
    OpenSuse
    ,
    OracleLinux
    ,
    Ubuntu

Start using this module

Documentation

sharumpe/tcpwrappers — version 1.0.4 Sep 4th 2018

tcpwrappers

This is a tcpwrappers module intended to configure simple allow/deny rules.

This is provided as-is, YMMV. If you're in Vagrant, make sure to include at least an allow for the "sshd" service.

NOTE

Though the defaultAllowAll and defaultDenyAll are still included, they should be considered deprecated, and will be removed in the next release.

Code should be changed to use default_allow_all and default_deny_all instead.

Examples

Just include the module:

include tcpwrappers

Include the module, and create "allow all" or "deny all" defaults: (Note: these rules will not be removed if you define other allow or deny rules.)

class { 'tcpwrappers':
  default_deny_all => true,
}

Allow a service from an address/range (if not using default_allow_all):

tcpwrappers::allow { 'local_sshd':
  service => 'sshd',
  address => '192.168.1.0/24',
}

Deny a service from an address/range (if not using default_allow_all):

tcpwrappers::deny { 'local_ftp':
  service => 'ftpd',
  address => '192.168.2.0/255.255.255.0',
}

Use a wildcard (ALL, LOCAL, UNKNOWN, KNOWN, PARANOID):

tcpwrappers::allow { 'local_httpd':
  service => 'httpd',
  address => 'LOCAL',
}

Contact

nospam@macwebb.com

If you send email, please include "sharumpe-tcpwrappers" in the subject line.