Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / REFERENCE.md @ 50a5be8b

Historique | Voir | Annoter | Télécharger (56,6 ko)

# Date Auteur Commentaire
50a5be8b 2023-08-26 18:05 Tim Meusel

Add rule for incoming SSDP
3b26826f 2023-08-25 19:07 Tim Meusel

Add rule for incoming LLMNR
6b350264 2023-08-19 16:22 Tim Meusel

Add rule for outgoing multicast DNS
e499cece 2023-08-19 15:52 Tim Meusel

Add rule for multicast listener requests (MLDv2)
ad3dbd7d 2023-08-18 10:40 Ewoud Kohl van Wijngaarden

Rewrite mdns rules to limit to multicast and allow IPv6

This limits the mdns listener to only listen on multicast addresses with
port 5353. One rule for IPv4 and one for IPv6, each controllable with a
parameter.

The generic 5353 to 5353 rule is dropped since it's redundant when I...
a8bf4ad5 2023-08-17 22:02 Romain Tartière

Regenerate REFERENCE.md
020842af 2023-08-09 20:00 Tim Meusel

Add rules for IGMP
5ffd0328 2023-08-09 19:11 Tim Meusel

Add rule to allow multicast DNS
8b131276 2023-08-09 18:53 Tim Meusel

Add rule to allow incoming spotify broadcast
80b384c8 2023-08-09 17:57 Tim Meusel

Add rule to allow incoming multicast traffic
ea29e235 2023-06-19 12:58 Simon Hoenscheid

add ldap and active directory rules
8db66304 2023-05-10 02:54 Steve Traylen

Refresh REFERENCE
c24d3118 2023-03-23 09:15 Tim Meusel

Regenerate REFERENCE.md
7030bde0 2023-03-23 05:28 Luis Fernández Álvarez

Add bridge as a valid family for chain tables
a1f09048 2022-10-24 16:59 Tim Meusel

Add class for outgoing HKP firewalling
331b8d85 2022-09-01 05:22 Steve Traylen

New nftables::file type to include raw file

For example:

```puppet
nftables::file{'geoip':
content => "include \"/files/geoipsets/dbip/*.ipv4\"\n",
}
```

will right a file or content into the nftables configuration.

The file written will be included in configuration....
3b8f5945 2022-08-26 08:33 Steve Traylen

Release 2.5.0
7937a13b 2022-07-11 04:18 Tim Meusel

chrony: Allow filtering for outgoing NTP servers
2b1896c1 2022-07-10 06:42 Tim Meusel

Add rule to allow outgoing whois queries
194e05d5 2022-07-07 08:53 Tim Meusel

Add class for outgoing PXP connections
7f74df2e 2022-07-07 08:10 Tim Meusel

Add class for pxp-agent firewalling
821ec83a 2022-07-06 08:37 Tim Meusel

Release 2.3.0
8842a597 2022-07-05 08:23 Tim Meusel

make path to `nft` binary configureable
d0a1ffef 2022-02-27 12:03 hashworks

Prepare release 2.2.0
2063deaf 2022-02-26 09:19 hashworks

Fix typos in initial reference examples
b02d6ea9 2021-09-14 02:57 Nacho Barrientos

Prepare release 2.1.0
c94658e1 2021-07-06 11:46 Nacho Barrientos

Allow declaring the same set in several tables

Closes #100
7b9d6ffc 2021-05-31 04:42 Nacho Barrientos

Allow creating a totally empty firewall

By setting `nftables::inet_filter` and `nftables::nat` to `false`
users can now start off from a totally empty firewall and add the
tables, chains and rules they'd like.

The default skeleton for inet-filter, ip-nat and ip6-nat is kept...
804b96e4 2021-03-25 07:53 Nacho Barrientos

Prepare release 1.3.0
cd2a3cbf 2021-03-25 03:30 Nacho Barrientos

Add rules for QEMU/libvirt guests
771b3256 2021-03-15 09:59 Nacho Barrientos

Add rules for Apache ActiveMQ
13f26dfc 2021-01-26 07:17 Nacho Barrientos

Improve nftables::rule's documentation (#68)
19908f41 2021-01-18 14:07 mh

add some mail related outgoing rules
09cba182 2021-01-18 10:36 Steve Traylen

Enable parameter_documentation lint

The linter checks that every parameter has been documented.

While corrections have been made to great many classes some more
complicated examples have been left for now. Should be updated
as the files get touched.

https://github.com/domcleal/puppet-lint-param-docs
8c00b818 2021-01-18 07:37 Nacho Barrientos

Pull up rule regexp to type aliases
6a4ffead 2021-01-13 11:10 Nacho Barrientos

Align simplerule and rule rulename requirements
bc1b0f1a 2020-12-15 05:07 Steve Traylen

Release 1.0.0 (#49)

  • Release 1.0.0

Co-authored-by: duritong <>
13f4e4c6 2020-12-14 03:06 Steve Traylen

Docs for nftables::set
b46c9ce9 2020-12-10 06:53 Nacho Barrientos

Remove a blank separating the doc string and the code

Otherwise the generator of the docs does not do the job :/
4d63adda 2020-12-09 11:45 Nacho Barrientos

Refresh REFERENCE
b9785000 2020-12-09 09:42 Steve Traylen

Correct layout of ignore chain example
7f6cacc5 2020-11-27 04:01 Steve Traylen

Refresh REFERENCE
e17693e3 2020-10-20 08:29 Steve Traylen

New parameter out_all, default false

In order to allow all outbound traffic a parameter is
added to enable a simple `allow` entry on the out chain.

Default is false so backwards compatible.

If true all the other out_bound rules (ntp, ...) will be disabled...