Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / manifests / rules @ 467ea4e2

# Date Auteur Commentaire
31b17627 2020-12-07 11:18 Steve Traylen

Use single line for each parameter definition
11bf7237 2020-12-07 09:51 Steve Traylen

lint_fix results
5210e023 2020-12-01 05:42 Dan van der Ster

Add NFS-related rules

Signed-off-by: Dan van der Ster <>
bbc93ede 2020-12-01 04:33 Dan van der Ster

Add ceph related rules

Signed-off-by: Dan van der Ster <>
79e9a23f 2020-11-21 03:10 Nacho Barrientos

Move ICMP stuff to separate classes
9785cd54 2020-11-18 11:02 Steve Traylen

lint fix
215aee13 2020-11-18 07:18 Steve Traylen

Add kerberos out and openafs_client out
f3f2870f 2020-11-18 07:18 Steve Traylen

Add rules for afs3_callback

In particular the afs callback to the cache manager(7001) which is UDP and always
IPv4 since there OpenAFS does not support IPv6.

https://wiki.openafs.org/devel/AFSServicePorts/
43566263 2020-11-15 10:47 Nacho Barrientos

Add rules for outgoing and incoming DHCPv6 client traffic
e5eb7424 2020-11-05 16:37 tr

Allow to specify prometheus source addresses
e73f2e97 2020-10-28 15:53 tr

Fix rule node exporter
8227cb1c 2020-10-28 15:50 tr

Manage rule in dns
cb50fd79 2020-10-28 15:47 tr

Add rule in node_exporter
e17693e3 2020-10-20 08:29 Steve Traylen

New parameter out_all, default false

In order to allow all outbound traffic a parameter is
added to enable a simple `allow` entry on the out chain.

Default is false so backwards compatible.

If true all the other out_bound rules (ntp, ...) will be disabled...
25205881 2020-10-14 12:15 tr

Fix rule puppet out
4db4422a 2020-10-13 14:24 tr

Add http and https
a6316327 2020-08-31 06:51 tr

Use enum instead of pattern for proto
3d29a6eb 2020-08-31 06:13 tr

Add a rule to create snat
2a3b45ec 2020-08-31 05:38 tr

Add a define for masquerading
7cc88e25 2020-08-30 11:08 tr

Linting
ba5e15bd 2020-08-30 11:04 tr

Add rules for OSPF
351a88fb 2020-08-30 10:49 tr

Add a define for ipv4 dnat
2e704fc9 2020-08-30 07:09 mh

add new rules
c02d1b07 2020-08-30 06:31 mh

add a few more rules
8efbdf9a 2020-08-29 19:05 tr

Refactoring
d4de1bfe 2020-08-29 09:39 tr

Allow to set a list of dns servers
a98c98d4 2020-08-29 09:26 tr

Add in/out rules for Tor
40b19655 2020-08-29 09:25 tr

Add a in rule for icinga2
df2679aa 2020-08-29 09:24 tr

Add in rule for puppet
ca24c673 2020-08-29 09:23 tr

Add in/out rules for wireguard
223f3c54 2020-08-29 09:20 tr

Add a rule for dhcpc
188e569f 2020-08-29 09:14 tr

Remove out rule ntp

Duplicate to chrony, but chrony allows every sport (which is required by
chrony).
ee1cf60a 2020-08-29 09:12 mh

add outgoing puppet
cd664666 2020-08-29 08:55 tr

Allow http by default

CentOS mirrors are only available over http.
0c850704 2020-08-29 08:28 tr

Add a class for outgoing ntp
c5ff0cc5 2020-08-29 08:28 tr

Add a class for outgoing https
9da28f8c 2020-08-29 08:28 tr

Add a class for outgoing dns
0ba57c66 2020-08-29 05:50 mh

initial release