Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / manifests @ e4c32222

# Date Auteur Commentaire
e4c32222 2020-11-13 09:55 Nacho Barrientos

Use concat for table conf generation

This way other components of the module will be able to add extra stuff
to the table definitions like sets.
18ec6f48 2020-11-05 16:43 tr

Fix rulenames which includes an index

The rulename has a regex pattern `[/^[a-zA-Z0-9_]+-[a-zA-Z0-9_]+(\d+)?$/]`
which allows an index at the end of the rulename (with a delimiter).
This is split later with `$data = split($rulename, '')` but the content...
e5eb7424 2020-11-05 16:37 tr

Allow to specify prometheus source addresses
e73f2e97 2020-10-28 15:53 tr

Fix rule node exporter
8227cb1c 2020-10-28 15:50 tr

Manage rule in dns
cb50fd79 2020-10-28 15:47 tr

Add rule in node_exporter
248ef9d5 2020-10-28 14:40 tr

Add basic ip6 nat chains
579e27df 2020-10-27 02:22 tr

Fix the regex for bridge names
2c00d766 2020-10-27 02:22 tr

Replace dashes with underlines

Docker daemon bridges contains dashes, replace them with underlines to
fit the naming concept.
66ed7f61 2020-10-26 02:15 mh

migrate create_resource to the generic loop over hash approach

create_resource is notorious for not providing exact line/file info
when something fails. Since in puppet you can now loop over hashes
and you have the splat assignment operator. This means you get much...
fd0eaeca 2020-10-24 06:02 tr

Add class bridges

Allow traffic from any bridge to itself by default
c1224db5 2020-10-23 13:47 tr

Move filter rules to inet_filter class
b3a7a6dd 2020-10-23 13:46 tr

Allow to inject custom rules
e17693e3 2020-10-20 08:29 Steve Traylen

New parameter out_all, default false

In order to allow all outbound traffic a parameter is
added to enable a simple `allow` entry on the out chain.

Default is false so backwards compatible.

If true all the other out_bound rules (ntp, ...) will be disabled...
a074dec2 2020-10-14 12:23 tr

Allow index numbers
25205881 2020-10-14 12:15 tr

Fix rule puppet out
4db4422a 2020-10-13 14:24 tr

Add http and https
a6316327 2020-08-31 06:51 tr

Use enum instead of pattern for proto
3d29a6eb 2020-08-31 06:13 tr

Add a rule to create snat
2a3b45ec 2020-08-31 05:38 tr

Add a define for masquerading
7cc88e25 2020-08-30 11:08 tr

Linting
ba5e15bd 2020-08-30 11:04 tr

Add rules for OSPF
351a88fb 2020-08-30 10:49 tr

Add a define for ipv4 dnat
af544fea 2020-08-30 09:15 tr

Create a special ingoing chain for all ingoing fwd rules
b01596ea 2020-08-30 08:46 tr

Rename file filter to inet-filter
f02562f2 2020-08-30 07:18 tr

Stop and mask firewalld service
2e704fc9 2020-08-30 07:09 mh

add new rules
c02d1b07 2020-08-30 06:31 mh

add a few more rules
c8092701 2020-08-30 06:17 tr

Split init class
c8894978 2020-08-30 06:09 tr

Use default
38a67c59 2020-08-30 05:45 tr

Rewrite ip-nat to concat
5df9303f 2020-08-30 05:24 tr

Replace filter with inet-filter
8efbdf9a 2020-08-29 19:05 tr

Refactoring
a04bdb5e 2020-08-29 13:24 tr

Add a newline to filter chains
f6848bb8 2020-08-29 13:01 tr

Explicitly set ensure file
5acb554a 2020-08-29 12:06 tr

Write some spec tests for init class
e140adff 2020-08-29 10:46 tr

Linting
5933ab8e 2020-08-29 10:14 tr

Set NAT only for IPv4
d4de1bfe 2020-08-29 09:39 tr

Allow to set a list of dns servers
a98c98d4 2020-08-29 09:26 tr

Add in/out rules for Tor
40b19655 2020-08-29 09:25 tr

Add a in rule for icinga2
df2679aa 2020-08-29 09:24 tr

Add in rule for puppet
ca24c673 2020-08-29 09:23 tr

Add in/out rules for wireguard
223f3c54 2020-08-29 09:20 tr

Add a rule for dhcpc
188e569f 2020-08-29 09:14 tr

Remove out rule ntp

Duplicate to chrony, but chrony allows every sport (which is required by
chrony).
ee1cf60a 2020-08-29 09:12 mh

add outgoing puppet
cd664666 2020-08-29 08:55 tr

Allow http by default

CentOS mirrors are only available over http.
be0b08e1 2020-08-29 08:28 tr

Apply a base firewall

Allow all services to install updates and manage the node.
0c850704 2020-08-29 08:28 tr

Add a class for outgoing ntp
c5ff0cc5 2020-08-29 08:28 tr

Add a class for outgoing https
9da28f8c 2020-08-29 08:28 tr

Add a class for outgoing dns
a534e044 2020-08-29 08:21 mh

fix naming
0ba57c66 2020-08-29 05:50 mh

initial release