Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / spec / acceptance / all_rules_spec.rb @ a528bf59

Historique | Voir | Annoter | Télécharger (5,74 ko)

# Date Auteur Commentaire
a528bf59 2024-06-27 06:33 Steve Traylen

New clobber_default_config paramter

Certain OSes namely Debian and Archlinux provide default rules
with the OS.

This module has always respected those rules and appended all of
its own rules to the end of the existing rules.

The new parameter `clobber_default_config` if set `true` (default `false`)...
8bc8fe98 2024-06-27 06:12 Steve Traylen

Accept on Debian 11 nftables::set will fail

On Debian 11 adding an nftables set triggers a bug:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063690

move the `nftables::set` tests out to their own test which makes sense
anyway and mark as pending for Debian 11.
08b9f1d0 2023-11-22 03:53 Steve Traylen

Additional rules for podman root containers

This class defines additional forwarding rules to let root containers
reach external networks when using Netavark (since v4.0) or CNI (deprecated).
At the time of writing, Podman supports automatic configuration...
baad986e 2023-11-16 19:10 Vadym Chepkov

add ftp helper

This adds ability to enable a connection tracker helper and provides typical ftp rules

Co-authored-by: Vadym Chepkov <>
Co-authored-by: Yury Bushmelev <>
ffc8b86f 2023-08-26 18:20 Tim Meusel

Add nftables rules for ws-discovery
50a5be8b 2023-08-26 18:05 Tim Meusel

Add rule for incoming SSDP
3b26826f 2023-08-25 19:07 Tim Meusel

Add rule for incoming LLMNR
6b350264 2023-08-19 16:22 Tim Meusel

Add rule for outgoing multicast DNS
e499cece 2023-08-19 15:52 Tim Meusel

Add rule for multicast listener requests (MLDv2)
020842af 2023-08-09 20:00 Tim Meusel

Add rules for IGMP
5ffd0328 2023-08-09 19:11 Tim Meusel

Add rule to allow multicast DNS
8b131276 2023-08-09 18:53 Tim Meusel

Add rule to allow incoming spotify broadcast
80b384c8 2023-08-09 17:57 Tim Meusel

Add rule to allow incoming multicast traffic
ea29e235 2023-06-19 12:58 Simon Hoenscheid

add ldap and active directory rules
a1f09048 2022-10-24 16:59 Tim Meusel

Add class for outgoing HKP firewalling
2b1896c1 2022-07-10 06:42 Tim Meusel

Add rule to allow outgoing whois queries
194e05d5 2022-07-07 08:53 Tim Meusel

Add class for outgoing PXP connections
7f74df2e 2022-07-07 08:10 Tim Meusel

Add class for pxp-agent firewalling
008c95d7 2022-07-06 02:31 Kienan Stewart

Add Debian support
8842a597 2022-07-05 08:23 Tim Meusel

make path to `nft` binary configureable
0c9bc308 2022-02-27 11:05 hashworks

Add support for Arch Linux

Arch Linux stores the configuration in a different path and does not
provide firewalld without explicit installation.

This basically the same as #66 – I've reused their code since it hasn't
been merged in a while.
b5874974 2021-12-16 09:54 Steve Traylen

rubocop - RSpec/RepeatedExampleGroupBody
c82b960a 2021-12-16 08:55 Steve Traylen

rubocop:auto_correct results
c94658e1 2021-07-06 11:46 Nacho Barrientos

Allow declaring the same set in several tables

Closes #100
1eda6efa 2021-04-21 09:46 Steve Traylen

Rely on puppet 6 calling daemon-reload

Since Puppet 6 now there no need to explicitly
call `systemctl daemon-reload`.
cd2a3cbf 2021-03-25 03:30 Nacho Barrientos

Add rules for QEMU/libvirt guests
6be2adf7 2021-03-19 07:12 Luis Fernández Álvarez

Add Docker-CE default rules
771b3256 2021-03-15 09:59 Nacho Barrientos

Add rules for Apache ActiveMQ
19908f41 2021-01-18 14:07 mh

add some mail related outgoing rules
1ee2f66b 2021-01-18 06:25 Giuseppe Lo Presti

Added to tests
04176b0e 2020-12-13 16:52 mh

switch naming to puppetserver
cfcafde5 2020-12-10 09:20 Steve Traylen

test that all classes can be included