/spec/classes/nftables_spec.rb - Changements - puppet nftables - Koumbit's Redmine

Télécharger au format

root / spec / classes / nftables_spec.rb @ 30462da1

Historique | Voir | Annoter | Télécharger (4,05 ko)

#	Date	Auteur	Commentaire
30462da1	2020-11-26 05:19	Steve Traylen	Reload rules atomically Background: The unit file for nftables on CentOS 8 contains: ``` ExecStart=/sbin/nft -f /etc/sysconfig/nftables.conf ExecReload=/sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";' ExecStop=/sbin/nft flush ruleset ```...
ae9872e2	2020-11-24 04:17	Nacho Barrientos	Make masking Service['firewalld'] configurable
61f03b47	2020-11-19 09:19	Steve Traylen	Switch $order$fragmenta/b to $order-$fragment-a/b
e53053ce	2020-11-19 08:31	Steve Traylen	Add comments for all the nftable::rules entries For each nftable::rule this adds an extra concat fragment to add a comment containing the name and order number for the rule. The motivation here is to make the mapping from resulting rules back to puppet code more obvious. When adding a new rule it should be more...
b3a7a6dd	2020-10-23 13:46	tr	Allow to inject custom rules
b171ac7f	2020-10-20 12:55	mh	fix offenses
e17693e3	2020-10-20 08:29	Steve Traylen	New parameter out_all, default false In order to allow all outbound traffic a parameter is added to enable a simple `allow` entry on the out chain. Default is false so backwards compatible. If true all the other out_bound rules (ntp, ...) will be disabled...
01d8a819	2020-10-16 10:29	tr	Styling to make tests green
f02562f2	2020-08-30 07:18	tr	Stop and mask firewalld service
5acb554a	2020-08-29 12:06	tr	Write some spec tests for init class
64134e4e	2020-08-29 11:17	tr	Add spec tests it should compile