Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root @ 0c9bc308

# Date Auteur Commentaire
0c9bc308 2022-02-27 11:05 hashworks

Add support for Arch Linux

Arch Linux stores the configuration in a different path and does not
provide firewalld without explicit installation.

This basically the same as #66 – I've reused their code since it hasn't
been merged in a while.
d8b8b3f4 2022-02-27 11:04 Justin Kromlinger

Merge pull request #125 from hashworks/fix/serviceRemainAfterExit

Ensure that nftables.service remains active after it exits
9de35746 2022-02-27 10:49 hashworks

Ensure that nftables.service remains active after it exits

Some system-packages don't include it in the service-file and we expect
it. See #124.
d1988178 2022-02-26 12:53 Tim Meusel

Merge pull request #112 from keachi/ospf_protocol

Use protocol number instead of label
aa90278c 2022-02-26 11:01 Justin Kromlinger

Merge pull request #122 from hashworks/fix/referenceInitialExamples

Fix typos in initial reference examples
2063deaf 2022-02-26 09:19 hashworks

Fix typos in initial reference examples
cc892515 2022-02-09 03:33 Steve Traylen

Merge pull request #121 from traylenator/paramdocs

vp-puppet-lint-plugin enables param-docs already
8290c1d2 2022-02-09 03:26 Nacho Barrientos

Merge pull request #120 from nbarrientos/rhel9

Declare support for RHEL9, CentOS9 and OL9
432af5d3 2022-02-08 11:12 Nacho Barrientos

Make sure that the list of interfaces is mocked

If 'networking' is not removed from the facts, the values declared in
`default_module_facts.yml` win (the fact set contains two keys:
`:networking` and `'networking'`)

This test has always been wrong as the interfaces were never been...
b6280d21 2022-02-08 09:41 Steve Traylen

vp-puppet-lint-plugin enables param-docs already

No need to enable puppet-lint-param-docs locally since version 3.0.0
of voxpupuli-puppet-lint-plugins enables param-docs anyway.

https://github.com/voxpupuli/voxpupuli-puppet-lint-plugins/commit/5c207d586878162218e45ce50bcfd927588796c9
73ae6061 2022-02-08 09:25 Nacho Barrientos

Declare support for RHEL9, CentOS9 and OL9
bd8993d5 2021-12-17 11:28 Steve Traylen

Merge pull request #118 from traylenator/rubocop

Rubocop corrections for rubocop 1.22.3
b5874974 2021-12-16 09:54 Steve Traylen

rubocop - RSpec/RepeatedExampleGroupBody
6c2f0f10 2021-12-16 09:26 Steve Traylen

rubocop -f RSpec/RepeatedExampleGroupDescription
c82b960a 2021-12-16 08:55 Steve Traylen

rubocop:auto_correct results
20eaf3c2 2021-12-15 14:40 Tim Stallmann

modulesync 5.1.0
cbe342b9 2021-11-17 01:51 tr

Use protocol number instead of label

The label was `ospf` and will be `ospfigp` in the future. Instead of
creating a map use the protocol number to be compatible with newer
versions.
9ea14bc0 2021-09-18 02:11 Tim Meusel

Merge pull request #110 from voxpupuli/modulesync

modulesync 4.2.0
fa92e118 2021-09-17 21:35 Romain Tartière

Pet rubocop
5fea281f 2021-09-17 21:33 Tim Stallmann

modulesync 4.2.0
407adb54 2021-09-17 21:33 Romain Tartière

Fix .sync.yml

Typo introduced in 09cba1822af345c6fe7d4db1a49921f12a53cb31
f92dda0b 2021-09-14 07:28 Christos Papageorgiou

Merge pull request #109 from cernops/ibarrien_rc
c069ddfd 2021-09-14 06:59 Nacho Barrientos

Release 2.1.1-rc0
f9d3ba1c 2021-09-14 06:57 Nacho Barrientos

Merge pull request #108 from cernops/release_210

Prepare release 2.1.0
b02d6ea9 2021-09-14 02:57 Nacho Barrientos

Prepare release 2.1.0
1cdd8e24 2021-09-07 09:43 duritong

Merge pull request #107 from figless/nat_table_name

support a different table name for 'nat'
fcb79d73 2021-09-07 05:37 Ben Morrice

support a different table name for 'nat'
- Some applications (such as libvirt) still use iptables to inject firewall
rules
- iptables will refuse to update tables that were initially created with nft
- This commit allows defining the name of the 'nat' table in order to avoid...
faaec410 2021-08-25 17:55 Romain Tartière

Merge pull request #106 from voxpupuli/stdlib
4de7163a 2021-08-25 13:41 Romain Tartière

Allow stdlib 8.0.0
abcd1731 2021-07-24 15:28 Tim Meusel

Merge pull request #103 from voxpupuli/systemd_voxpupuli

switch from camptocamp/systemd to voxpupuli/systemd
bd5d13c5 2021-07-24 15:08 Tim Meusel

switch from camptocamp/systemd to voxpupuli/systemd
943ecf89 2021-07-24 14:47 duritong

Merge pull request #104 from bastelfreak/optional

fix datatype for $table and $dport
de3e7bb0 2021-07-24 09:44 Tim Meusel

fix datatype for $dport
324b6851 2021-07-24 09:43 Tim Meusel

fix datatype for $table
853ba757 2021-07-07 04:23 Steve Traylen

Merge pull request #102 from cernops/issue100

Allow declaring the same set in several tables
c94658e1 2021-07-06 11:46 Nacho Barrientos

Allow declaring the same set in several tables

Closes #100
5afbc789 2021-06-16 10:09 Tim Meusel

Merge pull request #99 from bastelfreak/fixtures

pull fixtures from git and not forge
1a986e22 2021-06-16 05:37 Tim Meusel

pull fixtures from git and not forge
ef94dda9 2021-06-03 09:26 Nacho Barrientos

Merge pull request #98 from traylenator/rc

Release 2.0.1-rc0
1d9033d0 2021-06-03 09:22 Steve Traylen

Release 2.0.1-rc0
0c4f8de2 2021-06-03 08:56 Nacho Barrientos

Merge pull request #97 from cernops/release_140

Prepare release 2.0.0
683d1049 2021-06-01 11:36 Nacho Barrientos

Prepare release 2.0.0
65b4f2f3 2021-06-01 04:28 Steve Traylen

Merge pull request #96 from cernops/issue95

Allow creating a totally empty firewall
7b9d6ffc 2021-05-31 04:42 Nacho Barrientos

Allow creating a totally empty firewall

By setting `nftables::inet_filter` and `nftables::nat` to `false`
users can now start off from a totally empty firewall and add the
tables, chains and rules they'd like.

The default skeleton for inet-filter, ip-nat and ip6-nat is kept...
4937bed5 2021-04-27 02:15 Steve Traylen

Merge pull request #93 from cernops/ibarrien_saddr

Fix IPv4 source address type detection
bd8baa0f 2021-04-26 12:27 Nacho Barrientos

Fix IPv4 source address type detection

Before this patch, a rule like this:

```
nftables::simplerule { 'foo':
action => 'accept',
dport => 443,
proto => 'tcp4',
saddr => '192.168.1.10',
}
```

would incorrectly generate this rule:...
a8008e42 2021-04-21 10:56 Steve Traylen

Merge pull request #92 from traylenator/everything

Drop Puppet 5, puppetlabs/concat 7.x, puppetlabs/stdlib 7.x, camptocamp/systemd: 3.x
1eda6efa 2021-04-21 09:46 Steve Traylen

Rely on puppet 6 calling daemon-reload

Since Puppet 6 now there no need to explicitly
call `systemctl daemon-reload`.
ad042d5f 2021-04-21 09:39 Steve Traylen

Merge remote-tracking branch 'kenyon/bump-concat' into everything
42c426c1 2021-04-16 07:58 Tim Meusel

puppetlabs/concat: Allow 7.x
9b6d7f08 2021-04-16 07:57 Tim Meusel

puppetlabs/stdlib: Allow 7.x
af33f653 2021-04-16 07:56 Tim Meusel

camptocamp/systemd: allow 3.x
f82aaa5a 2021-03-26 09:32 Steve Traylen

Merge pull request #88 from cernops/dotfiles_yas_link

Amend link to Yasnippets
693a3d98 2021-03-26 04:17 Nacho Barrientos

Amend link to Yasnippets

I reorganised my dotfiles a bit so this link must be changed. Sorry
for the noise.
89d99b8a 2021-03-25 09:07 Steve Traylen

Merge pull request #87 from cernops/bump_rc

Release 1.3.1-rc0
bbdcfb2d 2021-03-25 08:53 Nacho Barrientos

Release 1.3.1-rc0
cae79123 2021-03-25 08:39 duritong

Merge pull request #86 from cernops/release_1_3_0

Prepare release 1.3.0
804b96e4 2021-03-25 07:53 Nacho Barrientos

Prepare release 1.3.0
3f2f50c9 2021-03-25 03:58 Nacho Barrientos

Merge pull request #85 from cernops/qemu

Add rules for QEMU/libvirt guests (bridged virtual networking)
cd2a3cbf 2021-03-25 03:30 Nacho Barrientos

Add rules for QEMU/libvirt guests
18b211e7 2021-03-24 17:46 duritong

Merge pull request #80 from luisfdez/dockerce

Add Docker-CE default rules
1bf717d9 2021-03-23 08:34 Luis Fernández Álvarez

Add optional handling of chains
c86e270f 2021-03-23 07:37 Steve Traylen

Merge pull request #84 from traylenator/version

Add nftables.version to structured fact.
4d95ea85 2021-03-23 07:03 Steve Traylen

Add fact section to README.md
9dca9bc3 2021-03-23 06:29 Luis Fernández Álvarez

Fix doc defaults
032387dc 2021-03-23 02:59 Steve Traylen

Add nftables.version to structured fact.

```
FACTERLIB=. facter -p nftables {
tables => [
"bridge-filter",
"bridge-nat",
"inet-firewalld",
"ip-firewalld",
"ip6-firewalld"
],
version => "0.9.3"
}
```
242df534 2021-03-20 19:51 Kenyon Ralph

metadata.json: drop Puppet 5 support

Also bump puppetlabs/concat and puppetlabs/stdlib, whose versions
7.0.0 also dropped support for Puppet 5.

Fixes #78
b61ccb4a 2021-03-19 09:04 Luis Fernández Álvarez

Fix rulename spec in spec
283e1c3c 2021-03-19 08:56 Luis Fernández Álvarez

Fix syntax
c3515492 2021-03-19 08:48 Luis Fernández Álvarez

Add newline & more tests
6be2adf7 2021-03-19 07:12 Luis Fernández Álvarez

Add Docker-CE default rules
7a77d75a 2021-03-15 17:28 duritong

Merge pull request #82 from cernops/ibarrien_activemq

Add rules for Apache ActiveMQ
771b3256 2021-03-15 09:59 Nacho Barrientos

Add rules for Apache ActiveMQ
502b9dac 2021-03-09 05:45 duritong

Merge pull request #81 from cernops/emacs_readme

Fix sections and add a pointer to code snippets for Emacs
b1b61501 2021-03-09 04:37 Nacho Barrientos

Add pointer to Yasnippets for some defined types
2fda87af 2021-03-09 04:37 Nacho Barrientos

Improve sections' formatting
812ca777 2021-03-03 04:17 Steve Traylen

Release 1.2.1-rc0 (#77)
05c7f19d 2021-03-03 03:38 Steve Traylen

Release 1.2.0 (#76)
92e0fcb6 2021-03-02 08:31 duritong

fix #74 - ensure table are initialized before flushing them (#75)
942569ea 2021-02-14 10:00 duritong

Merge pull request #73 from Koumbit/global_chain_not_hardcoded

start declaring the 'global' chain with module resources
cf38fe4a 2021-02-14 01:26 Gabriel Filion

create tests for presence of the "global" chain
1a4f336e 2021-02-11 16:42 Gabriel Filion

start declaring the 'global' chain with module resources

the 'global' chain is a vestigial piece of early development on this
module, but it can be useful for creating fast short-circuits like
blocking traffic that match a certain set of IPs.

in the current state we can't inject rules inside the 'global' chain...
ca0e9755 2021-01-29 06:59 Steve Traylen

Bump version to 1.1.2-rc0 (#72)

Manual MR due to travis_release being broken by necessity to approve.

https://github.com/voxpupuli/puppet-nftables/issues/61
bd0d7998 2021-01-29 03:10 Steve Traylen

Release 1.1.1 (#71)
0f100e5c 2021-01-28 06:06 Nacho Barrientos

Merge pull request #70 from cernops/issue69

Fix IP version filter for IPv6 traffic
14156fb6 2021-01-27 06:48 Nacho Barrientos

Add unit test
1d56f209 2021-01-27 06:45 Nacho Barrientos

Fix IP version filter for IPv6 traffic
13f26dfc 2021-01-26 07:17 Nacho Barrientos

Improve nftables::rule's documentation (#68)
7d44d49e 2021-01-25 10:19 Steve Traylen

[blacksmith] Bump version to 1.1.1-rc0
afc4dd16 2021-01-25 10:16 Steve Traylen

Release 1.1.0 (#67)
cad7d4cd 2021-01-18 14:37 Tim Meusel

Merge pull request #60 from duritong/more_mail_client_rules

add some mail related outgoing rules
19908f41 2021-01-18 14:07 mh

add some mail related outgoing rules
2827108d 2021-01-18 11:28 Tim Meusel

Merge pull request #63 from traylenator/badges

Add badges to README
e2031b31 2021-01-18 11:18 Tim Meusel

Merge pull request #64 from traylenator/params

Enable parameter_documentation lint
e977eb3b 2021-01-18 11:17 Tim Meusel

Merge pull request #62 from glpatcern/master

Added Samba in rules
09cba182 2021-01-18 10:36 Steve Traylen

Enable parameter_documentation lint

The linter checks that every parameter has been documented.

While corrections have been made to great many classes some more
complicated examples have been left for now. Should be updated
as the files get touched.

https://github.com/domcleal/puppet-lint-param-docs
354a82d9 2021-01-18 10:19 Giuseppe Lo Presti

Removed unneeded parentheses
82b6fd57 2021-01-18 09:43 Steve Traylen

Add badges to README
4470f70c 2021-01-18 09:36 Giuseppe Lo Presti

Updated docs

Co-authored-by: Nacho Barrientos <>
6587545a 2021-01-18 09:04 Nacho Barrientos

Merge pull request #53 from cernops/allrules_check

Check that all the predefined rules are declared in the all rules acceptance test