modulesync 4.2.0
Fix .sync.yml
Typo introduced in 09cba1822af345c6fe7d4db1a49921f12a53cb31
Merge pull request #109 from cernops/ibarrien_rc
Release 2.1.1-rc0
Merge pull request #108 from cernops/release_210
Prepare release 2.1.0
Merge pull request #107 from figless/nat_table_name
support a different table name for 'nat'
support a different table name for 'nat'- Some applications (such as libvirt) still use iptables to inject firewall rules- iptables will refuse to update tables that were initially created with nft- This commit allows defining the name of the 'nat' table in order to avoid...
Merge pull request #106 from voxpupuli/stdlib
Allow stdlib 8.0.0
Merge pull request #103 from voxpupuli/systemd_voxpupuli
switch from camptocamp/systemd to voxpupuli/systemd
Merge pull request #104 from bastelfreak/optional
fix datatype for $table and $dport
fix datatype for $dport
fix datatype for $table
Merge pull request #102 from cernops/issue100
Allow declaring the same set in several tables
Closes #100
Merge pull request #99 from bastelfreak/fixtures
pull fixtures from git and not forge
Merge pull request #98 from traylenator/rc
Release 2.0.1-rc0
Merge pull request #97 from cernops/release_140
Prepare release 2.0.0
Merge pull request #96 from cernops/issue95
Allow creating a totally empty firewall
By setting `nftables::inet_filter` and `nftables::nat` to `false`users can now start off from a totally empty firewall and add thetables, chains and rules they'd like.
The default skeleton for inet-filter, ip-nat and ip6-nat is kept...
Merge pull request #93 from cernops/ibarrien_saddr
Fix IPv4 source address type detection
Before this patch, a rule like this:
``` nftables::simplerule { 'foo': action => 'accept', dport => 443, proto => 'tcp4', saddr => '192.168.1.10', }```
would incorrectly generate this rule:...
Merge pull request #92 from traylenator/everything
Drop Puppet 5, puppetlabs/concat 7.x, puppetlabs/stdlib 7.x, camptocamp/systemd: 3.x
Rely on puppet 6 calling daemon-reload
Since Puppet 6 now there no need to explicitlycall `systemctl daemon-reload`.
Merge remote-tracking branch 'kenyon/bump-concat' into everything
puppetlabs/concat: Allow 7.x
puppetlabs/stdlib: Allow 7.x
camptocamp/systemd: allow 3.x
Merge pull request #88 from cernops/dotfiles_yas_link
Amend link to Yasnippets
I reorganised my dotfiles a bit so this link must be changed. Sorryfor the noise.
Merge pull request #87 from cernops/bump_rc
Release 1.3.1-rc0
Merge pull request #86 from cernops/release_1_3_0
Prepare release 1.3.0
Merge pull request #85 from cernops/qemu
Add rules for QEMU/libvirt guests (bridged virtual networking)
Add rules for QEMU/libvirt guests
Merge pull request #80 from luisfdez/dockerce
Add Docker-CE default rules
Add optional handling of chains
Merge pull request #84 from traylenator/version
Add nftables.version to structured fact.
Add fact section to README.md
Fix doc defaults
```FACTERLIB=. facter -p nftables { tables => [ "bridge-filter", "bridge-nat", "inet-firewalld", "ip-firewalld", "ip6-firewalld" ], version => "0.9.3" }```
metadata.json: drop Puppet 5 support
Also bump puppetlabs/concat and puppetlabs/stdlib, whose versions7.0.0 also dropped support for Puppet 5.
Fixes #78
Fix rulename spec in spec
Fix syntax
Add newline & more tests
Merge pull request #82 from cernops/ibarrien_activemq
Add rules for Apache ActiveMQ
Merge pull request #81 from cernops/emacs_readme
Fix sections and add a pointer to code snippets for Emacs
Add pointer to Yasnippets for some defined types
Improve sections' formatting
Release 1.2.1-rc0 (#77)
Release 1.2.0 (#76)
fix #74 - ensure table are initialized before flushing them (#75)
Merge pull request #73 from Koumbit/global_chain_not_hardcoded
start declaring the 'global' chain with module resources
create tests for presence of the "global" chain
the 'global' chain is a vestigial piece of early development on thismodule, but it can be useful for creating fast short-circuits likeblocking traffic that match a certain set of IPs.
in the current state we can't inject rules inside the 'global' chain...
Bump version to 1.1.2-rc0 (#72)
Manual MR due to travis_release being broken by necessity to approve.
https://github.com/voxpupuli/puppet-nftables/issues/61
Release 1.1.1 (#71)
Merge pull request #70 from cernops/issue69
Fix IP version filter for IPv6 traffic
Add unit test
Improve nftables::rule's documentation (#68)
[blacksmith] Bump version to 1.1.1-rc0
Release 1.1.0 (#67)
Merge pull request #60 from duritong/more_mail_client_rules
add some mail related outgoing rules
Merge pull request #63 from traylenator/badges
Add badges to README
Merge pull request #64 from traylenator/params
Enable parameter_documentation lint
Merge pull request #62 from glpatcern/master
Added Samba in rules
The linter checks that every parameter has been documented.
While corrections have been made to great many classes some morecomplicated examples have been left for now. Should be updatedas the files get touched.
https://github.com/domcleal/puppet-lint-param-docs
Removed unneeded parentheses
Updated docs
Co-authored-by: Nacho Barrientos <nacho@criptonita.com>
Merge pull request #53 from cernops/allrules_check
Check that all the predefined rules are declared in the all rules acceptance test
Made ctdb rule parameterized
Use a separate job file
Check that all rules are declared in the all rules acceptance test
Merge pull request #59 from cernops/issue58
Align simplerule and rule rulename requirements
Pull up rule regexp to type aliases
Added to tests
[blacksmith] Bump version to 1.0.1-rc0
Release 1.0.0 (#49)
Co-authored-by: duritong <peter.meier+github@immerda.ch>
Merge pull request #56 from traylenator/ports
Use Stdlib::Port everywhere in place of Integer
Use Stdlib::Port in place of Integer for ports
Fixes #37
Merge pull request #55 from traylenator/moredocs
Docs for nftables::set
Update manifests/set.pp
Merge pull request #42 from duritong/terminology
switch not the server naming
switch naming to puppetserver
Merge pull request #47 from cernops/issue45
Prefix custom tables with custom- so they're loaded
