Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root @ e8dd4ad3

# Date Auteur Commentaire
e8dd4ad3 2024-08-05 04:07 Tim Meusel

Release 4.0.0
8cbcf05f 2024-08-04 07:06 Tim Meusel

Merge pull request #252 from phaedriel/addr_array

Add support Arrays of source/destination IP addresses for nftables::simplerule
ededc8ab 2024-08-04 07:06 Tim Meusel

Merge pull request #254 from bastelfreak/modulesync2

partial modulesync 9.1.0
b84ba386 2024-08-04 06:55 Tim Meusel

manage spec_helper.rb
65ed81ba 2024-08-04 06:55 Tim Meusel

partial modulesync 9.1.0

This excludes the Gemfile changes
4e62ca01 2024-08-04 06:30 Tim Meusel

Merge pull request #253 from canihavethisone/master

Reload nftables service if hash at last service load does not match
16fd95b1 2024-08-04 04:10 canihavethisone

Update init.pp comments
efb04acd 2024-08-03 23:17 canihavethisone

Regenerate reference
e0bb7852 2024-08-03 23:15 canihavethisone

Change default hash location to /var/tmp to survive reboots and avoid bogus nftables reload
c1bd001d 2024-08-03 21:16 canihavethisone

Added shell provider to execs. Hash generate now in array. Ran rubocop:autocorrect
3f278f1c 2024-08-03 10:12 canihavethisone

Generated reference update
c00bcf2d 2024-08-03 09:47 canihavethisone

Changed path to use fact. Partial conversion of execs to arrays
3016d428 2024-08-03 00:02 canihavethisone

Change exec title
0b2ccdda 2024-08-02 23:58 canihavethisone

Fix typos
c6941cfe 2024-08-02 23:30 canihavethisone

Correct docstring
0b1e3353 2024-08-02 23:25 canihavethisone

Added purge_unmanaged_rules new variant of method
c3cd68d6 2024-08-02 22:59 canihavethisone

Revert "Generated changelog"

This reverts commit fa9253fc64906fd37d884290da6d97bd9cd478be.
9d02e9f8 2024-07-31 07:54 Stéphanie Jaumotte

Add variant array
fa9253fc 2024-07-27 22:18 canihavethisone

Generated changelog
5cd48ea4 2024-07-03 10:01 Steve Traylen

Merge pull request #243 from voxpupuli/modulesync

modulesync 9.0.0
e5fa2420 2024-07-03 09:38 Tim Meusel

modulesync 9.0.0
f24e622f 2024-07-03 09:38 Tim Meusel

modulesync 8.0.1
ff8a807e 2024-07-03 09:36 Tim Meusel

Merge pull request #249 from traylenator/clobberatend

Run default destroying acceptance tests at end
2340d1d6 2024-06-27 07:25 Steve Traylen

Run default destroying acceptance tests at end

The spec test destroy_spec was purging default nftables configurations
before other existing tests had a chance to run.

Run the default destroying tests as the final test.
de945d0d 2024-06-27 07:09 Steve Traylen

Merge pull request #247 from traylenator/overarch

New clobber_default_config paramater
a528bf59 2024-06-27 06:33 Steve Traylen

New clobber_default_config paramter

Certain OSes namely Debian and Archlinux provide default rules
with the OS.

This module has always respected those rules and appended all of
its own rules to the end of the existing rules.

The new parameter `clobber_default_config` if set `true` (default `false`)...
1331dc33 2024-06-27 06:32 Steve Traylen

Merge pull request #246 from traylenator/deb11

Accept on Debian 11 nftables::set will fail
8bc8fe98 2024-06-27 06:12 Steve Traylen

Accept on Debian 11 nftables::set will fail

On Debian 11 adding an nftables set triggers a bug:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063690

move the `nftables::set` tests out to their own test which makes sense
anyway and mark as pending for Debian 11.
84429425 2024-06-27 06:08 Steve Traylen

Merge pull request #245 from traylenator/metadata

Drop EOL CentOS 8 support
135283e1 2024-06-25 04:44 Steve Traylen

Drop EOL CentOS 8 support
8457322b 2024-04-29 04:38 Steve Traylen

Merge pull request #241 from voxpupuli/modulesync

modulesync 7.4.0
664b0980 2024-04-29 04:38 Steve Traylen

Merge pull request #242 from voxpupuli/systemd_update

update puppet-systemd upper bound to 8.0.0
8b1a616d 2024-04-26 06:59 Christoph Maser

update puppet-systemd upper bound to 8.0.0
80d9b434 2024-04-25 11:20 markuszilch

modulesync 7.5.0
79ef6104 2024-04-12 16:27 Tim Meusel

modulesync 7.4.0
8fd5be37 2024-02-06 07:41 Markus Zilch

Merge pull request #238 from voxpupuli/modulesync

modulesync 7.3.0
7d136849 2024-02-06 06:36 markuszilch

modulesync 7.3.0
26fe453f 2024-01-01 04:19 Sebastian Rakel

Merge pull request #235 from voxpupuli/ospf

rules::llmnr: Allow interface filtering
1ef7d5c4 2023-12-31 08:42 Tim Meusel

rules::llmnr: Allow interface filtering
96853629 2023-12-31 08:34 Tim Meusel

Merge pull request #234 from voxpupuli/ospf

rules::ospf3 & rules::out::ospf3: Allow filtering on outgoing interfaces
3e2b5119 2023-12-31 08:11 Tim Meusel

rules::ospf3: Allow filtering on incoming interfaces
925c358d 2023-12-31 08:11 Tim Meusel

rules::out::ospf3: Allow filtering on outgoing interfaces
e99080dc 2023-12-31 08:08 Tim Meusel

Merge pull request #233 from voxpupuli/mdns

rules::out::mdns & rules::mdns: Allow interface filtering
4c3d5d6b 2023-12-31 07:57 Tim Meusel

rules::mdns: Allow interface filtering
51850192 2023-12-31 07:57 Tim Meusel

rules::out::mdns: Allow interface filtering
7e0fba49 2023-12-29 11:01 Tim Meusel

[blacksmith] Bump version to 3.7.2-rc0
29492524 2023-12-29 11:00 Tim Meusel

Merge pull request #232 from voxpupuli/rel371

Release 3.7.1
f2ae9eda 2023-12-29 10:41 Tim Meusel

Release 3.7.1
483d0a96 2023-12-29 10:40 Tim Meusel

Merge pull request #231 from voxpupuli/icmp

rules::icmp: Allow ICMP packets with extensions
8cdd24a5 2023-12-29 10:23 Tim Meusel

rules::icmp: Allow ICMP packets with extensions
add6257b 2023-12-29 09:14 Sebastian Rakel

Merge pull request #230 from voxpupuli/icmp

out::icmp: simplify filtering/fix ICMP bug
d1864b10 2023-12-29 08:25 Tim Meusel

out::icmp: simplify filtering/fix ICMP bug
5d554e75 2023-12-29 07:32 Tim Meusel

out::icmp: Add parameter documentation
f9de4dee 2023-12-29 07:31 Tim Meusel

out::icmp: reformat code
282c51cf 2023-12-27 06:28 Tim Meusel

[blacksmith] Bump version to 3.7.1-rc0
6c12ac54 2023-12-27 06:25 Tim Meusel

Merge pull request #229 from voxpupuli/rel370

Release 3.7.0
af0bf18a 2023-12-27 06:20 Tim Meusel

Release 3.7.0
7fcc85bc 2023-12-27 06:15 Tim Meusel

Merge pull request #228 from voxpupuli/foo

simplerule: Allow multiple oifname/iifname
e846c98b 2023-12-27 06:02 Tim Meusel

simplerule: Allow multiple oifname/iifname
22c16919 2023-12-20 15:11 Tim Meusel

[blacksmith] Bump version to 3.6.1-rc0
8b46bcad 2023-12-20 15:11 Tim Meusel

Merge pull request #226 from bastelfreak/rel360

Release 3.6.0
47ef2987 2023-12-20 15:09 Tim Meusel

Release 3.6.0
839ee136 2023-12-20 15:05 Tim Meusel

Merge pull request #225 from voxpupuli/nftables

Make "dropping invalid packets" configureable
eac19d14 2023-12-20 14:51 Tim Meusel

Make "dropping invalid packets" configureable

It doesn't make sense to explicitly drop those pakets when the default
policy is already `DROP`. Also some applications, like ceph, are known
to send packets that might be marked as invalid.
e5a1eb78 2023-12-20 13:43 Tim Meusel

Merge pull request #224 from voxpupuli/nftables

simplerule: Add support for outgoing interface filtering
d7d6d5d3 2023-12-20 13:31 Tim Meusel

simplerule: Add support for outgoing interface filtering
545a379b 2023-12-20 08:35 Tim Meusel

Merge pull request #222 from bastelfreak/refactor

rules::out:dns: refactor for better readability
9d1ee648 2023-12-20 04:41 Tim Meusel

rules::out:dns: refactor for better readability
ee2d38a5 2023-12-19 12:55 Tim Meusel

Merge pull request #221 from voxpupuli/nftables

simplerule: Add support for incoming interface filtering
25b3f3f4 2023-12-19 12:36 Tim Meusel

simplerule: Add support for incoming interface filtering
0ec7c23d 2023-12-18 16:52 Tim Meusel

Merge pull request #220 from voxpupuli/modulesync

modulesync 7.2.0
f1d50c1e 2023-12-18 16:40 Tim Meusel

Regenerate REFERENCE.md
3cc3ad1d 2023-12-15 07:24 Tim Meusel

modulesync 7.2.0
4528f390 2023-12-06 11:43 Kenyon Ralph

Merge pull request #219 from Tamerz/document-set-param

Document what the 'auto_merge' set parameter does.
2732318a 2023-12-06 04:19 Tames McTigue

Document what the 'auto_merge' parameter does.
c61ebeb1 2023-12-04 04:16 Tim Meusel

Merge pull request #218 from voxpupuli/modulesync

modulesync 7.1.0
936cde59 2023-12-02 18:38 Tim Meusel

modulesync 7.1.0
c23d8bf1 2023-11-27 04:16 Steve Traylen

[blacksmith] Bump version to 3.5.1-rc0
a30d4510 2023-11-27 04:14 Steve Traylen

Merge pull request #216 from traylenator/release-3.4.1

Release 3.5.0
f301ff5e 2023-11-27 03:56 Steve Traylen

Release 3.5.0
41c988a4 2023-11-24 03:04 Tim Meusel

Merge pull request #215 from traylenator/dnsiface

Support input interface specification to dns server
67cdcf15 2023-11-24 02:52 Steve Traylen

Support input interface specification to dns server

Useful when you want to allow docker/podman containers
access to a hosts dns stub resolver.

```puppet
class{'nftables::rules::dns':
iifname => ['docker0'],
}
```
b5633532 2023-11-23 02:46 Tim Meusel

Merge pull request #189 from tskirvin/master

nftables::simplerule::dport - takes port ranges as part of the array
a7cb6803 2023-11-23 02:38 Steve Traylen

Merge pull request #214 from traylenator/podman

Additional rules for podman root containers
1085e990 2023-11-22 05:50 Steve Traylen

Merge pull request #183 from traylenator/redirect

Example how to redirect one port to another
94285e5f 2023-11-22 04:40 Steve Traylen

Example how to redirect one port to another

Add example how to redirect traffic from one port to another.
08b9f1d0 2023-11-22 03:53 Steve Traylen

Additional rules for podman root containers

This class defines additional forwarding rules to let root containers
reach external networks when using Netavark (since v4.0) or CNI (deprecated).
At the time of writing, Podman supports automatic configuration...
3413220c 2023-11-17 13:07 Tim Meusel

[blacksmith] Bump version to 3.4.1-rc0
b5b49a36 2023-11-17 13:07 Tim Meusel

Merge pull request #212 from bastelfreak/rel340

Release 3.4.0
54b5cf0b 2023-11-17 12:47 Tim Meusel

Release 3.4.0
ab464b23 2023-11-17 12:45 Tim Meusel

Merge pull request #213 from vchepkov/systemd

allow puppet/systemd v6
8d384ffe 2023-11-17 07:18 Vadym Chepkov

allow puppet/systemd v6
42bd5407 2023-11-17 04:11 Tim Meusel

Merge pull request #211 from bastelfreak/debian12

Add Debian 12 support
0bdf751a 2023-11-17 03:55 Tim Meusel

Add Debian 12 support
50c78d9b 2023-11-17 03:54 Tim Meusel

Merge pull request #208 from vchepkov/ftp

add ftp helper
baad986e 2023-11-16 19:10 Vadym Chepkov

add ftp helper

This adds ability to enable a connection tracker helper and provides typical ftp rules

Co-authored-by: Vadym Chepkov <>
Co-authored-by: Yury Bushmelev <>
825f4eb1 2023-11-08 13:37 Tim Skirvin

trying out a spec to mix port arrays and ranges
d7bd6638 2023-11-07 17:28 Tim Skirvin

spec update to confirm that port ranges work
5a7b1fc1 2023-11-07 17:27 Tim Skirvin

Merge branch 'voxpupuli:master' into master
ba8b99ba 2023-10-28 09:44 Tim Meusel

Merge pull request #209 from vchepkov/rejects

provide an option to disable logging rejected packets