Révision bc1b0f1a
Release 1.0.0 (#49)
- Release 1.0.0
Co-authored-by: duritong <peter.meier+github@immerda.ch>
| CHANGELOG.md | ||
|---|---|---|
| 1 | 1 |
# Changelog |
| 2 | 2 |
|
| 3 | 3 |
All notable changes to this project will be documented in this file. |
| 4 |
Each new release typically also includes the latest modulesync defaults. |
|
| 5 |
These should not affect the functionality of the module. |
|
| 4 | 6 |
|
| 5 |
## Release 0.1.0
|
|
| 7 |
## [v1.0.0](https://github.com/voxpupuli/puppet-nftables/tree/v1.0.0) (2020-12-15)
|
|
| 6 | 8 |
|
| 7 |
**Features**
|
|
| 9 |
[Full Changelog](https://github.com/voxpupuli/puppet-nftables/compare/0ba57c66a35ed4e9b570d8a6315a33a1c4ba3181...v1.0.0)
|
|
| 8 | 10 |
|
| 9 |
**Bugfixes**
|
|
| 11 |
**Breaking changes:**
|
|
| 10 | 12 |
|
| 11 |
**Known Issues** |
|
| 13 |
- switch the server naming [\#42](https://github.com/voxpupuli/puppet-nftables/pull/42) ([duritong](https://github.com/duritong)) |
|
| 14 |
|
|
| 15 |
**Implemented enhancements:** |
|
| 16 |
|
|
| 17 |
- Use Stdlib::Port everywhere in place of Integer [\#56](https://github.com/voxpupuli/puppet-nftables/pull/56) ([traylenator](https://github.com/traylenator)) |
|
| 18 |
- Enable Puppet 7 support [\#51](https://github.com/voxpupuli/puppet-nftables/pull/51) ([bastelfreak](https://github.com/bastelfreak)) |
|
| 19 |
- Several fixes for nftables::config [\#48](https://github.com/voxpupuli/puppet-nftables/pull/48) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 20 |
- rubocop corrections [\#41](https://github.com/voxpupuli/puppet-nftables/pull/41) ([traylenator](https://github.com/traylenator)) |
|
| 21 |
- Add basic configuration validation acceptance test [\#38](https://github.com/voxpupuli/puppet-nftables/pull/38) ([traylenator](https://github.com/traylenator)) |
|
| 22 |
- Remove duplicate flush on reload [\#34](https://github.com/voxpupuli/puppet-nftables/pull/34) ([traylenator](https://github.com/traylenator)) |
|
| 23 |
- Add nftables::simplerule [\#33](https://github.com/voxpupuli/puppet-nftables/pull/33) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 24 |
- Add Ceph and NFS rules [\#32](https://github.com/voxpupuli/puppet-nftables/pull/32) ([dvanders](https://github.com/dvanders)) |
|
| 25 |
- New parameter noflush\_tables to selectivly skip flush [\#31](https://github.com/voxpupuli/puppet-nftables/pull/31) ([traylenator](https://github.com/traylenator)) |
|
| 26 |
- Scientific Linux 8 will never exist [\#30](https://github.com/voxpupuli/puppet-nftables/pull/30) ([traylenator](https://github.com/traylenator)) |
|
| 27 |
- Enable conntrack in FORWARD [\#29](https://github.com/voxpupuli/puppet-nftables/pull/29) ([keachi](https://github.com/keachi)) |
|
| 28 |
- Do not test nftables::rules repeatadly [\#28](https://github.com/voxpupuli/puppet-nftables/pull/28) ([traylenator](https://github.com/traylenator)) |
|
| 29 |
- Allow sourcing sets from Hiera [\#26](https://github.com/voxpupuli/puppet-nftables/pull/26) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 30 |
- Allow disabling default NAT tables and chains [\#25](https://github.com/voxpupuli/puppet-nftables/pull/25) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 31 |
- Set a customisable rate limit to the logging rules [\#22](https://github.com/voxpupuli/puppet-nftables/pull/22) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 32 |
- Make masking Service\['firewalld'\] optional [\#20](https://github.com/voxpupuli/puppet-nftables/pull/20) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 33 |
- Move ICMP stuff to separate classes allowing better customisation [\#16](https://github.com/voxpupuli/puppet-nftables/pull/16) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 34 |
- Move conntrack rules from global to INPUT and OUTPUT [\#14](https://github.com/voxpupuli/puppet-nftables/pull/14) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 35 |
- Add comments for all the nftable::rules entries [\#13](https://github.com/voxpupuli/puppet-nftables/pull/13) ([traylenator](https://github.com/traylenator)) |
|
| 36 |
- Allow tables to add comments to $log\_prefix [\#12](https://github.com/voxpupuli/puppet-nftables/pull/12) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 37 |
- Reload rules atomically and verify rules before deploy [\#10](https://github.com/voxpupuli/puppet-nftables/pull/10) ([traylenator](https://github.com/traylenator)) |
|
| 38 |
- Allow raw sets and dashes in set names [\#8](https://github.com/voxpupuli/puppet-nftables/pull/8) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 39 |
- Add a parameter to control the fate of discarded traffic [\#7](https://github.com/voxpupuli/puppet-nftables/pull/7) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 40 |
- Add rules for afs3\_callback in and out rules for kerberos and openafs. [\#6](https://github.com/voxpupuli/puppet-nftables/pull/6) ([traylenator](https://github.com/traylenator)) |
|
| 41 |
- Allow customising the log prefix [\#5](https://github.com/voxpupuli/puppet-nftables/pull/5) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 42 |
- Add classes encapsulating rules for DHCPv6 client traffic \(in/out\) [\#4](https://github.com/voxpupuli/puppet-nftables/pull/4) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 43 |
- Add support for named sets [\#3](https://github.com/voxpupuli/puppet-nftables/pull/3) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 44 |
- New parameter out\_all, default false [\#1](https://github.com/voxpupuli/puppet-nftables/pull/1) ([traylenator](https://github.com/traylenator)) |
|
| 45 |
|
|
| 46 |
**Fixed bugs:** |
|
| 47 |
|
|
| 48 |
- Correct nfs3 invalid udp /tcp matching rule and more tests [\#50](https://github.com/voxpupuli/puppet-nftables/pull/50) ([traylenator](https://github.com/traylenator)) |
|
| 49 |
- Prefix custom tables with custom- so they're loaded [\#47](https://github.com/voxpupuli/puppet-nftables/pull/47) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 50 |
- Correct bad merge [\#15](https://github.com/voxpupuli/puppet-nftables/pull/15) ([traylenator](https://github.com/traylenator)) |
|
| 51 |
|
|
| 52 |
**Closed issues:** |
|
| 53 |
|
|
| 54 |
- deploying custom tables is broken [\#45](https://github.com/voxpupuli/puppet-nftables/issues/45) |
|
| 55 |
- Switch to Stdlib::Port everywhere [\#37](https://github.com/voxpupuli/puppet-nftables/issues/37) |
|
| 56 |
- Add set definition from Hiera [\#24](https://github.com/voxpupuli/puppet-nftables/issues/24) |
|
| 57 |
- Add an option to disable NAT [\#23](https://github.com/voxpupuli/puppet-nftables/issues/23) |
|
| 58 |
- Add an option to limit the rate of logged messages [\#19](https://github.com/voxpupuli/puppet-nftables/issues/19) |
|
| 59 |
- Rule API [\#17](https://github.com/voxpupuli/puppet-nftables/issues/17) |
|
| 60 |
- Publish to forge.puppet.com [\#11](https://github.com/voxpupuli/puppet-nftables/issues/11) |
|
| 61 |
- The global chain contains INPUT specific rules [\#9](https://github.com/voxpupuli/puppet-nftables/issues/9) |
|
| 62 |
- The fate of forbidden packets should be configurable [\#2](https://github.com/voxpupuli/puppet-nftables/issues/2) |
|
| 63 |
|
|
| 64 |
**Merged pull requests:** |
|
| 65 |
|
|
| 66 |
- Docs for nftables::set [\#55](https://github.com/voxpupuli/puppet-nftables/pull/55) ([traylenator](https://github.com/traylenator)) |
|
| 67 |
- Remove a blank separating the doc string and the code [\#52](https://github.com/voxpupuli/puppet-nftables/pull/52) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 68 |
- Correct layout of ignore table example [\#44](https://github.com/voxpupuli/puppet-nftables/pull/44) ([traylenator](https://github.com/traylenator)) |
|
| 69 |
- Fix typos and formatting in the README [\#43](https://github.com/voxpupuli/puppet-nftables/pull/43) ([nbarrientos](https://github.com/nbarrientos)) |
|
| 70 |
- Comment why firewalld\_enable parameter is required [\#40](https://github.com/voxpupuli/puppet-nftables/pull/40) ([traylenator](https://github.com/traylenator)) |
|
| 71 |
- modulesync 4.0.0 [\#36](https://github.com/voxpupuli/puppet-nftables/pull/36) ([traylenator](https://github.com/traylenator)) |
|
| 72 |
- Refresh REFERENCE [\#27](https://github.com/voxpupuli/puppet-nftables/pull/27) ([traylenator](https://github.com/traylenator)) |
|
| 73 |
|
|
| 74 |
|
|
| 75 |
|
|
| 76 |
\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* |
|
| REFERENCE.md | ||
|---|---|---|
| 336 | 336 |
|
| 337 | 337 |
##### `ports` |
| 338 | 338 |
|
| 339 |
Data type: `Array[Integer,1]`
|
|
| 339 |
Data type: `Array[Stdlib::Port,1]`
|
|
| 340 | 340 |
|
| 341 | 341 |
|
| 342 | 342 |
|
| ... | ... | |
| 356 | 356 |
|
| 357 | 357 |
##### `ports` |
| 358 | 358 |
|
| 359 |
Data type: `Array[Integer,1]`
|
|
| 359 |
Data type: `Array[Stdlib::Port,1]`
|
|
| 360 | 360 |
|
| 361 | 361 |
|
| 362 | 362 |
|
| ... | ... | |
| 380 | 380 |
|
| 381 | 381 |
##### `ports` |
| 382 | 382 |
|
| 383 |
Data type: `Array[Integer,1]`
|
|
| 383 |
Data type: `Array[Stdlib::Port,1]`
|
|
| 384 | 384 |
|
| 385 | 385 |
|
| 386 | 386 |
|
| ... | ... | |
| 444 | 444 |
|
| 445 | 445 |
##### `port` |
| 446 | 446 |
|
| 447 |
Data type: `Integer`
|
|
| 447 |
Data type: `Stdlib::Port`
|
|
| 448 | 448 |
|
| 449 | 449 |
|
| 450 | 450 |
|
| ... | ... | |
| 475 | 475 |
|
| 476 | 476 |
##### `ports` |
| 477 | 477 |
|
| 478 |
Data type: `Array[Integer,1]`
|
|
| 478 |
Data type: `Array[Stdlib::Port,1]`
|
|
| 479 | 479 |
|
| 480 | 480 |
|
| 481 | 481 |
|
| ... | ... | |
| 581 | 581 |
|
| 582 | 582 |
##### `ports` |
| 583 | 583 |
|
| 584 |
Data type: `Array[Integer,1]`
|
|
| 584 |
Data type: `Array[Stdlib::Port,1]`
|
|
| 585 | 585 |
|
| 586 | 586 |
|
| 587 | 587 |
|
| ... | ... | |
| 615 | 615 |
|
| 616 | 616 |
##### `puppetserver_port` |
| 617 | 617 |
|
| 618 |
Data type: `Integer`
|
|
| 618 |
Data type: `Stdlib::Port`
|
|
| 619 | 619 |
|
| 620 | 620 |
|
| 621 | 621 |
|
| ... | ... | |
| 691 | 691 |
|
| 692 | 692 |
##### `ports` |
| 693 | 693 |
|
| 694 |
Data type: `Array[Integer,1]`
|
|
| 694 |
Data type: `Array[Stdlib::Port,1]`
|
|
| 695 | 695 |
|
| 696 | 696 |
|
| 697 | 697 |
|
| ... | ... | |
| 707 | 707 |
|
| 708 | 708 |
##### `ports` |
| 709 | 709 |
|
| 710 |
Data type: `Array[Integer,1]`
|
|
| 710 |
Data type: `Array[Stdlib::Port,1]`
|
|
| 711 | 711 |
|
| 712 | 712 |
|
| 713 | 713 |
|
| ... | ... | |
| 723 | 723 |
|
| 724 | 724 |
##### `ports` |
| 725 | 725 |
|
| 726 |
Data type: `Array[Integer,1]`
|
|
| 726 |
Data type: `Array[Stdlib::Port,1]`
|
|
| 727 | 727 |
|
| 728 | 728 |
|
| 729 | 729 |
|
| ... | ... | |
| 901 | 901 |
|
| 902 | 902 |
##### `port` |
| 903 | 903 |
|
| 904 |
Data type: `Variant[String,Integer[1,65535]]`
|
|
| 904 |
Data type: `Variant[String,Stdlib::Port]`
|
|
| 905 | 905 |
|
| 906 | 906 |
|
| 907 | 907 |
|
| ... | ... | |
| 947 | 947 |
|
| 948 | 948 |
##### `dport` |
| 949 | 949 |
|
| 950 |
Data type: `Optional[Variant[String,Integer[1,65535]]]`
|
|
| 950 |
Data type: `Optional[Variant[String,Stdlib::Port]]`
|
|
| 951 | 951 |
|
| 952 | 952 |
|
| 953 | 953 |
|
| ... | ... | |
| 1027 | 1027 |
|
| 1028 | 1028 |
##### `dport` |
| 1029 | 1029 |
|
| 1030 |
Data type: `Optional[Variant[String,Integer[1,65535]]]`
|
|
| 1030 |
Data type: `Optional[Variant[String,Stdlib::Port]]`
|
|
| 1031 | 1031 |
|
| 1032 | 1032 |
|
| 1033 | 1033 |
|
| ... | ... | |
| 1105 | 1105 |
|
| 1106 | 1106 |
##### `dport` |
| 1107 | 1107 |
|
| 1108 |
Data type: `Optional[Variant[String,Integer[1,65535]]]`
|
|
| 1108 |
Data type: `Optional[Variant[String,Stdlib::Port]]`
|
|
| 1109 | 1109 |
|
| 1110 | 1110 |
|
| 1111 | 1111 |
|
| metadata.json | ||
|---|---|---|
| 1 | 1 |
{
|
| 2 | 2 |
"name": "puppet-nftables", |
| 3 |
"version": "0.1.0",
|
|
| 3 |
"version": "1.0.0",
|
|
| 4 | 4 |
"author": "Vox Pupuli", |
| 5 | 5 |
"summary": "Puppet nftables module", |
| 6 | 6 |
"license": "Apache-2.0", |
Formats disponibles : Unified diff