Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / spec / classes @ d7d6d5d3

Nom Taille Révision Âge Auteur Commentaire
  inet_filter 9e42547b plus de 2 ans mh split conntrack management into dedicated class...
  rules 9d1ee648 plus d'un an Tim Meusel rules::out:dns: refactor for better readability
  services c82b960a plus de 3 ans Steve Traylen rubocop:auto_correct results
bridges_spec.rb 1,33 ko cb38423a plus de 2 ans mh fix #143 - properly escape rulename for interfaces
dnat4_spec.rb 7,53 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...
inet_filter_spec.rb 24,5 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...
ip_nat_spec.rb 9,47 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...
masquerade_spec.rb 4,5 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...
nftables_spec.rb 9,73 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...
router_spec.rb 5,76 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...
snat4_spec.rb 4,05 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...

Dernières révisions

# Date Auteur Commentaire
9d1ee648 2023-12-20 04:41 Tim Meusel

rules::out:dns: refactor for better readability
67cdcf15 2023-11-24 02:52 Steve Traylen

Support input interface specification to dns server

Useful when you want to allow docker/podman containers
access to a hosts dns stub resolver.

```puppet
class{'nftables::rules::dns':
iifname => ['docker0'],
}
```
08b9f1d0 2023-11-22 03:53 Steve Traylen

Additional rules for podman root containers

This class defines additional forwarding rules to let root containers
reach external networks when using Netavark (since v4.0) or CNI (deprecated).
At the time of writing, Podman supports automatic configuration...
baad986e 2023-11-16 19:10 Vadym Chepkov

add ftp helper

This adds ability to enable a connection tracker helper and provides typical ftp rules

Co-authored-by: Vadym Chepkov <>
Co-authored-by: Yury Bushmelev <>
0b7bcb5d 2023-01-04 05:01 mh

Align filemode on RedHat to distro default

The RPM acutally ships the configuration and directory with
0600/0700 while this module sets the mode to 0640/0750.

However, this has the drawback that on new nftables RPM versions,
we are setting it back to the modules mode and triggering an nft...
9e42547b 2022-09-04 16:35 mh

split conntrack management into dedicated classes so they get consumeable
331b8d85 2022-09-01 05:22 Steve Traylen

New nftables::file type to include raw file

For example:

```puppet
nftables::file{'geoip':
content => "include \"/files/geoipsets/dbip/*.ipv4\"\n",
}
```

will right a file or content into the nftables configuration.

The file written will be included in configuration....
9d61323e 2022-08-26 07:47 Steve Traylen

Merge pull request #144 from duritong/fix-143-properly-escape-rulename

Properly escape bridge in rulename
cb38423a 2022-08-24 03:06 mh

fix #143 - properly escape rulename for interfaces
1d7eb86a 2022-08-24 02:46 mh

remove duplicate expect

this is handled by the next - more specific - expect anyways

Voir les révisions

Formats disponibles : Atom