Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / manifests @ eac19d14

Nom Taille Révision Âge Auteur Commentaire
  inet_filter eac19d14 plus d'un an Tim Meusel Make "dropping invalid packets" configureable ...
  rules 9d1ee648 plus d'un an Tim Meusel rules::out:dns: refactor for better readability
  services 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
bridges.pp 655 octets cb38423a plus de 2 ans mh fix #143 - properly escape rulename for interfaces
chain.pp 1,7 ko 7030bde0 environ 2 ans Luis Fernández Álvarez Add bridge as a valid family for chain tables
config.pp 1,71 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...
file.pp 1,4 ko 0b7bcb5d plus de 2 ans mh Align filemode on RedHat to distro default The...
helper.pp 1,54 ko baad986e plus d'un an Vadym Chepkov add ftp helper This adds ability to enable a c...
inet_filter.pp 3,75 ko a9bbb10d plus d'un an Vadym Chepkov provide an option to disable logging rejected p...
init.pp 6,93 ko eac19d14 plus d'un an Tim Meusel Make "dropping invalid packets" configureable ...
ip_nat.pp 1,72 ko fcb79d73 plus de 3 ans Ben Morrice support a different table name for 'nat' - Some...
rule.pp 2,32 ko 94285e5f plus d'un an Steve Traylen Example how to redirect one port to another Ad...
set.pp 2,95 ko 2732318a plus d'un an Tames McTigue Document what the 'auto_merge' parameter does.
simplerule.pp 3,01 ko d7d6d5d3 plus d'un an Tim Meusel simplerule: Add support for outgoing interface ...

Dernières révisions

# Date Auteur Commentaire
eac19d14 2023-12-20 14:51 Tim Meusel

Make "dropping invalid packets" configureable

It doesn't make sense to explicitly drop those pakets when the default
policy is already `DROP`. Also some applications, like ceph, are known
to send packets that might be marked as invalid.
d7d6d5d3 2023-12-20 13:31 Tim Meusel

simplerule: Add support for outgoing interface filtering
9d1ee648 2023-12-20 04:41 Tim Meusel

rules::out:dns: refactor for better readability
25b3f3f4 2023-12-19 12:36 Tim Meusel

simplerule: Add support for incoming interface filtering
2732318a 2023-12-06 04:19 Tames McTigue

Document what the 'auto_merge' parameter does.
67cdcf15 2023-11-24 02:52 Steve Traylen

Support input interface specification to dns server

Useful when you want to allow docker/podman containers
access to a hosts dns stub resolver.

```puppet
class{'nftables::rules::dns':
iifname => ['docker0'],
}
```
a7cb6803 2023-11-23 02:38 Steve Traylen

Merge pull request #214 from traylenator/podman

Additional rules for podman root containers
94285e5f 2023-11-22 04:40 Steve Traylen

Example how to redirect one port to another

Add example how to redirect traffic from one port to another.
08b9f1d0 2023-11-22 03:53 Steve Traylen

Additional rules for podman root containers

This class defines additional forwarding rules to let root containers
reach external networks when using Netavark (since v4.0) or CNI (deprecated).
At the time of writing, Podman supports automatic configuration...
baad986e 2023-11-16 19:10 Vadym Chepkov

add ftp helper

This adds ability to enable a connection tracker helper and provides typical ftp rules

Co-authored-by: Vadym Chepkov <>
Co-authored-by: Yury Bushmelev <>

Voir les révisions

Formats disponibles : Atom