Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / manifests / rules @ eac19d14

Nom Taille Révision Âge Auteur Commentaire
  out 9d1ee648 plus d'un an Tim Meusel rules::out:dns: refactor for better readability
activemq.pp 580 octets 771b3256 environ 4 ans Nacho Barrientos Add rules for Apache ActiveMQ
afs3_callback.pp 472 octets 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
ceph.pp 336 octets 11bf7237 plus de 4 ans Steve Traylen lint_fix results
ceph_mon.pp 395 octets 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
dhcpv6_client.pp 237 octets 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
dnat4.pp 1,1 ko fcb79d73 plus de 3 ans Ben Morrice support a different table name for 'nat' - Some...
dns.pp 699 octets 67cdcf15 plus d'un an Steve Traylen Support input interface specification to dns se...
docker_ce.pp 4,28 ko fcb79d73 plus de 3 ans Ben Morrice support a different table name for 'nat' - Some...
ftp.pp 1,05 ko baad986e plus d'un an Vadym Chepkov add ftp helper This adds ability to enable a c...
http.pp 135 octets 11bf7237 plus de 4 ans Steve Traylen lint_fix results
https.pp 139 octets 11bf7237 plus de 4 ans Steve Traylen lint_fix results
icinga2.pp 259 octets 666c3138 environ 2 ans Louis-Philippe Véronneau Fix typo in icinga2 rule documentation
icmp.pp 1,09 ko 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
igmp.pp 163 octets 020842af presque 2 ans Tim Meusel Add rules for IGMP
ldap.pp 241 octets ea29e235 presque 2 ans Simon Hoenscheid add ldap and active directory rules
llmnr.pp 584 octets 3b26826f plus d'un an Tim Meusel Add rule for incoming LLMNR
masquerade.pp 1,24 ko fcb79d73 plus de 3 ans Ben Morrice support a different table name for 'nat' - Some...
mdns.pp 462 octets ad3dbd7d presque 2 ans Ewoud Kohl van Wijngaarden Rewrite mdns rules to limit to multicast and al...
multicast.pp 182 octets 80b384c8 presque 2 ans Tim Meusel Add rule to allow incoming multicast traffic
nfs.pp 157 octets 11bf7237 plus de 4 ans Steve Traylen lint_fix results
nfs3.pp 183 octets 2075a727 plus de 4 ans Steve Traylen Correct NFS udp and tcp port matching There wa...
node_exporter.pp 874 octets 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
ospf.pp 172 octets cbe342b9 plus de 3 ans tr Use protocol number instead of label The label...
ospf3.pp 192 octets cbe342b9 plus de 3 ans tr Use protocol number instead of label The label...
podman.pp 633 octets 08b9f1d0 plus d'un an Steve Traylen Additional rules for podman root containers Th...
puppet.pp 245 octets 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
pxp_agent.pp 256 octets 9ad64784 presque 3 ans Tim Meusel Update manifests/rules/pxp_agent.pp Co-authore...
qemu.pp 4,25 ko fcb79d73 plus de 3 ans Ben Morrice support a different table name for 'nat' - Some...
samba.pp 636 octets 64404839 plus d'un an Tim Meusel samba: Add option to drop traffic
smtp.pp 135 octets 11bf7237 plus de 4 ans Steve Traylen lint_fix results
smtp_submission.pp 169 octets 11bf7237 plus de 4 ans Steve Traylen lint_fix results
smtps.pp 139 octets 11bf7237 plus de 4 ans Steve Traylen lint_fix results
snat4.pp 1,13 ko fcb79d73 plus de 3 ans Ben Morrice support a different table name for 'nat' - Some...
spotify.pp 175 octets 8b131276 presque 2 ans Tim Meusel Add rule to allow incoming spotify broadcast
ssdp.pp 573 octets 50a5be8b plus d'un an Tim Meusel Add rule for incoming SSDP
ssh.pp 229 octets 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
tor.pp 235 octets 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
wireguard.pp 256 octets 09cba182 plus de 4 ans Steve Traylen Enable parameter_documentation lint The linter...
wsd.pp 603 octets ffc8b86f plus d'un an Tim Meusel Add nftables rules for ws-discovery

Dernières révisions

# Date Auteur Commentaire
9d1ee648 2023-12-20 04:41 Tim Meusel

rules::out:dns: refactor for better readability
67cdcf15 2023-11-24 02:52 Steve Traylen

Support input interface specification to dns server

Useful when you want to allow docker/podman containers
access to a hosts dns stub resolver.

```puppet
class{'nftables::rules::dns':
iifname => ['docker0'],
}
```
08b9f1d0 2023-11-22 03:53 Steve Traylen

Additional rules for podman root containers

This class defines additional forwarding rules to let root containers
reach external networks when using Netavark (since v4.0) or CNI (deprecated).
At the time of writing, Podman supports automatic configuration...
baad986e 2023-11-16 19:10 Vadym Chepkov

add ftp helper

This adds ability to enable a connection tracker helper and provides typical ftp rules

Co-authored-by: Vadym Chepkov <>
Co-authored-by: Yury Bushmelev <>
64404839 2023-08-27 05:09 Tim Meusel

samba: Add option to drop traffic
ffc8b86f 2023-08-26 18:20 Tim Meusel

Add nftables rules for ws-discovery
50a5be8b 2023-08-26 18:05 Tim Meusel

Add rule for incoming SSDP
3b26826f 2023-08-25 19:07 Tim Meusel

Add rule for incoming LLMNR
6b350264 2023-08-19 16:22 Tim Meusel

Add rule for outgoing multicast DNS
e499cece 2023-08-19 15:52 Tim Meusel

Add rule for multicast listener requests (MLDv2)

Voir les révisions

Formats disponibles : Atom