Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / spec / acceptance @ master

Nom Taille Révision Âge Auteur Commentaire
all_rules_spec.rb 6,06 ko 0f34454b 3 mois Steve Traylen Debian 11 known to be broken for sets
default_spec.rb 8,67 ko a528bf59 11 mois Steve Traylen New clobber_default_config paramter Certain OS...
file_spec.rb 1,84 ko 331b8d85 plus de 2 ans Steve Traylen New nftables::file type to include raw file Fo...
set_spec.rb 2,55 ko 0ea401a5 2 mois Steve Traylen Extra comment
simple_rule_iifname_spec.rb 2,63 ko d7d6d5d3 plus d'un an Tim Meusel simplerule: Add support for outgoing interface ...
zz_destroy_spec.rb 1,91 ko 2340d1d6 11 mois Steve Traylen Run default destroying acceptance tests at end ...

Dernières révisions

# Date Auteur Commentaire
0ea401a5 2025-03-10 06:36 Steve Traylen

Extra comment
0f34454b 2025-03-06 07:26 Steve Traylen

Debian 11 known to be broken for sets
5dedf86c 2025-03-06 07:08 Steve Traylen

Add ruleset for a Nomad cluster

Nomad clusters typically have single public API
port as well as rpc and serf ports for inter cluster
communication.

Example:

```puppet
class{ 'nftables::rules::nomad':
cluster_elements = [
'10.0.0.1','10.0.0.2',
'::1', '::2'',...
53aa1fa8 2025-02-28 03:34 Tim Meusel

Add firewall rule for incoming rsync requests
ee93f2de 2025-02-07 04:33 Simon Hoenscheid

add icinga2 rule for outgoing traffic
2340d1d6 2024-06-27 07:25 Steve Traylen

Run default destroying acceptance tests at end

The spec test destroy_spec was purging default nftables configurations
before other existing tests had a chance to run.

Run the default destroying tests as the final test.
a528bf59 2024-06-27 06:33 Steve Traylen

New clobber_default_config paramter

Certain OSes namely Debian and Archlinux provide default rules
with the OS.

This module has always respected those rules and appended all of
its own rules to the end of the existing rules.

The new parameter `clobber_default_config` if set `true` (default `false`)...
8bc8fe98 2024-06-27 06:12 Steve Traylen

Accept on Debian 11 nftables::set will fail

On Debian 11 adding an nftables set triggers a bug:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063690

move the `nftables::set` tests out to their own test which makes sense
anyway and mark as pending for Debian 11.
d7d6d5d3 2023-12-20 13:31 Tim Meusel

simplerule: Add support for outgoing interface filtering
25b3f3f4 2023-12-19 12:36 Tim Meusel

simplerule: Add support for incoming interface filtering

Voir les révisions

Formats disponibles : Atom