Projet

Général

Profil

Révision:

Révisions

# Date Auteur Commentaire
139ec11d 2020-12-09 04:37 Steve Traylen

Merge pull request #43 from cernops/doc_typos

Fix typos and formatting in the README
1330c27e 2020-12-09 04:08 Nacho Barrientos

Add a hint about changing default output configuration
8ded326d 2020-12-09 04:06 Nacho Barrientos

Fix typo in class name
4ed97e58 2020-12-09 04:06 Nacho Barrientos

Add a separation between the header and the content
620da9a6 2020-12-09 04:06 Nacho Barrientos

Add remark about the global chain
0f31ffbe 2020-12-09 04:06 Nacho Barrientos

Fix grammatical error
1ffab17b 2020-12-09 04:05 Nacho Barrientos

Add full stop
7e5b657a 2020-12-08 11:49 Steve Traylen

rubocop:auto_correct fixes
da8956d3 2020-12-08 11:49 Steve Traylen

Enable rubocop check

Will submit centrally if all well.
492ca838 2020-12-08 09:23 Steve Traylen

Disable Disable TrailingCommaInArguments early

Can be reverted once
https://github.com/voxpupuli/voxpupuli-test/pull/36
is released
c4b1b93b 2020-12-08 07:58 Steve Traylen

Comment why firewalld_enable parameter is required (#40)
bd5145ab 2020-12-08 07:54 Steve Traylen

Add basic configuration validation acceptance test (#38)

  • Add basic configuration validation acceptance test

It is not possible to start the nftables service within docker so
the service is altered to only validate the service
configuration resulting from concat constructed files and nft inclusions.
7db6f797 2020-12-07 11:23 Steve Traylen

Merge pull request #36 from traylenator/modulesync

modulesync 4.0.0 and general alignment to voxpupuli.
4630574b 2020-12-07 11:18 Steve Traylen

Correct author, add tags and issues to metadata
5b4c71bc 2020-12-07 11:18 Steve Traylen

Correctly remove puppet4 support
31b17627 2020-12-07 11:18 Steve Traylen

Use single line for each parameter definition
59c1ddf4 2020-12-07 10:13 Steve Traylen

Mock with mocha
b09d43bf 2020-12-07 09:56 Steve Traylen

Adapt metadata to voxpupuli name space
11bf7237 2020-12-07 09:51 Steve Traylen

lint_fix results
78f22811 2020-12-07 09:25 Steve Traylen

modulesync 4.0.0
8897f7d0 2020-12-07 09:21 Steve Traylen

Drop duritong .sync.yml
e3c56ff6 2020-12-03 03:48 keachi

Merge pull request #29 from keachi/fwd_conntrack

Enable conntrack in FORWARD
24a5a2a7 2020-12-02 15:05 tr

Enable conntrack in FORWARD
ed8e4643 2020-12-02 08:03 duritong

Merge pull request #32 from dvanders/ceph_nfs

Add Ceph and NFS rules
d0c972c3 2020-12-02 05:37 Dan van der Ster

Test NFS rules

Signed-off-by: Dan van der Ster <>
f4e9e995 2020-12-02 05:37 Dan van der Ster

Test ceph rules

Signed-off-by: Dan van der Ster <>
c3be15e0 2020-12-01 15:05 duritong

Merge pull request #31 from traylenator/selective

New parameter noflush_tables to selectivly skip flush
5210e023 2020-12-01 05:42 Dan van der Ster

Add NFS-related rules

Signed-off-by: Dan van der Ster <>
bbc93ede 2020-12-01 04:33 Dan van der Ster

Add ceph related rules

Signed-off-by: Dan van der Ster <>
03d9e7da 2020-12-01 03:09 Steve Traylen

New parameter noflush_tables to selectivly skip flush

Introduces a new structured fact nftables

```yaml
nftables:
tables:
- inet-filter
- ip-nat
- ip6-nat
- inet-f2b-table
```

By default the nft script will continue to contain `nft flush ruleset`...
9fe75e32 2020-11-30 07:21 duritong

Merge pull request #30 from traylenator/slc

Scientific Linux 8 will never exist
2ccf856b 2020-11-30 05:27 Steve Traylen

Scientific Linux 8 will never exist

As per

https://listserv.fnal.gov/scripts/wa.exe?A2=ind1904&L=SCIENTIFIC-LINUX-ANNOUNCE&P=78
72aad4a2 2020-11-29 13:22 keachi

Merge pull request #28 from traylenator/simplify

Do not test nftables::rules repeatadly
902ceaac 2020-11-29 13:18 keachi

Merge pull request #22 from cernops/log_limit

Set a customisable rate limit to the logging rules
d5a61536 2020-11-27 06:07 duritong

Merge pull request #26 from cernops/hiera_sets

Allow sourcing sets from Hiera
6b80ac21 2020-11-27 06:06 duritong

Merge pull request #27 from traylenator/reference

Refresh REFERENCE
300b7382 2020-11-27 05:21 Steve Traylen

Do not test nftables::rules repeatadly

Rather than testing the contents of nftable::rules just test
that nftables::rules instance is correct.

The existing test for the define nftables::rules is enough.

Motivation here is to make changes to nftables::rules easier to handle...
7f6cacc5 2020-11-27 04:01 Steve Traylen

Refresh REFERENCE
802d80d1 2020-11-27 03:35 Nacho Barrientos

Allow sourcing sets from Hiera
7395300c 2020-11-26 16:09 duritong

Merge pull request #25 from cernops/no_nat

Allow disabling default NAT tables and chains
82d10659 2020-11-26 15:39 Nacho Barrientos

Allow disabling default NAT tables and chains
bd549474 2020-11-26 15:07 duritong

Merge pull request #10 from traylenator/reload

Reload rules atomically and verify rules before deploy
30462da1 2020-11-26 05:19 Steve Traylen

Reload rules atomically

Background: The unit file for nftables on CentOS 8 contains:

```
ExecStart=/sbin/nft -f /etc/sysconfig/nftables.conf
ExecReload=/sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";'
ExecStop=/sbin/nft flush ruleset
```...
b10c6216 2020-11-24 10:37 Nacho Barrientos

Set a customisable rate limit to the logging rules
92461926 2020-11-24 07:53 duritong

Merge pull request #16 from cernops/icmp

Move ICMP stuff to separate classes allowing better customisation
587e522e 2020-11-24 07:51 duritong

Merge pull request #20 from cernops/firewalld_mask

Make masking Service['firewalld'] optional
ae9872e2 2020-11-24 04:17 Nacho Barrientos

Make masking Service['firewalld'] configurable
79e9a23f 2020-11-21 03:10 Nacho Barrientos

Move ICMP stuff to separate classes
def3893c 2020-11-20 10:52 keachi

Merge pull request #15 from traylenator/fixtests

Correct bad merge
8b97e6a3 2020-11-20 03:52 Steve Traylen

Correct bad merge

There was a bad merge between

correct tests.
(501-550/665) Par page : 50, 100, 200

Formats disponibles : Atom