Merge pull request #99 from bastelfreak/fixtures
pull fixtures from git and not forge
Merge pull request #98 from traylenator/rc
Release 2.0.1-rc0
Merge pull request #97 from cernops/release_140
Prepare release 2.0.0
Merge pull request #96 from cernops/issue95
Allow creating a totally empty firewall
By setting `nftables::inet_filter` and `nftables::nat` to `false`users can now start off from a totally empty firewall and add thetables, chains and rules they'd like.
The default skeleton for inet-filter, ip-nat and ip6-nat is kept...
Merge pull request #93 from cernops/ibarrien_saddr
Fix IPv4 source address type detection
Before this patch, a rule like this:
``` nftables::simplerule { 'foo': action => 'accept', dport => 443, proto => 'tcp4', saddr => '192.168.1.10', }```
would incorrectly generate this rule:...
Merge pull request #92 from traylenator/everything
Drop Puppet 5, puppetlabs/concat 7.x, puppetlabs/stdlib 7.x, camptocamp/systemd: 3.x
Rely on puppet 6 calling daemon-reload
Since Puppet 6 now there no need to explicitlycall `systemctl daemon-reload`.
Merge remote-tracking branch 'kenyon/bump-concat' into everything
puppetlabs/concat: Allow 7.x
puppetlabs/stdlib: Allow 7.x
camptocamp/systemd: allow 3.x
Merge pull request #88 from cernops/dotfiles_yas_link
Amend link to Yasnippets
I reorganised my dotfiles a bit so this link must be changed. Sorryfor the noise.
Merge pull request #87 from cernops/bump_rc
Release 1.3.1-rc0
Merge pull request #86 from cernops/release_1_3_0
Prepare release 1.3.0
Merge pull request #85 from cernops/qemu
Add rules for QEMU/libvirt guests (bridged virtual networking)
Add rules for QEMU/libvirt guests
Merge pull request #80 from luisfdez/dockerce
Add Docker-CE default rules
Add optional handling of chains
Merge pull request #84 from traylenator/version
Add nftables.version to structured fact.
Add fact section to README.md
Fix doc defaults
```FACTERLIB=. facter -p nftables { tables => [ "bridge-filter", "bridge-nat", "inet-firewalld", "ip-firewalld", "ip6-firewalld" ], version => "0.9.3" }```
metadata.json: drop Puppet 5 support
Also bump puppetlabs/concat and puppetlabs/stdlib, whose versions7.0.0 also dropped support for Puppet 5.
Fixes #78
Fix rulename spec in spec
Fix syntax
Add newline & more tests
Merge pull request #82 from cernops/ibarrien_activemq
Add rules for Apache ActiveMQ
Merge pull request #81 from cernops/emacs_readme
Fix sections and add a pointer to code snippets for Emacs
Add pointer to Yasnippets for some defined types
Improve sections' formatting
Release 1.2.1-rc0 (#77)
Release 1.2.0 (#76)
fix #74 - ensure table are initialized before flushing them (#75)
Temporarily use /bin/ for systemctl and echo paths in Debian 10
Debian Buster has symlinks from usrmerge that resolve to /bin/X,but systems upgraded from Stretch or earlier that haven't installedusrmerge will not have anything in /usr/bin/X.
This should be removed once every installation we have has had...
Merge remote-tracking branch 'upstream/master' into stretch_support
Merge pull request #73 from Koumbit/global_chain_not_hardcoded
start declaring the 'global' chain with module resources
create tests for presence of the "global" chain
the 'global' chain is a vestigial piece of early development on thismodule, but it can be useful for creating fast short-circuits likeblocking traffic that match a certain set of IPs.
in the current state we can't inject rules inside the 'global' chain...
Bump version to 1.1.2-rc0 (#72)
Manual MR due to travis_release being broken by necessity to approve.
https://github.com/voxpupuli/puppet-nftables/issues/61
Release 1.1.1 (#71)
Formats disponibles : Atom