ReleaseEngineering/PuppetAgain/Modules/fw: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(Created page with "This is a light wrapper around the `firewall` module (which is https://github.com/puppetlabs/puppetlabs-firewall). In particular, when a firewall is activated, this module in...")
 
No edit summary
Line 2: Line 2:


In particular, when a firewall is activated, this module includes some basic flows:
In particular, when a firewall is activated, this module includes some basic flows:
* SSH
* SSH
* established connections
* established connections
* ICMP
* ICMP
* Nagios
* Nagios
and denies all others not specifically added.
and denies all others not specifically added.



Revision as of 22:01, 1 July 2013

This is a light wrapper around the `firewall` module (which is https://github.com/puppetlabs/puppetlabs-firewall).

In particular, when a firewall is activated, this module includes some basic flows:

  • SSH
  • established connections
  • ICMP
  • Nagios

and denies all others not specifically added.

To simply activate the firewall, but not allow any additional flows:

 include fw

To activate the firewall and allow a specific flow:

 fw::port {
     "tcp/3399": ;
 }

This will allow connections to tcp/3399 from any IP.