Confirmed users
120
edits
ReleaseEngineering/PuppetAgain/Modules/fw: Difference between revisions
ReleaseEngineering/PuppetAgain/Modules/fw (view source)
Revision as of 19:45, 8 August 2017
, 8 August 2017→Firewall Wrapper Module
mNo edit summary |
|||
| Line 1: | Line 1: | ||
= Firewall Wrapper Module = | = Firewall Wrapper Module = | ||
This is a wrapper around the `firewall` and 'pf' module. It provides transparency for writing firewall rules that may be interchangeable between both OSX and Linux<br /> | This is a wrapper around the `firewall` and 'pf' module. It provides transparency for writing firewall rules that may be interchangeable between both OSX and Linux<br /> | ||
The fw module uses a 'Roles & Profiles' framework for managing and applying firewall rules in a simple and easy way. A role is made up of individual rules grouped together on a source/application basis. | The fw module uses a 'Roles & Profiles' framework for managing and applying firewall rules in a simple and easy way. A role is made up of individual rules grouped together on a source/application basis. A Profile is a collection of roles which is applied to a host or group of hosts.<br /><br /> | ||
=== Defining ports and protocols for applications === | === Defining ports and protocols for applications === | ||
| Line 9: | Line 9: | ||
'https' => { proto => 'tcp', port => '443' }, | 'https' => { proto => 'tcp', port => '443' }, | ||
'puppet' => { proto => 'tcp', port => '8140' }, | 'puppet' => { proto => 'tcp', port => '8140' }, | ||
Valid protocols are: | |||
* tcp | |||
* udp | |||
=== Defining hosts and networks === | === Defining hosts and networks === | ||