ReleaseEngineering/PuppetAgain/Modules/fw

From MozillaWiki
< ReleaseEngineering‎ | PuppetAgain‎ | Modules
Revision as of 21:59, 1 July 2013 by Djmitche (talk | contribs) (Created page with "This is a light wrapper around the `firewall` module (which is https://github.com/puppetlabs/puppetlabs-firewall). In particular, when a firewall is activated, this module in...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This is a light wrapper around the `firewall` module (which is https://github.com/puppetlabs/puppetlabs-firewall).

In particular, when a firewall is activated, this module includes some basic flows:

* SSH
* established connections
* ICMP
* Nagios

and denies all others not specifically added.

To simply activate the firewall, but not allow any additional flows:

 include fw

To activate the firewall and allow a specific flow:

 fw::port {
     "tcp/3399": ;
 }

This will allow connections to tcp/3399 from any IP.