Giters

janorn / puppet-ipfilter

Puppet module to manage ipfilter

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Puppet module: ipfilter

This is a puppet module to manage ipfilter in solaris primarily.

License

Released under the terms of Apache 2 License.

Support

Please log tickets and issues at our [Projects site](github.com/janorn/puppet-ipfilter/issues)

Usage

This config:

class { 'ipfilter': 
  block_policy => 'reject',
}
	
ipfilter::rule { 'http': 
  port       => '80',
  protocol   => 'tcp',
}

Will generate this ipf.conf file:

## File Managed by Puppet
# Default block rule with reject. 
block return-icmp-as-dest(3) in log all
block out log all

# Accept all ICMP pkgs
pass in quick proto icmp from any to <thishost>
pass out quick proto icmp from <thishost> to any

# Allow ssh on port 22
pass in quick proto tcp from any to <thishost> port = 22 keep state

# Rule http
pass in quick proto tcp from any to <thishost> port = 80 keep state

# Allow connections originating from local machine out
pass out quick proto tcp all flags S/SA keep state
pass out quick proto udp all keep state

About

Puppet module to manage ipfilter

License:Other

Languages

Language:Puppet 78.2%Language:Shell 11.5%Language:HTML 6.1%Language:Ruby 4.3%