Issue #3100 has been updated by Mohamed Lrhazi.
What if someone defined a very strict minimum of supported features... such as just allow, deny, protocol, source, destination? plus maybe some static header and footer sections? am thinking in terms of how to allow puppet to automatically generate the policy file iptables, or ipf,conf and similar, given a set of allow/deny statements.... am guessing most hosts would not need any complex firewall features, such as routing, masquerading, oqs and so on.... Also, refreshing the firewall itself too often does not sound like too bad of a thing, right? let's call this "local firewall management", as opposed to configuring a real routing firewall. Thanks. ---------------------------------------- Feature #3100: Generic firewall type http://projects.puppetlabs.com/issues/3100 Author: Cristi Magherusan-Stanciu Status: Accepted Priority: Low Assigned to: Category: newfeature Target version: unplanned Affected version: 0.25.4rc1 Keywords: firewall mission_impossible Branch: It would be nice to have a firewall type with a set of rules working on all the supported systems. It should be able to detect if iptables, PF, IPFW, IPF and so on are running on the machine and be able to configure it. The supported operations should be simple at first, with no fancy stuff included, but should allow extensions for the future. The syntax would be something like this: firewall {my_fw_resource: enabled => true, policy => reject, open_ports => [80,443] } Any other suggestions or improvements are welcome. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
