Hi, i actually try to work with the puppetlabs firewall. I am also working with vagrant, so port 22 has to be opened all the time. But I want to reject any further connection possibilities.
Working with puppetlabs-firewall 1.1.3 and puppet 2.7.23 So the perfekt way for me would be to work with Inversion, like: (https://github.com/puppetlabs/puppetlabs-firewall/blob/master/README.markdown#rule-inversion) firewall { '000 drop all except TCP 22': action => 'drop', iniface => 'eth0', proto => '! TCP' port => ['! 22'], } But this does not work. Always an error that these are no possible arguments. If i work with firewall { '000 drop all': action => 'drop', iniface => 'eth0', proto => 'all' } and firewall { '000 accept TCP 22': action => 'accept', iniface => 'eth0', proto => 'tcp' port => [22], } the connection is lost, and i could not connect via port 22 again. Could somebody help me? Do not know how to handle this situation. Greets, Marco -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/1699ea1e-47c0-4813-bb43-505c2ce0ce73%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
