Hi,
the Debian Project currently runs about 100 machines[1] all over the
world with different services. Those are mainly managed by the Debian
System Administration team[2]. For central configuration management we
use Puppet[3]. The Puppet config we use is publicly available at [4].
Our next goal is to have a more or less central configuration of our
iptables rules on all those machines. Some of the machines have
home-brewed firewall scripts, some use ferm.
Your mission, if you choose to accept it, is to provide us with a new
dsa-puppet git branch with a module "ferm" that we can roll out to all
our hosts.
It might want to use information from the other puppet modules like
"apache2_security_mirror" or "buildd" to decide which incoming traffic
should be allowed.
DSA will of course provide you with all necessary further information.
Cheers,
Martin
[1] http://db.debian.org/machines.cgi
[2] http://wiki.debian.org/Teams/DSA
[3] http://reductivelabs.com/products/puppet/
[4] http://git.debian.org/?p=mirror/dsa-puppet.git
--
Martin Zobel-Helas | Debian System Administrator
Debian & GNU/Linux Developer | Debian Listmaster
Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870
GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870
signature.asc
Description: Digital signature