firewalld-formula/firewalld/init.sls


# == State: firewalld
#
# This state installs/runs firewalld.
#


{% if salt['pillar.get']('firewalld:enabled') %}
include:
  - firewalld._config
  - firewalld._service
  - firewalld._zone

# iptables service that comes with rhel/centos
iptables:
  service:
    - disabled
    - enable: False
    
ip6tables:
  service:
    - disabled
    - enable: False

firewalld:
  pkg:
    - installed
  service:
    - running              # ensure it's running
    - enable: True         # start on boot
    - require:
      - pkg: firewalld
      - file: /etc/firewalld/firewalld.conf # require this file
      - service: iptables         # ensure it's stopped
      - service: ip6tables        # ensure it's stopped
{% else %}
firewalld:
  service:
    - dead                 # ensure it's not running
    - enable: False        # don't start on boot
{% endif %}
Initial commit. 2014-08-23 16:44:48 +02:00
			`# == State: firewalld`
			`#`
			`# This state installs/runs firewalld.`
			`#`


			`{% if salt['pillar.get']('firewalld:enabled') %}`
			`include:`
			`- firewalld._config`
			`- firewalld._service`
			`- firewalld._zone`

			`# iptables service that comes with rhel/centos`
			`iptables:`
			`service:`
			`- disabled`
			`- enable: False`

			`ip6tables:`
			`service:`
			`- disabled`
			`- enable: False`

			`firewalld:`
			`pkg:`
			`- installed`
			`service:`
			`- running # ensure it's running`
			`- enable: True # start on boot`
			`- require:`
			`- pkg: firewalld`
			`- file: /etc/firewalld/firewalld.conf # require this file`
			`- service: iptables # ensure it's stopped`
			`- service: ip6tables # ensure it's stopped`
			`{% else %}`
			`firewalld:`
			`service:`
			`- dead # ensure it's not running`
			`- enable: False # don't start on boot`
			`{% endif %}`