Niels Abspoel
c7f4b3a611
Revert "Fix ipset:type colon handling error"
2018-05-13 22:14:49 +02:00
Javier Bértoli
2fc03fbd70
Fix ipset:type colon handling error
2018-05-10 07:53:54 -03:00
Angelo Verona
b1d6b52307
Default file permission for firewalld.conf is 644 not 640 (CentOS). Even if I think that "others" don't need to read that, it always shows up as file with non-default permissions from default rpm package in security scans. e.g. "rpm -Va |grep ^.M" or more salty way: "salt '*' pkg.verify" / salt '*' pkg.modified firewalld mode=True; manual fix e.g. rpm --setperms firewalld-*.el7.noarch
2017-12-28 02:45:05 +01:00
Paul Williams
2fd70c9f41
Add support for using ipsets as sources in a zone
...
I wanted to be able to add an ipset as a source in the zone without using a rich rule. I believe this change accomplishes that. Tested and working on CentOS 7 (salt master and minion).
2017-11-24 18:31:17 -05:00
Javier Bértoli
141d8a4781
Add warning header to salt-generated files
2017-05-25 18:51:04 -03:00
Niels Abspoel
5904c75875
add suse_support
2017-05-25 22:41:40 +02:00
Adam Mendlik
103afc0a18
Reload, rather than restart, the FirewallD service
2017-03-11 12:51:12 -07:00
Matthew Hoover
cc617a97ef
Added comment option for zone sources.
2016-09-29 22:50:55 -04:00
hoonetorg
25cdfe3bbe
firewalld 0.4 settings
2016-09-19 16:02:35 +02:00
hoonetorg
9dc0a77167
implement direct rules
2016-09-13 23:25:51 +02:00
hoonetorg
b91d65d135
fix data type in zone and service template, which broke formula for 2016.3
2016-09-13 21:40:00 +02:00
Niels Abspoel
c5a01c837e
add ipset support for firewalld
2016-09-03 21:43:40 +02:00
Clément Mercier
588bf5efcf
change the restart, it was not effective before
2016-03-16 18:24:56 +01:00
Niels Abspoel
5fc2f58b0c
improvements to formula with defaults.yaml
2016-01-19 22:15:08 +01:00
David Bezuidenhout
d55b767b91
[remove] clean-up some code, mostly code commented out
2016-01-19 17:31:29 +02:00
Niels Abspoel
e77a52cf27
fix newline to make service.xml files more readable
2015-05-25 15:30:52 +02:00
David Bezuidenhout
8afeae049f
[fix] mising bracket at endfor loop at <destination ipv6
2015-03-11 16:38:54 +02:00
David Bezuidenhout
941b2768b1
[fix] service definition in rich rules - thx jdreese on Github
2015-03-11 16:17:29 +02:00
David Bezuidenhout
847417f03e
[update] jinja brackets so that resulting output on xml files are better
...
human readable
2015-03-11 16:04:00 +02:00
David Bezuidenhout
b584c44edc
[fix] source attribute key - github issue 1
2015-03-11 15:36:06 +02:00
Will Saxon
524105e2df
fix header issue
2015-01-11 03:29:46 -05:00
David Bezuidenhout
baa2afab61
Initial commit.
2014-08-23 16:44:48 +02:00