saltstack-formulas/firewalld-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
142 Commits 1 Branch 14 Tags 429 KiB
472a16c283
Commit Graph

26 Commits

Author SHA1 Message Date
Imran Iqbal
0ff53ffb27
feat(firewalld.conf): support configuration of AllowZoneDrifting 
Close #44.

Configuration description taken from:

* https://firewalld.org/documentation/man-pages/firewalld.conf.html
 2020-10-24 07:09:06 +01:00
Imran Iqbal
204efe5fc7
style(zone.xml): remove all trailing whitespaces 2020-04-01 19:00:37 +01:00
Imran Iqbal
d8f0f47a54
fix(zone.xml): adjust whitespacing to pass tests & macro at top of file 2020-04-01 19:00:37 +01:00
Steven Daniele
cd4cec0089 feat: allow rich_rules to be specified as a dict 
When specifying rich rules as a dictionary ipsets and services can be
specified as lists. They will be expanded out by the jinja template into
individual rich rules for the parent zone.
 2020-03-30 09:01:27 -04:00
Michal Hrusecky
8d0172f5c7
feat(zone.xml): allow more services definition inside zone 
Now multiple sections ending with `services` can be defined for each in pillar
and all of them will get merged into one service block in the zone. The goal is
to keep backward compatibility while allowing different services to be defined
in different pillars. So basically have various parts of the pillar affecting
the firewall without need to define everything centrally. Helpful for the
exceptions to the rules.
 2020-02-11 15:29:11 +01:00
Steven Daniele
12b696a8fe Remove name attribute in icmp-block-inversion 
Firewalld does not parse the name attribute.

Log message:
firewalld[1999]: ERROR: Failed to load zone file 'public.xml':
PARSE_ERROR: icmp-block-inversion: Unexpected attribute name
 2019-11-08 10:37:31 -05:00
Steven Daniele
64825e20ab Fix typo in icmp block inversion key name 2019-11-08 09:39:57 -05:00
Niels Abspoel
ae1f2453d3 add updated firewalld.conf from 0.7.1 2019-09-15 21:01:15 +01:00
Niels Abspoel
a438f30f50 fix spacing in closing tags 2019-04-06 23:26:48 +02:00
Niels Abspoel
18fc482853 update service and zones with more options 
update kitchen travis
fix ipsets.sls
 2019-04-06 21:40:50 +02:00
Valentin Bud
d1d7a9186c Add support for inet6 ipsets. 2018-12-10 13:44:53 +02:00
Niels Abspoel
7c0b6aeb55 fix whitespacing 2018-08-14 19:52:08 +02:00
Niels Abspoel
36da1094b7 update firewalld formula for firewalld > 0.6 2018-08-12 20:26:21 +02:00
Paul Williams
2fd70c9f41
Add support for using ipsets as sources in a zone 
I wanted to be able to add an ipset as a source in the zone without using a rich rule.  I believe this change accomplishes that.  Tested and working on CentOS 7 (salt master and minion).
 2017-11-24 18:31:17 -05:00
Javier Bértoli
141d8a4781 Add warning header to salt-generated files 2017-05-25 18:51:04 -03:00
Matthew Hoover
cc617a97ef Added comment option for zone sources. 2016-09-29 22:50:55 -04:00
hoonetorg
25cdfe3bbe firewalld 0.4 settings 2016-09-19 16:02:35 +02:00
hoonetorg
9dc0a77167 implement direct rules 2016-09-13 23:25:51 +02:00
Niels Abspoel
c5a01c837e add ipset support for firewalld 2016-09-03 21:43:40 +02:00
Niels Abspoel
e77a52cf27 fix newline to make service.xml files more readable 2015-05-25 15:30:52 +02:00
David Bezuidenhout
8afeae049f [fix] mising bracket at endfor loop at <destination ipv6 2015-03-11 16:38:54 +02:00
David Bezuidenhout
941b2768b1 [fix] service definition in rich rules - thx jdreese on Github 2015-03-11 16:17:29 +02:00
David Bezuidenhout
847417f03e [update] jinja brackets so that resulting output on xml files are better 
human readable
 2015-03-11 16:04:00 +02:00
David Bezuidenhout
b584c44edc [fix] source attribute key - github issue 1 2015-03-11 15:36:06 +02:00
Will Saxon
524105e2df fix header issue 2015-01-11 03:29:46 -05:00
David Bezuidenhout
baa2afab61 Initial commit. 2014-08-23 16:44:48 +02:00