iptables

Module to manage iptables

Summary
iptablesModule to manage iptables
Puppet Classes
iptablesInstalls all the requirements to use this module
Puppet Defines
iptables::snippetInstalls a snippet into /etc/iptables.d/snippets at a given index.
Puppet Classes
iptables::nephilimiptables snipped for nephilim.ml.org

Puppet Classes

iptables

Installs all the requirements to use this module

Overview

This module maintains a bunch of snippets of iptable rules in /etc/iptables.d.  Any time a new snipped gets installed, old one gets removed or changes gets made a run of rebuildiptables.sh is scheduled to create the final /etc/sysconfig/iptables file.

User snippets should be installed at indexes 10 to 90

See Also

iptables::snippet

Actions

  • Installs the iptables package
  • create /etc/iptables.d and /etc/iptables.d/snippets
  • installs /usr/local/sbin/rebuildiptables.sh which is used to build the final iptables file
  • installs the std-prefix snippet at index 00
  • installs the std-suffix snippet at index 99
  • installs junkfilter, backup_access, monitor_access and admin_access at index 01
  • installs globalrules at index 02
  • ensures that the iptables service is enabled

Puppet Defines

iptables::snippet

define iptables::snippet ($order =  "10",
$ensure =  "present")

Installs a snippet into /etc/iptables.d/snippets at a given index.

Once a new snippet has been installed a rebuild will be scheduled.  Along with a service restart

Parameters

orderthe index to install it at, user snippets should go between 10 and 90
ensureas for any puppet type, set to absent to remove a snippet

Puppet Classes

iptables::nephilim

iptables snipped for nephilim.ml.org

define iptables::snippet ($order =  "10",
$ensure =  "present")
Installs a snippet into /etc/iptables.d/snippets at a given index.