search for: firewallchain

...First, some software versions, just to get them out of the way: - CentOS 5.x through Centos 6.2 - Ruby 1.8.5 - 1.8.7 - Puppet 2.7.19 - Facter 1.6.11 Just a note - we''re working from the EPEL repos almost exclusively. I am working with the firewall module, and so far I am unable to use firewallchain. Some digging suggests that it''s not completely user error (though I know I should never rule that out...). Here''s my code: firewallchain { "SSH:FILTER:IPv4" : ensure => present, } That block of code results in this error: puppe...

Trying the firewall module and we''re getting a strange error. /var/lib/puppet/lib/puppet/provider/firewallchain/iptables_chain.rb:34: warning: already initialized constant Mapping /var/lib/puppet/lib/puppet/provider/firewallchain/iptables_chain.rb:37: warning: already initialized constant InternalChains /var/lib/puppet/lib/puppet/provider/firewallchain/iptables_chain.rb:38: warning: already initialized...

...T'', iniface => ''eth0'', source => ''10.x8.xx1.0/24'', proto => ''tcp'', state => ''NEW'', port => ''22'', action => ''accept'' } *This works for inbound SSH connections:* firewallchain { ''ssh_in:filter:IPv4'': ensure => present, } firewall { ''008 fwd to ssh_in'': chain => ''INPUT'', iniface => ''eth0'', source => ''10.x8.xx1.0/24'', proto => ''tcp'', state => &...

...Firewall { notify => Exec[''persist-firewall''], before => Class[''firewall::post''], require => Class[''firewall::pre''], } Firewallchain { notify => Exec[''persist-firewall''], } resources {''firewall'': purge => true} } One issue I have run into, is that any node using a class that includes Firewall resources *must* also have the...

Hello, I can''t figure out how I can use the module puppetlabs-firewall only for some targeted nodes. If I put : resources { "firewall": purge => true } in top scope (i.e. site.pp), then all the firewall rules on all my nodes are purged. Even for nodes for which I don''t apply any module containing specific firewall { ... } resources. If I put it in a module

Hi there! Is there a timeline on when the puppetlabs-firewall forge module will be updated (not necessarily to 1.0) ? the github version has the firewallchain type (as well as other nifty) that the forge version seems to be lacking, but it''s not clear from my perusing that the two are different. They both appear to be the same version superficially*…. The github version points to the forge version for documentation, so I sillily grabbed the for...

Hi all, I''m attempting to use the puppetlabs-firewall module. In testing, rules are enabled in a random order, so it seems necessary to utilize puppet stages to guarantee proper ordering. I created a module to organize my firewalling. It consists of localfw::pre to open the INPUT chain for established and related connections, localfw::default for most normal rules, and localfw::post to