search for: iniface

...#39;, proto => ''all'', state => [''RELATED'', ''ESTABLISHED''], action => ''accept'' } *This works for new inbound SSH connections:* firewall { ''007 fwd to ssh_in'': chain => ''INPUT'', iniface => ''eth0'', source => ''10.x8.xx1.0/24'', proto => ''tcp'', state => ''NEW'', port => ''22'', action => ''accept'' } *This works for inbound SSH connections:* firewallchain { ...

...0000000 +0200 @@ -151,11 +151,11 @@ ip_packet_match(const struct iphdr *ip, } /* Look for ifname matches; this should unroll nicely. */ - for (i = 0, ret = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) { - ret |= (((const unsigned long *)indev)[i] - ^ ((const unsigned long *)ipinfo->iniface)[i]) - & ((const unsigned long *)ipinfo->iniface_mask)[i]; - } + for (i = 0, ret = 0; i < IFNAMSIZ; i++) { + ret |= (indev[i] + ^ ipinfo->iniface[i]) + & ipinfo->iniface_mask[i]; + } if (FWINV(ret != 0, IPT_INV_VIA_IN)) { dprintf("VIA in mismatch (%s vs %s)....

...e { Firewall { require => undef, } firewall { ''000 accept all icmp'': proto => ''icmp'', action => ''accept'', }-> firewall { ''001 accept all to lo interface'': proto => ''all'', iniface => ''lo'', action => ''accept'', }-> firewall { ''002 accept related established rules'': proto => ''all'', state => [''ESTABLISHED'' , ''RELATED''], action => '...

Hi all, I''m attempting to use the puppetlabs-firewall module. In testing, rules are enabled in a random order, so it seems necessary to utilize puppet stages to guarantee proper ordering. I created a module to organize my firewalling. It consists of localfw::pre to open the INPUT chain for established and related connections, localfw::default for most normal rules, and localfw::post to