Displaying 20 results from an estimated 5000 matches similar to: "Ordering rich rules with firewalld"
2016 Aug 26
1
Ordering rich rules with firewalld
On Aug 26, 2016, at 13:25, Dan White <d_e_white at icloud.com> wrote:
>
> How about
> http://www.firewalld.org/documentation -> firewall.direct(5)
> https://twoerner.fedorapeople.org/firewalld/doc/firewalld.direct.html
>
> priority="priority"
> The priority is used to order rules. Priority 0 means add rule on top of the chain, with a higher priority the
2016 Aug 15
2
Locked out of the CentOS Fora
The username/email combo I give the "forgot password" option does not work and I cannot re-register as it says my email is in use.
Suggestions ?
Dan White | d_e_white at icloud.com
------------------------------------------------
?Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.? (Bill Waterson: Calvin
2016 Aug 26
0
Ordering rich rules with firewalld
How about?
http://www.firewalld.org/documentation? ?-> firewall.direct(5)
https://twoerner.fedorapeople.org/firewalld/doc/firewalld.direct.html
priority="priority"
The priority is used to order rules. Priority 0 means add rule on top of the chain, with a higher priority the rule will be added further down. Rules with the same priority are on the same level and the order of these
2013 Mar 18
3
Hiera 1.2.0-rc2 and deep-merge
Stumbled around a bit until I figured out you need to do this:
gem install deep_merge
to get it to work !
“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
2016 Jul 12
2
How to block routing/forwarding with firewalld
On CentOS 7 with firewalld I have a box with numerous interfaces acting
as a NAT gateway. This works but I noticed that it routes/forwards
traffic not just from my internal zone to external zone but also between
interfaces within the internal zone. How can I prevent that traffic?
I've tried adding direct and rich rules to deny the traffic but it
doesn't work. Direct:
firewall-cmd
2013 May 30
8
Run a File resource only if another file is missing
Hi,
I would like to run the File resource below:
file { ''autoconfig.php'':
path =>
''/var/www/owncloud/config/autoconfig.php'',
ensure => file,
owner => ''www-data'',
group => ''www-data'',
2019 Jan 31
4
C7, firewalld and rich rules
On 1/30/19 10:05 PM, Simon Matter via CentOS wrote:
> Did you look at Shorewall? IMHO that's what is best used in such
> situations and it works since many years now.
shorewall doesn't support nftables, which is largely the point of
firewalld:? The Linux firewall system is currently undergoing yet
another deprecation and migration from iptables to nftables. firewalld
should
2019 Jan 30
3
C7, firewalld and rich rules
Hi, again, folks,
I'm trying to convert a number of iptables rules to firewalld rich
rules. I need to do this, because this is, in fact, a firewall, to
protect access to servers with sensitive data. It will limit access to
the servers behind it to a specific network, and nobody else, and allow
only certain services through.
What I've been trying to find is a script/program that
2013 Apr 26
7
passwordless ssh
What is the best and easy''t way to let all nodes ssh passwordless to each
other ?
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
2011 Nov 17
4
puppetmanaged.org ?
Anyone from puppetmanaged.org listening to this list ?
The web page to create an account <http://www.puppetmanaged.org/user/register> is busted.
The CAPTCHA does not show up and you cannot register without it.
So I tried their mailing list -- <http://www.puppetmanaged.org/mailman/listinfo>
I was able to join, but then my attempt to post to the list bounced:
2012 Jan 23
4
Another Discovered/Undocumented feature of yumrepo - and a workaround
I was working with yumrepo, defining new entried and seeing them appear in /etc/yum.repos.d
After considerable tinkering, and with the sad discovery that resource { ''yumrepo'': purge => true } does not work,
I moved my working /etc/yum.repos.d to /etc/yum.repos.d-old and re-ran my catalog.
To my surprise, the repo entried were appended to /etc/yum.conf
Long story short:
I
2019 Jan 31
1
C7, firewalld and rich rules
On Thu, 31 Jan 2019 at 13:13, mark <m.roth at 5-cent.us> wrote:
> Gordon Messmer wrote:
> > On 1/30/19 10:05 PM, Simon Matter via CentOS wrote:
> >
> >> Did you look at Shorewall? IMHO that's what is best used in such
> >> situations and it works since many years now.
> >
> > shorewall doesn't support nftables, which is largely the point
2018 Nov 11
1
Drop/Terminate data to/from source using firewalld rich rules
I need to be able to temporarily cut off the source of network slowdowns.
What I used to do:
Router with 2 x NICs running slackware 14.
Execute iptraf-ng, choose IP Network Monitor and sort by Byte Count.
The sorted screen always seemed a bit confusing but I could usually
pluck a couple of IP addresses with racing byte counts and cut all
traffic to them using an iptables rule.
Then if I wanted to
2013 Feb 21
6
Using Facter to find the Java version running on the machine
Hello all,
I am currently trying to setup a Custom Fact that will can be used to
determine the version of the Java JRE running on a machine, in order to use
it in my manifests to ensure the proper JARS are distribured based on
environment. I''m trying to use the java -version command and then capture
the JRE release (eg "1.6.0_37"). No matter what I have tried, the output
2013 Jun 04
11
Share Hiera configuration between 2 nodes?
Hi,
I am trying to use Hiera in puppet 3 and I have two nodes that both need
the same configuration. In this case they are two web servers which have
the same apache configuration.
Rather than creating two seperate hiera files for node1.yaml and node2.yaml
is there a way to group these by role (e.g. webserver.yaml)? I want to
avoid duplicating the configuration if possible and keep the data
2012 Nov 14
4
firewallchain issues w/ 1.0.0 release
Hi,
First, some software versions, just to get them out of the way:
- CentOS 5.x through Centos 6.2
- Ruby 1.8.5 - 1.8.7
- Puppet 2.7.19
- Facter 1.6.11
Just a note - we''re working from the EPEL repos almost exclusively.
I am working with the firewall module, and so far I am unable to use
firewallchain. Some digging suggests that it''s not completely user error
(though I
2013 Nov 26
4
how to deal with xml files within Puppet ?
hi there,
I have to create a new server.xml which should be build from at least 3 or
4 another xml files. How could to copy and paste with puppet methods ?
On a command line under Unix I would do cat 1.xml > my_file.xml ; cat 2.xml
>> my_file.xml; cat 3.xml >> my_file.xml.
I have to say, I''m pretty new to puppet and simply have no clue how to
tackle this task ;=(
2013 Feb 05
2
Problems with PuppetLabs Yum Repo
Trying to update a RHEL5 x86_64 server
Yum sees puppet-server 3.1.0-1.el5, but does not see puppet 3.1.0-1.el5
I tried cleaning out the cache and trying again, but no luck.
I am going to download the RPM and localinstall it so I am not held up.
“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.”
Bill
2012 May 21
1
Looking for a path into the innards of the Puppet Firewall Module @ The Forge
For a few reasons:
There is a missing bit of functionality that is important to me.
I know WHAT I want to fox, but I do not know HOW.
Also, if I am understanding how this module operates, I have ideas for other modules that use the same base methods.
So, I am looking for either the folks that wrote this module or someone who can help me understand it enough for me to make some enhancements to
2012 Feb 08
2
Running Puppet(Master) on port 443
On Feb 1, 2012, at 8:06 PM, Nan Liu wrote:
> Puppet uses REST, so you can run puppet master on 443 to work around firewalls.
I would like to get a bit more information on this.
Is it as simple as setting all the ports in puppet.conf to 443 on master and agent ?
“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact