puppet-firewall
文件大小: unknow
源码售价: 5 个金币 积分规则     积分充值
资源说明:Firewall module to use with iptables
# puppet firewall

Basic firewall module to use with iptables

To create a new firewall rule, use the firewall::rule definition:

```
include firewall

firewall::rule { "allow_from_webserver":
  order     => 20,
  comment   => "Allow ping and snmp from webserver",
  sources   => [ "192.168.1.100" ],
  interface => [ "eth0", "eth1" ],
  protocols => [ "tcp", "udp", "icmp" ],
  ports     => [ "161" ],
  action    => "ACCEPT",
}
```

this rule will allow snmp(tcp and udp) and ping from 192.168.1.100

Allowed parameters:
- **order** - The order of preference for this rule from 00 to 99. By default 50
- **comment** - Description of what the rule does. Not mandatory but strongly recommended
- **sources** - Sources specification for the rule. It can be either a network name, a hostname a network IP address (with /mask), or a plain IP address. Use 0.0.0.0/0 for "ALL". It can contain one or multiple elements into an array.
- **interfaces** - Interface or interface where the rule will be applied to. It can contain one or multiple elements into an array.
- **protocols** - Protocol or protocols where to apply the rule. It can be "tcp", "udp" or "icmp". It can contain one or multiple elements into an array.
- **ports** - Ports where to apply the rule. It can contain one or multiple elements into an array.
- **action** - What to do. If ommited will use ACCEPT as a default. It can also contain DROP or REJECT.


本源码包内暂不包含可直接显示的源代码文件,请下载源码包。