资源说明:Firewall module to use with iptables
# puppet firewall Basic firewall module to use with iptables To create a new firewall rule, use the firewall::rule definition: ``` include firewall firewall::rule { "allow_from_webserver": order => 20, comment => "Allow ping and snmp from webserver", sources => [ "192.168.1.100" ], interface => [ "eth0", "eth1" ], protocols => [ "tcp", "udp", "icmp" ], ports => [ "161" ], action => "ACCEPT", } ``` this rule will allow snmp(tcp and udp) and ping from 192.168.1.100 Allowed parameters: - **order** - The order of preference for this rule from 00 to 99. By default 50 - **comment** - Description of what the rule does. Not mandatory but strongly recommended - **sources** - Sources specification for the rule. It can be either a network name, a hostname a network IP address (with /mask), or a plain IP address. Use 0.0.0.0/0 for "ALL". It can contain one or multiple elements into an array. - **interfaces** - Interface or interface where the rule will be applied to. It can contain one or multiple elements into an array. - **protocols** - Protocol or protocols where to apply the rule. It can be "tcp", "udp" or "icmp". It can contain one or multiple elements into an array. - **ports** - Ports where to apply the rule. It can contain one or multiple elements into an array. - **action** - What to do. If ommited will use ACCEPT as a default. It can also contain DROP or REJECT.
本源码包内暂不包含可直接显示的源代码文件,请下载源码包。