puppet-ferm - Puppet module for ferm

Age	Commit message (Collapse)	Author
2019-12-22	modulesync 2.10.0	Tim Meusel

2019-12-09	Merge pull request #91 from voxpupuli/modulesync	Tim Meusel
	modulesync 2.9.0
2019-12-06	modulesync 2.9.0	Dennis Hoppe

2019-10-29	[blacksmith] Bump version to 2.7.1-rc0	Fabien COMBERNOUS

2019-10-29	Merge pull request #89 from Dan33l/release_2.7.0	Fabien COMBERNOUS
	release 2.7.0
2019-10-29	release 2.7.0	Fabien COMBERNOUS

2019-10-29	Merge pull request #88 from Dan33l/revert-pr81	Fabien COMBERNOUS
	revert PR81
2019-10-29	revert PR81	Fabien COMBERNOUS

2019-10-08	[blacksmith] Bump version to 2.6.1-rc0	Tim Meusel

2019-10-08	Merge pull request #86 from bastelfreak/rel260	Tim Meusel
	release 2.6.0
2019-10-08	release 2.6.0	Tim Meusel

2019-10-08	Merge pull request #85 from bastelfreak/bugfix	Tim Meusel
	ipset: allow multiple instances of defined resource
2019-10-08	ipset: allow multiple instances of defined resource	Tim Meusel

2019-10-01	Merge pull request #80 from bastelfreak/ipsets	Tim Meusel
	implement ipset support
2019-10-01	implement ipset support	Tim Meusel

2019-10-01	Merge pull request #84 from bastelfreak/docs4	Tim Meusel
	update docker firewalling example
2019-10-01	Merge pull request #81 from bastelfreak/hotifx	Tim Meusel
	disable conntrack filtering in FORWARD/OUTPUT
2019-10-01	update docker firewalling example	Tim Meusel

2019-10-01	disable conntrack filtering in FORWARD/OUTPUT	Thore Bödecker
	conntrack filtering basically doesn't work in those chains, so we need to disable it.
2019-10-01	Merge pull request #83 from bastelfreak/docs3	Tim Meusel
	delete legacy docs/ folder
2019-10-01	delete legacy docs/ folder	Tim Meusel
	We now have a REFERENCE.md in the repository. We don't need the docs/ folder anymore.
2019-09-21	Merge pull request #75 from Dan33l/move_common_init	Tim Meusel
	move common from hiera data values to init.pp
2019-09-18	move common from hiera data values to init.pp	Fabien COMBERNOUS

2019-09-13	[blacksmith] Bump version to 2.5.1-rc0	Tim Meusel

2019-09-13	Merge pull request #70 from Dan33l/release-2.5.0	Tim Meusel
	release 2.5.0
2019-09-13	release 2.5.0	Fabien COMBERNOUS

2019-09-13	Merge pull request #73 from foxxx0/add-more-examples	Fabien COMBERNOUS
	Add more examples
2019-09-13	Merge pull request #72 from foxxx0/fix-kernel-incompatibilities	Tim Meusel
	fix kernel incompatibilities
2019-09-13	add conntrack/NOTRACK example	Thore Bödecker

2019-09-13	fix kernel incompatibilities	Thore Bödecker
	Certain kernel modules and thus iptables functionality was introduced at later releases, so we need to properly reflect that in our default chain initialization procedure. `INPUT` chain for `nat` table was introduced with 2.6.36 `ip6table_nat` kernel module for NAT functionality with IPv6 was introduced with 3.17 This commit implements the required conditional constraints and includes the rspec tests to validate it.
2019-09-13	Merge pull request #71 from bastelfreak/docs2	Tim Meusel
	enhance puppet-strings documentation
2019-09-13	enhance puppet-strings documentation	Tim Meusel

2019-09-12	Merge pull request #69 from bastelfreak/debian	Fabien COMBERNOUS
	readd Debian 9/10 support
2019-09-12	readd Debian 9/10 support	Tim Meusel

2019-09-12	Merge pull request #68 from foxxx0/collect-chains-from-hiera	Tim Meusel
	expose parameter to initialize custom chains
2019-09-12	Merge pull request #67 from foxxx0/allow-proto-array	Tim Meusel
	allow using an array for $proto
2019-09-11	expose parameter to initialize custom chains	Thore Bödecker
	Previously it was not possible to define custom chains with parameter, e.g. in order to collect them from hiera. This commit adds this functionality, just like it was already in place for ferm::rules.
2019-09-11	allow using an array for $proto	Thore Bödecker
	This enables defining ferm::rule with multiple protocols at once, because using 'all' for $proto does not allow using $dport/$sport.
2019-09-11	Merge pull request #58 from voxpupuli/multi-table-support	Tim Meusel
	add ability to configure rules in tables other than the default "filter" table
2019-09-11	add ability to define rules in tables != filter	Thore Bödecker
	Previously it was neither possible to properly define custom chains nor to define rules in tables other than the default filter table. For various legitimate reasons it can be required to define rules in the raw, nat or mangle tables, e.g. to use NOTRACK or to configure DNAT/SNAT/MASQUERADE. Additionally it might come in handy to define custom chains to group certain rules and allow a more efficient evaluation for incoming packets by not cramming all rules into the filter/INPUT chain so that (worst-case) all packets need to traverse and evaluate all rules. I have tried to maintain backwards compatibility and to not change default filenames/paths so that it won't result in leftover obsolete unmaged files from previous versions of this module. In order to improve the naming schema the rule $policy has been renamed to $action, however both parameters are available and optional now, with some sanity checks that require at most one of them and issueing a warning() for users of the now deprecated $policy parameter. All previous tests have been adapted to the changes, a long with an additional set of tests for the new feature. Fixes #61
2019-09-09	Merge pull request #59 from Dan33l/enable_acceptance	Fabien COMBERNOUS
	enable acceptance and drop EOL ubuntu1404
2019-09-09	enable acceptance	Fabien COMBERNOUS

2019-09-09	drop EOL ubuntu1404	Fabien COMBERNOUS

2019-09-09	Merge pull request #65 from Dan33l/status_option	Tim Meusel
	add missing status option for CentOS 6 init script
2019-09-09	add status option	Fabien COMBERNOUS

2019-09-09	Merge pull request #62 from Dan33l/drop_debian_from_supported_oses	Tim Meusel
	drop Debian from supported OSes
2019-09-09	drop Debian from supported OSes	Fabien COMBERNOUS

2019-09-02	[blacksmith] Bump version to 2.4.1-rc0	Tim Meusel

2019-09-02	Merge pull request #56 from bastelfreak/rel240	Tim Meusel
	release 2.4.0
2019-09-02	release 2.4.0	Tim Meusel