From f278febe03630e5e316334196df8b5583a24c32d Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 3 Jul 2019 15:28:22 +0200 Subject: delete unneeded file --- files/ferm.conf | 38 -------------------------------------- 1 file changed, 38 deletions(-) delete mode 100644 files/ferm.conf diff --git a/files/ferm.conf b/files/ferm.conf deleted file mode 100644 index 27eea58..0000000 --- a/files/ferm.conf +++ /dev/null @@ -1,38 +0,0 @@ -# -*- shell-script -*- -# -# Ferm example script -# -# Firewall configuration for a workstation which accepts remote ssh login. -# -# Author: Max Kellermann -# - -table filter { - chain INPUT { - policy DROP; - - # connection tracking - mod state state INVALID DROP; - mod state state (ESTABLISHED RELATED) ACCEPT; - - # allow local connections - interface lo ACCEPT; - - # respond to ping - proto icmp icmp-type echo-request ACCEPT; - - # allow SSH connections - proto tcp dport ssh ACCEPT; - - # ident connections are also allowed - proto tcp dport auth ACCEPT; - - # the rest is dropped by the above policy - } - - # outgoing connections are not limited - chain OUTPUT policy ACCEPT; - - # this is not a router - chain FORWARD policy DROP; -} -- cgit v1.2.3 From 821a95b24dace808e546e685371b25988afd2396 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Wed, 3 Jul 2019 15:28:37 +0200 Subject: add `managed by puppet` header --- templates/ferm_chain_header.conf.epp | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/ferm_chain_header.conf.epp b/templates/ferm_chain_header.conf.epp index e2c30e6..f94b18d 100644 --- a/templates/ferm_chain_header.conf.epp +++ b/templates/ferm_chain_header.conf.epp @@ -1,6 +1,7 @@ <%- | Ferm::Policies $policy, Boolean $disable_conntrack, | -%> +# THIS FILE IS MANAGED BY PUPPET # Default policy for this chain policy <%= $policy %>; -- cgit v1.2.3