I have been meaning to have a look at that one and see if it will work for what I need. I have likely put it off because I am always too busy and my firewall module works. I also like having the rules go away automagically if they aren't needed any more.
On 17 August 2012 05:27, Justin Ellison <jus...@techadvise.com> wrote: > I can't say enough good about the puppetlabs-firewall module. They've put a > lot of work into it, and it works perfectly. > > https://github.com/puppetlabs/puppetlabs-firewall > > No need for concat here. > > Justin > > > On Thursday, August 16, 2012 1:01:01 AM UTC-5, Pete wrote: >> >> Hi, >> >> I manage my iptables setup with the concat module and nail together a >> rules file and then reload it if it's changed >> I also have a define setup so other classes can define rules and my >> firewall class pulls them all in. >> works well for me because when i remove a class the firewall rull >> associated with it goes away too. >> >> I am intending on putting my modules in githib but have been super >> busy and haven't had a chance yet. >> >> On 16 August 2012 07:07, Geoff Galitz <gga...@shutterstock.com> wrote: >> > >> > We are executing iptables <rule>, not editing the backend files, though >> > we >> > could do that if that were the only option. >> > >> > -G >> > >> > >> > On Wed, Aug 15, 2012 at 4:54 PM, Luke Baker <bak...@missouri.edu> wrote: >> >> >> >> By dynamically loading rules do you mean executing iptables <rule> or >> >> are >> >> you editing your iptables-save file and then reloading? >> >> >> >> >> >> On Wednesday, August 15, 2012 1:48:44 PM UTC-5, Geoff Galitz wrote: >> >>> >> >>> >> >>> I'm still a bit noobish with puppet... >> >>> >> >>> In short what I want to do is merge puppet managed iptables with >> >>> dynamically added rules added by some scripts. We have a basic config >> >>> setup >> >>> with a template (iptables.erb) and we can add rules to that in >> >>> manifests. >> >>> But of course puppet will wipe any changes made from the OS. Any >> >>> advice on >> >>> how to get puppet to respect the dynamically loaded rules? >> >>> >> >>> Thanks. >> >>> -G >> >>> >> >>> >> >>> -- >> >>> ----------------------------------------------- >> >>> Geoff Galitz, gga...@shutterstock.com >> >>> WebOps >> >>> Shutterstock Images >> >>> >> >> -- >> >> You received this message because you are subscribed to the Google >> >> Groups >> >> "Puppet Users" group. >> >> To view this discussion on the web visit >> >> https://groups.google.com/d/msg/puppet-users/-/VX2Sj8i2-ssJ. >> >> >> >> To post to this group, send email to puppet...@googlegroups.com. >> >> To unsubscribe from this group, send email to >> >> puppet-users...@googlegroups.com. >> >> For more options, visit this group at >> >> http://groups.google.com/group/puppet-users?hl=en. >> > >> > >> > >> > >> > -- >> > ----------------------------------------------- >> > Geoff Galitz, gga...@shutterstock.com >> > WebOps >> > Shutterstock Images >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> > "Puppet Users" group. >> > To post to this group, send email to puppet...@googlegroups.com. >> > To unsubscribe from this group, send email to >> > puppet-users...@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/puppet-users/-/2RiSuyvxkAwJ. > > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
