summaryrefslogtreecommitdiff
path: root/puppet/modules/site_shorewall
AgeCommit message (Expand)Author
2016-08-08Stricter VPN egress firewall (#8289)Micah
2016-08-08Disallow intra-client connectivity (#8272).Micah
2016-08-05Disallow intra-client connectivity (#8272).Micah
2016-07-13Notify Exec[shorewall_check] not Service[shorew..]varac
2016-04-27Fix shorewall not starting with systemd (#8044)Micah
2016-04-18[style] more manual linting for custom manifestsvarac
2016-04-18[style] lint some custom manifestsvarac
2014-11-20specify the destination IP for DNAT rules for gateway addresses on port 443 (...Micah Anderson
2014-11-20minor lintingMicah Anderson
2014-07-01Make shorewall accept incoming traffic for obfsproxy serverirregulator
2014-06-25stunnel: make site_mx and site_webapp use new site_stunnelelijah
2014-06-25new generic system for stunnel: just `include site_stunnel` and stunnel + nee...elijah
2014-05-02fix incorrect shorewall parameter name 'protocol', should be 'proto'Micah Anderson
2014-04-29block DNS traffic at the OpenVPN gateway (#4164)Micah Anderson
2013-10-16vagrant: support other providers besides virtualbox (Bug #4158), Part 2varac
2013-09-04make sure that the shorewall package is installed before trying to change its...Micah Anderson
2013-08-31postfix enable submission port using starttls, so the client can transition t...Micah Anderson
2013-08-29Make TLS-required smtps (465) be port for sending SMTP. This is preferred ove...Micah Anderson
2013-08-22install a preliminary firewall that blocks everything, except ssh for the cas...Micah Anderson
2013-08-01make site_shorewall::soledad use the hiera value for the soledad portMicah Anderson
2013-07-26Merge branch 'feature/soledad' into feature/leap_mxMicah Anderson
2013-07-25initial soledad configurationMicah Anderson
2013-07-25shorewall rules for site_mxvarac
2013-06-12webapp should be available over http so a proper redirect can be done to httpsMicah Anderson
2013-05-16special casing for pistoncloud/openstack/ec2Micah Anderson
2013-05-02fixed dnat_ruleselijah
2013-04-30minor spacing changesMicah Anderson
2013-04-30setup a site_config::params class that can be used to set some common variabl...Micah Anderson
2013-04-04add Erlang Distributed Node Protocol Port json entry under bigcouchMicah Anderson
2013-04-04rename bigcouch.port to more accurate bigcouch.epmd_portMicah Anderson
2013-04-02shorewall: re-order dnat rule variables to match configuration file orderMicah Anderson
2013-04-02replace hard-coded port number with hiera determined one, manipulated to remo...Micah Anderson
2013-04-02firewall: remove no longer needed epmd portMicah Anderson
2013-04-02shorewall:Micah Anderson
2013-04-02remove unnecessary class inheritanceMicah Anderson
2013-04-02shorewall: add couch_server stunnel port to macro.leap_couchdb, this is neces...Micah Anderson
2013-04-02start erlang vm on dedicated port so firewalling is easiervarac
2013-04-02added site_shorewall::couchdb::bigcouchvarac
2013-04-02added site_shorewall::dnat to configure DNAT rulesvarac
2013-04-02shorewall couchdb config: get open ports rightvarac
2013-04-02working on stunnel for bigcouch clusteringvarac
2013-03-17added support for "limited" service levels (although vpn is not yet actually ...elijah
2013-02-27openvpn -- added support for optional "free" rate-limited service via special...elijah
2013-02-26missed another require => Package['shorewall'] on the file resources in site_...Micah Anderson
2013-02-12missed one require => Package['shorewall'] on of the file resources in site_s...Micah Anderson
2013-02-12file resources that make changes to shorewall need to make sure that shorewal...Micah Anderson
2013-02-12fixed shorewall is blocking api port (Bug #1735)varac
2013-02-11duplicate shortwall service definitions now inclduded from services/*varac
2013-02-09site_shorewall::monitor: allow port 80 + 443varac
2013-02-06allow outgoing traffic moved to site_shorewall::defaultsvarac
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 08:51:45 +0000