summaryrefslogtreecommitdiff
path: root/manifests
AgeCommit message (Collapse)Author
2017-01-12connect docu with classmh
2017-01-12Merge remote-tracking branch 'github/master'mh
2017-01-11Brought $name back into the game for backw. compatMarknl
2017-01-10Added $host optionMarknl
Current rule.pp converts the $name into the "HOST" parameter in the file, this can result in these definitions: ```shorewall::host { 'eth0:$VPN_HOSTS': zone => 'vpn', options => 'ipsec', order => 200; }``` I suggest moving the variable usage from the $name into a $host parameter, so above example becomes: ```shorewall::host { 'vpn-hosts': zone => 'vpn', host => 'eth0:$VPN_HOSTS', options => 'ipsec', order => 200; }```
2016-12-27Conntrack helperMarknl
2016-12-27Added conntrack to managed filesMarknl
2016-09-23add tor out rulemh
2016-06-29* fix rule sectionLebedev Vadim
2016-06-26older puppet versions can't yet dealt with thatmh
2016-06-26modernize so we don't need to deploy a full config file anymoremh
2016-06-25make this a booleanmh
2016-06-25this is only needed on EL6mh
2016-05-28the section requires a ? since EL6mh
2016-04-29Merge branch 'master' of https://github.com/duritong/puppet-shorewallLebedev Vadim
Conflicts: manifests/debian.pp manifests/managed_file.pp
2016-04-29* fix permissionLebedev Vadim
2015-12-05linting for future parsermh
2015-12-05check shorewall daily on problems to alert if a rule won't compilemh
2015-12-05lintingmh
2015-12-05make service restart more failsafemh
2015-12-05add razor rulesmh
2015-12-05make it possible to create resources from hieramh
2015-12-05DeprecatedSylvain VeyriƩ
2015-12-05Non string mode is now deprecatedSylvain VeyriƩ
2015-12-05fix the missing includemh
2015-12-05get rid off lsb factsmh
2015-12-05indentationmh
2015-12-05there might be people who don't have a stun servermh
2015-12-05lintingmh
2015-12-05a cleaner namingmh
2015-12-05add rule for stuno
2015-12-05add rule for openvpno
2015-12-05manage new and legacy ports of managesievemh
2015-12-05add rules for pyzormh
2015-12-05make it easier to override behaviour of the dns rulesmh
2015-12-05fix definemh
2015-12-05migrate ipsec rules to a define so we can specify multiple zonesmh
2015-12-05only manage the config_path if we do not manage the config filemh
2015-12-05use the centos class on centos based systemsmh
2015-12-05with the latest updates on EL6 this is neededmh
2015-11-28Merge branch 'master' into 'master' ng
Remove 'require augeas' (#4396) Because the puppet 'require' keyword actually instantiates a class, having 'require augeas' in base.pp means that you cannot instantiate the augeas class anywhere else in your manifests, for example with some optional parameters to the class. If you do, you will get a duplicate definition error. The README already says that the augeas module is required. It seems better that this is managed outside of the module, allowing for class parameter flexibility. See merge request !3
2015-07-16shorewall::rules::libvirt::host: adjust to changes in shorewall::mangle.intrigeri
That is, make the resource's title more unique by including the destination interface in it, and accordingly pass the desired action via the new, dedicated parameter.
2015-07-16shorewall::mangle: allow specifying the ACTION explicitly.intrigeri
Previously, it was using $name, which prevented adding multiple mangle rules that share a common ACTION, with different parameters.
2015-05-19provide a class ordering hint for augeas setupMicah Anderson
2015-05-19Remove 'require augeas' (#4396)Micah Anderson
Because the puppet 'require' keyword actually instantiates a class, having 'require augeas' in base.pp means that you cannot instantiate the augeas class anywhere else in your manifests, for example with some optional parameters to the class. If you do, you will get a duplicate definition error. The README already says that the augeas module is required. It seems better that this is managed outside of the module, allowing for class parameter flexibility.
2015-05-08Make sure MUNINCOLLECTOR join() gets an array in munin ruleJerome Charaoui
2015-04-17Change tunnel managed fileNick
2015-04-17Fix tunnels filenameNick
2015-03-02Merge branch 'bugfix/Fix_DHCP_for_libvirt' into 'master'Jerome Charaoui
Fix dhcp for libvirt This branch uses the mangle table support added by the feature/Add_support_for_mangle_table branch to fix the libvirt DHCP when broken by recent kernel. It fills the checksum of this kind of packets on the libvirt interface. This patch shouldn't break older setup, and is implemented so that it can be disabled. See merge request !2
2015-02-27Fix DHCP from $vmz.bertagaz
On newer kernel (tested on 3.16), the libvirt and shorewall iptables rules have conflicts that need to be fixed by enabling back --checksum-fill on $vmz, otherwise the VMs can't get a DHCP lease.
2015-02-27Add support for the mangle table.bertagaz