summaryrefslogtreecommitdiff
path: root/manifests
AgeCommit message (Collapse)Author
2012-12-11Because the puppet shorewall module uses concat::fragment assembly to put theMicah Anderson
final results in /etc/shorewall/puppet, we have to make sure the shorewall.conf is pointing to that directory to get those configurations. This commit fixes that.
2012-12-04actually it is not possible to provide the site-shorewall sources forMicah Anderson
shorewall.conf, because if they do not exist, you will get a puppet error. this commit removes them, and updates the README to provide instructions for how you can do it the old way, if you want
2012-12-04Stop shipping the default shorewall.conf file, instead we should let theMicah Anderson
operatingsystem package install its default config (this lets us stop having to keep this file updated), and instead tell people to configure their shorewall.conf file using the augeas method. It is possible still to distribute a shorewall.conf from a site-shorewall directory, however if the file is distributed, then it is not possible to use the augeas method. https://labs.riseup.net/code/issues/2738
2012-06-20changes in extension scripts should notify shorewall for a restartMicah Anderson
2012-06-20update extension-script to use a simple file resource, instead of doing a ↵Micah Anderson
managed file since it is never a fragement
2012-06-20update additions to concat module that were not in immerda branchMicah Anderson
2012-06-20fix for an incorrect mergeMicah Anderson
2012-06-20fix another merge issueMicah Anderson
2012-06-20Revert "Support exempting some users from torification measures."Micah Anderson
This reverts commit 6cb88973f53aa7d92414797dd21952c1c1d5da98.
2012-06-20Revert "fix for:"Micah Anderson
This reverts commit d3eb5ffc325bd13e103dc72143f78c050e149d29.
2012-06-20fixup some merge gaffsMicah Anderson
2012-06-20fix for:Micah Anderson
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Syntax error at '['; expected ']' at /etc/puppet/modules/shorewall/manifests/init.pp:39
2012-06-20Merge remote-tracking branch 'immerda/master' into riseupMicah Anderson
NOTE: the conflicts in the files/shorewall.conf.Debian.squeeze I resolved by favoring the actual debian squeeze shorewall.conf, there were a few options in the immerda one that were not the same. Conflicts: README files/shorewall.conf.Debian.squeeze manifests/base.pp manifests/blacklist.pp manifests/debian.pp manifests/host.pp manifests/init.pp manifests/interface.pp manifests/masq.pp manifests/nat.pp manifests/params.pp manifests/policy.pp manifests/proxyarp.pp manifests/rfc1918.pp manifests/routestopped.pp manifests/rule.pp manifests/rule_section.pp manifests/rules/out/ekeyd.pp manifests/zone.pp
2012-06-20Support exempting some users from torification measures.intrigeri
2012-06-18the rest will be included already by the clientmh
2012-06-13migrate away from hiera stuffmh
2012-06-08refactor things for >2.7mh
2012-06-06fix for new style for 2.7mh
2012-02-10get the order rightmh
2011-12-23do the link before the servicemh
2011-12-22workaround for bug in C6 versionmh
2011-12-22add CentOS 6 versionmh
2011-11-05allow ssh_in source to be selected by hiera, better naming for the same ↵mh
option for munin
2011-11-05configure munin things via hiera, allow interface to be chosenmh
2011-08-04add missing targetsMarcel Haerry
2011-08-04refactor things to use the concat moduleMarcel Haerry
2011-08-04differentiate between general jabberserver and openfireMarcel Haerry
2011-08-04new class shorewall::rules::dns::disableAndreas Zuber
2011-08-04add management for providersMatthias Imsand
2011-08-04added rule for tomcatJuerg Gerber
2011-08-04added filetransfer proxy port to jabberserver rulesetJuerg Gerber
2011-08-04fix typoSimon Josi
2011-08-04add output rule for xmppSimon Josi
2011-06-21allow esp traffic from and to memh
2011-06-21added ipsec ruleo
2011-06-21add outgoing smtp rulemh
2011-06-21do it as a define so we can easily pass multiple target zonesmh
2011-06-21add ekeyd rulesmh
2011-04-26allow esp traffic from and to memh
2011-04-26added ipsec ruleo
2011-03-06add outgoing smtp rulemh
2011-03-02do it as a define so we can easily pass multiple target zonesmh
2011-03-01add ekeyd rulesmh
2011-02-07add irc & irc-ssl outgoing rulesmh
2011-02-02fix missing shorewall:: prefix on the extension_script defineMicah Anderson
2010-12-17Add support for Tor-ified traffic.intrigeri
2010-12-16Internal refactoring of shorewall::interfaceintrigeri
... for more consistent options management. The public API does not change.
2010-12-16Add shorewall::rules::mdns.intrigeri
2010-12-16New add_options parameter to shorewall::interface.intrigeri
2010-12-11Merge remote branch 'immerda/master'intrigeri