diff options
| author | Nicolas Vigier <boklm@mageia.org> | 2013-04-14 13:46:12 +0000 |
|---|---|---|
| committer | Nicolas Vigier <boklm@mageia.org> | 2013-04-14 13:46:12 +0000 |
| commit | 1be510f9529cb082f802408b472a77d074b394c0 (patch) | |
| tree | b175f9d5fcb107576dabc768e7bd04d4a3e491a0 /zarb-ml/mageia-sysadm/attachments/20101112/b0723b5d/attachment.html | |
| parent | fa5098cf210b23ab4f419913e28af7b1b07dafb2 (diff) | |
| download | archives-master.tar archives-master.tar.gz archives-master.tar.bz2 archives-master.tar.xz archives-master.zip | |
Diffstat (limited to 'zarb-ml/mageia-sysadm/attachments/20101112/b0723b5d/attachment.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/attachments/20101112/b0723b5d/attachment.html | 279 |
1 files changed, 279 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/attachments/20101112/b0723b5d/attachment.html b/zarb-ml/mageia-sysadm/attachments/20101112/b0723b5d/attachment.html new file mode 100644 index 000000000..84ddc117b --- /dev/null +++ b/zarb-ml/mageia-sysadm/attachments/20101112/b0723b5d/attachment.html @@ -0,0 +1,279 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" +"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /> +<title>[242] add shorewall module</title> +</head> +<body> + +<style type="text/css"><!-- +#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; } +#msg dl.meta dt { float: left; width: 6em; font-weight: bold; } +#msg dt:after { content:':';} +#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; } +#msg dl a { font-weight: bold} +#msg dl a:link { color:#fc3; } +#msg dl a:active { color:#ff0; } +#msg dl a:visited { color:#cc6; } +h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; } +#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; } +#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; } +#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; } +#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; } +#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; } +#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; } +#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; } +#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; } +#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; } +#logmsg pre { background: #eee; padding: 1em; } +#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;} +#logmsg dl { margin: 0; } +#logmsg dt { font-weight: bold; } +#logmsg dd { margin: 0; padding: 0 0 0.5em 0; } +#logmsg dd:before { content:'\00bb';} +#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; } +#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; } +#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; } +#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; } +#logmsg table th.Corner { text-align: left; } +#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; } +#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; } +#patch { width: 100%; } +--></style> +<div id="msg"> +<dl class="meta"> +<dt>Revision</dt> <dd>242</dd> +<dt>Author</dt> <dd>boklm</dd> +<dt>Date</dt> <dd>2010-11-12 21:38:24 +0100 (Fri, 12 Nov 2010)</dd> +</dl> + +<h3>Log Message</h3> +<pre>add shorewall module</pre> + +<h3>Added Paths</h3> +<ul> +<li>puppet/modules/shorewall/</li> +<li>puppet/modules/shorewall/files/</li> +<li>puppet/modules/shorewall/files/footers/</li> +<li><a href="#puppetmodulesshorewallfilesfootersinterfaces">puppet/modules/shorewall/files/footers/interfaces</a></li> +<li><a href="#puppetmodulesshorewallfilesfooterspolicy">puppet/modules/shorewall/files/footers/policy</a></li> +<li><a href="#puppetmodulesshorewallfilesfootersrules">puppet/modules/shorewall/files/footers/rules</a></li> +<li><a href="#puppetmodulesshorewallfilesfooterszones">puppet/modules/shorewall/files/footers/zones</a></li> +<li>puppet/modules/shorewall/files/headers/</li> +<li><a href="#puppetmodulesshorewallfilesheadersinterfaces">puppet/modules/shorewall/files/headers/interfaces</a></li> +<li><a href="#puppetmodulesshorewallfilesheaderspolicy">puppet/modules/shorewall/files/headers/policy</a></li> +<li><a href="#puppetmodulesshorewallfilesheadersrules">puppet/modules/shorewall/files/headers/rules</a></li> +<li><a href="#puppetmodulesshorewallfilesheaderszones">puppet/modules/shorewall/files/headers/zones</a></li> +<li>puppet/modules/shorewall/manifests/</li> +<li><a href="#puppetmodulesshorewallmanifestsinitpp">puppet/modules/shorewall/manifests/init.pp</a></li> +</ul> + +</div> +<div id="patch"><pre> +<a id="puppetmodulesshorewallfilesfootersinterfaces">Added: puppet/modules/shorewall/files/footers/interfaces</a> +=================================================================== +--- puppet/modules/shorewall/files/footers/interfaces (rev 0) ++++ puppet/modules/shorewall/files/footers/interfaces 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1 @@ ++#LAST LINE -- DO NOT REMOVE + +<a id="puppetmodulesshorewallfilesfooterspolicy">Added: puppet/modules/shorewall/files/footers/policy</a> +=================================================================== +--- puppet/modules/shorewall/files/footers/policy (rev 0) ++++ puppet/modules/shorewall/files/footers/policy 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1 @@ ++#LAST LINE -- DO NOT REMOVE + +<a id="puppetmodulesshorewallfilesfootersrules">Added: puppet/modules/shorewall/files/footers/rules</a> +=================================================================== +--- puppet/modules/shorewall/files/footers/rules (rev 0) ++++ puppet/modules/shorewall/files/footers/rules 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1 @@ ++#LAST LINE -- DO NOT REMOVE + +<a id="puppetmodulesshorewallfilesfooterszones">Added: puppet/modules/shorewall/files/footers/zones</a> +=================================================================== +--- puppet/modules/shorewall/files/footers/zones (rev 0) ++++ puppet/modules/shorewall/files/footers/zones 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1 @@ ++#LAST LINE -- DO NOT REMOVE + +<a id="puppetmodulesshorewallfilesheadersinterfaces">Added: puppet/modules/shorewall/files/headers/interfaces</a> +=================================================================== +--- puppet/modules/shorewall/files/headers/interfaces (rev 0) ++++ puppet/modules/shorewall/files/headers/interfaces 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1,10 @@ ++# ++# Shorewall version 4 - Interfaces File ++# ++# For information about entries in this file, type "man shorewall-interfaces" ++# ++# The manpage is also online at ++# http://www.shorewall.net/manpages/shorewall-interfaces.html ++# ++############################################################################### ++#ZONE INTERFACE BROADCAST OPTIONS + +<a id="puppetmodulesshorewallfilesheaderspolicy">Added: puppet/modules/shorewall/files/headers/policy</a> +=================================================================== +--- puppet/modules/shorewall/files/headers/policy (rev 0) ++++ puppet/modules/shorewall/files/headers/policy 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1,11 @@ ++# ++# Shorewall version 4 - Policy File ++# ++# For information about entries in this file, type "man shorewall-policy" ++# ++# The manpage is also online at ++# http://www.shorewall.net/manpages/shorewall-policy.html ++# ++############################################################################### ++#SOURCE DEST POLICY LOG LIMIT: CONNLIMIT: ++# LEVEL BURST MASK + +<a id="puppetmodulesshorewallfilesheadersrules">Added: puppet/modules/shorewall/files/headers/rules</a> +=================================================================== +--- puppet/modules/shorewall/files/headers/rules (rev 0) ++++ puppet/modules/shorewall/files/headers/rules 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1,11 @@ ++# ++# Shorewall version 4 - Rules File ++# ++# For information on the settings in this file, type "man shorewall-rules" ++# ++# The manpage is also online at ++# http://www.shorewall.net/manpages/shorewall-rules.html ++# ++#################################################################################################################################################### ++#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME ++# PORT PORT(S) DEST LIMIT GROUP + +<a id="puppetmodulesshorewallfilesheaderszones">Added: puppet/modules/shorewall/files/headers/zones</a> +=================================================================== +--- puppet/modules/shorewall/files/headers/zones (rev 0) ++++ puppet/modules/shorewall/files/headers/zones 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1,11 @@ ++# ++# Shorewall version 4 - Zones File ++# ++# For information about this file, type "man shorewall-zones" ++# ++# The manpage is also online at ++# http://www.shorewall.net/manpages/shorewall-zones.html ++# ++############################################################################### ++#ZONE TYPE OPTIONS IN OUT ++# OPTIONS OPTIONS + +<a id="puppetmodulesshorewallmanifestsinitpp">Added: puppet/modules/shorewall/manifests/init.pp</a> +=================================================================== +--- puppet/modules/shorewall/manifests/init.pp (rev 0) ++++ puppet/modules/shorewall/manifests/init.pp 2010-11-12 20:38:24 UTC (rev 242) +@@ -0,0 +1,102 @@ ++class shorewall { ++ include concat::setup ++ ++ define shorewallfile () { ++ $filename = "/etc/shorewall/${name}" ++ $header = "puppet:///modules/shorewall/headers/${name}" ++ $footer = "puppet:///modules/shorewall/footers/${name}" ++ concat{$filename: ++ owner => root, ++ group => root, ++ mode => 600, ++ } ++ ++ concat::fragment{"${name}_header": ++ target => $filename, ++ order => 1, ++ source => $header, ++ } ++ ++ concat::fragment{"${name}_footer": ++ target => $filename, ++ order => 99, ++ source => $footer, ++ } ++ } ++ ++ ### Rules ++ shorewallfile{ rules: } ++ define rule_line($order = 50) { ++ $filename = "/etc/shorewall/rules" ++ $line = $name ++ concat::fragment{"newline_${name}": ++ target => $filename, ++ order => $order, ++ content => $line, ++ } ++ } ++ class allow_ssh_in { ++ rule_line { "ACCEPT all all tcp 22": ++ order => 5, ++ } ++ } ++ class allow_dns_in { ++ rule_line { "ACCEPT net fw tcp 53" } ++ rule_line { "ACCEPT net fw udp 53" } ++ } ++ class allow_smtp_in { ++ rule_line { "ACCEPT net fw tcp 25" } ++ } ++ class allow_www_in { ++ rule_line { "ACCEPT net fw tcp 80" } ++ } ++ ++ ### Zones ++ shorewallfile{ zones: } ++ define zone_line($order = 50) { ++ $filename = "/etc/shorewall/zones" ++ $line = $name ++ concat::fragment{"newline_${name}": ++ target => $filename, ++ order => $order, ++ content => $line, ++ } ++ } ++ class default_zones { ++ zone_line { "net ipv4": ++ $order => 2, ++ } ++ zone_line { "fw firewall": ++ $order => 3, ++ } ++ } ++ ++ ### Policy ++ shorewallfile{ policy: } ++ define policy_line($order = 50) { ++ $filename = "/etc/shorewall/policy" ++ $line = $name ++ concat::fragment{"newline_${name}": ++ target => $filename, ++ order => $order, ++ content => $line, ++ } ++ } ++ class default_policy { ++ policy_line{ "fw net ACCEPT": ++ $order => 2, ++ } ++ policy_line{ "net all DROP info": ++ $order => 3, ++ } ++ policy_line{ "all all REJECT info": ++ $order => 4, ++ } ++ } ++ ++ class default_firewall() { ++ include default_zones ++ include default_policy ++ include allow_ssh_in ++ } ++} + +</pre></div> + +</body> +</html>
\ No newline at end of file |