+##2015-08-25 - Supported Release 1.7.1
+###Summary
+
+This is a bugfix release to deprecate the port parameter. Using the unspecific 'port' parameter can lead to firewall rules that are unexpectedly too lax. It is recommended to always use the specific dport and sport parameters to avoid this ambiguity.
+
+####Bugfixes
+- Deprecate the port parameter
+
##2015-07-28 - Supported Release 1.7.0
###Summary
* `pkttype`: Sets the packet type to match. Valid values are: 'unicast', 'broadcast', and'multicast'. Requires the `pkttype` feature.
-* `port`: *DEPRECATED* The destination or source port to match for this filter (if the protocol supports ports). Will accept a single element or an array. For some firewall providers you can pass a range of ports in the format: 'start number-end number'. For example, '1-1024' would cover ports 1 to 1024.
+* `port`: *DEPRECATED* Using the unspecific 'port' parameter can lead to firewall rules that are unexpectedly too lax. It is recommended to always use the specific dport and sport parameters to avoid this ambiguity. The destination or source port to match for this filter (if the protocol supports ports). Will accept a single element or an array. For some firewall providers you can pass a range of ports in the format: 'start number-end number'. For example, '1-1024' would cover ports 1 to 1024.
* `proto`: The specific protocol to match for this rule. This is 'tcp' by default. Valid values are:
* 'tcp'
{
"name": "puppetlabs-firewall",
- "version": "1.7.0",
+ "version": "1.7.1",
"author": "Puppet Labs",
"summary": "Manages Firewalls such as iptables",
"license": "Apache-2.0",
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff