--- /dev/null
+## puppetlabs-firewall changelog
+
+Release notes for puppetlabs-firewall module.
+
+---------------------------------------
+
+#### 0.1.0 - 2012/2/24
+
+This release is somewhat belated, so no summary as there are far too many changes this time around. Hopefully we won't fall this far behind again :-).
+
+##### Changes
+
+* Add support for MARK target and set-mark property (Johan Huysmans)
+* Fix broken call to super for ruby-1.9.2 in munge (Ken Barber)
+* simple fix of the error message for allowed values of the jump property (Daniel Black)
+* Adding OSPF(v3) protocol to puppetlabs-firewall (Arnoud Vermeer)
+* Display multi-value: port, sport, dport and state command seperated (Daniel Black)
+* Require jump=>LOG for log params (Daniel Black)
+* Reject and document icmp => "any" (Dan Carley)
+* add firewallchain type and iptables_chain provider (Daniel Black)
+* Various fixes for firewallchain resource (Ken Barber)
+* Modify firewallchain name to be chain:table:protocol (Ken Barber)
+* Fix allvalidchain iteration (Ken Barber)
+* Firewall autorequire Firewallchains (Dan Carley)
+* Tests and docstring for chain autorequire (Dan Carley)
+* Fix README so setup instructions actually work (Ken Barber)
+* Support vlan interfaces (interface containing ".") (Johan Huysmans)
+* Add tests for VLAN support for iniface/outiface (Ken Barber)
+* Add the table when deleting rules (Johan Huysmans)
+* Fix tests since we are now prefixing -t)
+* Changed 'jump' to 'action', commands to lower case (Jason Short)
+* Support interface names containing "+" (Simon Deziel)
+* Fix for when iptables-save spews out "FATAL" errors (Sharif Nassar)
+* Fix for incorrect limit command arguments for ip6tables provider (Michael Hsu)
+* Document Util::Firewall.host_to_ip (Dan Carley)
+* Nullify addresses with zero prefixlen (Dan Carley)
+* Add support for --tcp-flags (Thomas Vander Stichele)
+* Make tcp_flags support a feature (Ken Barber)
+* OUTPUT is a valid chain for the mangle table (Adam Gibbins)
+* Enable travis-ci support (Ken Barber)
+* Convert an existing test to CIDR (Dan Carley)
+* Normalise iptables-save to CIDR (Dan Carley)
+* be clearer about what distributions we support (Ken Barber)
+* add gre protocol to list of acceptable protocols (Jason Hancock)
+* Added pkttype property (Ashley Penney)
+* Fix mark to not repeat rules with iptables 1.4.1+ (Sharif Nassar)
+* Stub iptables_version for now so tests run on non-Linux hosts (Ken Barber)
+* Stub iptables facts for set_mark tests (Dan Carley)
+* Update formatting of README to meet Puppet Labs best practices (Will Hopper)
+* Support for ICMP6 type code resolutions (Dan Carley)
+* Insert order hash included chains from different tables (Ken Barber)
+* rspec 2.11 compatibility (Jonathan Boyett)
+* Add missing class declaration in README (sfozz)
+* array_matching is contraindicated (Sharif Nassar)
+* Convert port Fixnum into strings (Sharif Nassar)
+* Update test framework to the modern age (Ken Barber)
+* working with ip6tables support (wuwx)
+* Remove gemfile.lock and add to gitignore (William Van Hevelingen)
+* Update travis and gemfile to be like stdlib travis files (William Van Hevelingen)
+* Add support for -m socket option (Ken Barber)
+* Add support for single --sport and --dport parsing (Ken Barber)
+* Fix tests for Ruby 1.9.3 from 3e13bf3 (Dan Carley)
+* Mock Resolv.getaddress in #host_to_ip (Dan Carley)
+* Update docs for source and dest - they are not arrays (Ken Barber)
+
+---------------------------------------
+
+#### 0.0.4 - 2011/12/05
+
+This release adds two new parameters, 'uid' and 'gid'. As a part of the owner module, these params allow you to specify a uid, username, gid, or group got a match:
+
+ firewall { '497 match uid':
+ port => '123',
+ proto => 'mangle',
+ chain => 'OUTPUT',
+ action => 'drop'
+ uid => '123'
+ }
+
+This release also adds value munging for the 'log_level', 'source', and 'destination' parameters. The 'source' and 'destination' now support hostnames:
+
+ firewall { '498 accept from puppetlabs.com':
+ port => '123',
+ proto => 'tcp',
+ source => 'puppetlabs.com',
+ action => 'accept'
+ }
+
+
+The 'log_level' parameter now supports using log level names, such as 'warn', 'debug', and 'panic':
+
+ firewall { '499 logging':
+ port => '123',
+ proto => 'udp',
+ log_level => 'debug',
+ action => 'drop'
+ }
+
+Additional changes include iptables and ip6tables version facts, general whitespace cleanup, and adding additional unit tests.
+
+##### Changes
+
+* (#10957) add iptables_version and ip6tables_version facts
+* (#11093) Improve log_level property so it converts names to numbers
+* (#10723) Munge hostnames and IPs to IPs with CIDR
+* (#10718) Add owner-match support
+* (#10997) Add fixtures for ipencap
+* (#11034) Whitespace cleanup
+* (#10690) add port property support to ip6tables
+
+---------------------------------------
+
+#### 0.0.3 - 2011/11/12
+
+This release introduces a new parameter 'port' which allows you to set both
+source and destination ports for a match:
+
+ firewall { "500 allow NTP requests":
+ port => "123",
+ proto => "udp",
+ action => "accept",
+ }
+
+We also have the limit parameter finally working:
+
+ firewall { "500 limit HTTP requests":
+ dport => 80,
+ proto => tcp,
+ limit => "60/sec",
+ burst => 30,
+ action => accept,
+ }
+
+State ordering has been fixed now, and more characters are allowed in the
+namevar:
+
+* Alphabetical
+* Numbers
+* Punctuation
+* Whitespace
+
+##### Changes
+
+* (#10693) Ensure -m limit is added for iptables when using 'limit' param
+* (#10690) Create new port property
+* (#10700) allow additional characters in comment string
+* (#9082) Sort iptables --state option values internally to keep it consistent across runs
+* (#10324) Remove extraneous whitespace from iptables rule line in spec tests
+
+---------------------------------------
+
+#### 0.0.2 - 2011/10/26
+
+This is largely a maintanence and cleanup release, but includes the ability to
+specify ranges of ports in the sport/dport parameter:
+
+ firewall { "500 allow port range":
+ dport => ["3000-3030","5000-5050"],
+ sport => ["1024-65535"],
+ action => "accept",
+ }
+
+##### Changes
+
+* (#10295) Work around bug #4248 whereby the puppet/util paths are not being loaded correctly on the puppetmaster
+* (#10002) Change to dport and sport to handle ranges, and fix handling of name to name to port
+* (#10263) Fix tests on Puppet 2.6.x
+* (#10163) Cleanup some of the inline documentation and README file to align with general forge usage
+
+---------------------------------------
+
+#### 0.0.1 - 2011/10/18
+
+Initial release.
+
+##### Changes
+
+* (#9362) Create action property and perform transformation for accept, drop, reject value for iptables jump parameter
+* (#10088) Provide a customised version of CONTRIBUTING.md
+* (#10026) Re-arrange provider and type spec files to align with Puppet
+* (#10026) Add aliases for test,specs,tests to Rakefile and provide -T as default
+* (#9439) fix parsing and deleting existing rules
+* (#9583) Fix provider detection for gentoo and unsupported linuxes for the iptables provider
+* (#9576) Stub provider so it works properly outside of Linux
+* (#9576) Align spec framework with Puppet core
+* and lots of other earlier development tasks ...
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff