From: Eric Putnam Date: Tue, 16 May 2017 21:25:32 +0000 (-0700) Subject: (maint) README fixes for release X-Git-Tag: 1.9.0~1^2 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=d4a9c6f2dc94df932231187806cdfc1b223739d9;p=puppet-modules%2Fpuppetlabs-firewall.git (maint) README fixes for release --- diff --git a/CHANGELOG.md b/CHANGELOG.md index b6735a5..723dcb9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ -## Supported Release 1.8.3 +## Supported Release 1.9.0 ### Summary This release includes several bugfixes and NFLOG support. diff --git a/README.markdown b/README.markdown index b4ba88c..a08f59b 100644 --- a/README.markdown +++ b/README.markdown @@ -1,8 +1,6 @@ -#firewall +# firewall -[![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-firewall.png?branch=master)](https://travis-ci.org/puppetlabs/puppetlabs-firewall) - -####Table of Contents +#### Table of Contents 1. [Overview - What is the firewall module?](#overview) 2. [Module Description - What does the module do?](#module-description) @@ -422,7 +420,7 @@ Specify the name of the IPv6 ip6tables service. Defaults defined in `firewall::p Specify the platform-specific package(s) to install. Defaults defined in `firewall::params`. -###Type: firewall +### Type: firewall This type enables you to manage firewall rules within Puppet. @@ -436,7 +434,7 @@ This type enables you to manage firewall rules within Puppet. * `iptables`: Iptables type provider * Required binaries: `iptables-save`, `iptables`. * Default for `kernel` == `linux`. - * Supported features: `address_type`, `clusterip`, `connection_limiting`, `dnat`, `icmp_match`, `interface_match`, `iprange`, `ipsec_dir`, `ipsec_policy`, `ipset`, `iptables`, `isfragment`, `length`, `log_level`, `log_prefix`, `log_uid`, `mark`, `mask`, `mss`, `netmap`, `owner`, `pkttype`, `queue_bypass`, `queue_num`, `rate_limiting`, `recent_limiting`, `reject_type`, `snat`, `socket`, `state_match`, `string_matching`, `tcp_flags`. + * Supported features: `address_type`, `clusterip`, `connection_limiting`, `dnat`, `icmp_match`, `interface_match`, `iprange`, `ipsec_dir`, `ipsec_policy`, `ipset`, `iptables`, `isfragment`, `length`, `log_level`, `log_prefix`, `log_uid`, `mark`, `mask`, `mss`, `netmap`, `nflog_group`, `nflog_prefix`, `nflog_range`, `nflog_threshold`, `owner`, `pkttype`, `queue_bypass`, `queue_num`, `rate_limiting`, `recent_limiting`, `reject_type`, `snat`, `socket`, `state_match`, `string_matching`, `tcp_flags`. **Autorequires:** @@ -488,6 +486,14 @@ If Puppet is managing the iptables or iptables-persistent packages, and the prov * `mask`: The ability to match recent rules based on the ipv4 mask. +* `nflog_group`: The ability to set the group number for NFLOG. + +* `nflog_prefix`: The ability to set a prefix for nflog messages. + +* `nflog_range`: The ability to set nflog\_range. + +* `nflog_threshold`: The ability to set nflog\_threshold. + * `owner`: The ability to match owners. * `pkttype`: The ability to match a packet type. @@ -645,14 +651,14 @@ If Puppet is managing the iptables or iptables-persistent packages, and the prov * `name`: The canonical name of the rule. This name is also used for ordering, so make sure you prefix the rule with a number. For example: - ~~~puppet +~~~puppet firewall { '000 this runs first': # this rule will run first } firewall { '999 this runs last': # this rule will run last } - ~~~ +~~~ Depending on the provider, the name of the rule can be stored using the comment feature of the underlying firewall subsystem. Values must match '/^\d+[[:graph:][:space:]]+$/'. diff --git a/metadata.json b/metadata.json index c9f10cc..b2d7730 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-firewall", - "version": "1.8.3", + "version": "1.9.0", "author": "Puppet Labs", "summary": "Manages Firewalls such as iptables", "license": "Apache-2.0",