review.fuel-infra Code Review - puppet-modules/puppetlabs-firewall.git/log

(IAC-1190) add `ignore_foreign` when purging firewallchains

This stops `firewallchains` from purging rules that do not look
like rules the module puts into place. This capability can be used
to co-exist with other firewall management solutions on the same
machine.

Improved flow in the README around setting up purging, make it
a user decision to enable, and add a pointer to `ignore_foreign`.

commit | commitdiff | tree

david22swan [Mon, 5 Oct 2020 15:00:14 +0000 (16:00 +0100)]

Merge pull request #946 from puppetlabs/release

Release mergeback version 2.6.0

commit | commitdiff | tree

David Swan [Thu, 1 Oct 2020 13:14:52 +0000 (14:14 +0100)]

Release Version 2.6.0

commit | commitdiff | tree

Adrian Iurca [Thu, 1 Oct 2020 12:15:23 +0000 (15:15 +0300)]

Merge pull request #943 from jcpunk/puppet-lint

Resolve puppet-lint notices

commit | commitdiff | tree

Adrian Iurca [Thu, 1 Oct 2020 12:04:58 +0000 (15:04 +0300)]

Merge pull request #944 from IBBoard/patch-1

Fix extra quotes in firewall string matching

commit | commitdiff | tree

IBBoard [Sat, 26 Sep 2020 18:33:00 +0000 (19:33 +0100)]

Fix fixture tests

ARGS_TO_HASH was correct (unquoted) but HASH_TO_ARGS
contained the rogue single quotes

commit | commitdiff | tree

IBBoard [Wed, 23 Sep 2020 19:58:09 +0000 (20:58 +0100)]

Fix extra quotes in firewall string matching

As reported by Steve Traylon[1] and @patricknelson[2], the munging adds extra quotes to the string.
This breaks the string matching in iptables, as it looks for literal single quotes in the match.

Removing the munging fixes this.

[1] https://tickets.puppetlabs.com/browse/MODULES-3454?focusedCommentId=686988&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-686988
[2] https://github.com/puppetlabs/puppetlabs-firewall/commit/3655c6bd33d662a3813c2f66cd0bc5889c68c2c2#diff-379160b60a9bdf297b92a51d20efd8c3R1426

commit | commitdiff | tree

Pat Riehecky [Tue, 22 Sep 2020 18:47:41 +0000 (13:47 -0500)]

Resolve simple puppet-lint items

commit | commitdiff | tree

Adrian Iurca [Tue, 15 Sep 2020 08:34:42 +0000 (11:34 +0300)]

Merge pull request #942 from david22swan/IAC-987

(IAC-987) - Removal of inappropriate terminology

commit | commitdiff | tree

David Swan [Mon, 14 Sep 2020 14:57:49 +0000 (15:57 +0100)]

(maint) - Removal of legacy nodesets

commit | commitdiff | tree

David Swan [Mon, 14 Sep 2020 14:57:29 +0000 (15:57 +0100)]

(IAC-987) - Removal of inappropriate terminology

commit | commitdiff | tree

Samuli Seppänen [Fri, 31 Jan 2020 10:03:11 +0000 (12:03 +0200)]

MODULES-10522: Add support for the --condition parameter

commit | commitdiff | tree

Adrian Iurca [Mon, 10 Aug 2020 11:28:38 +0000 (14:28 +0300)]

Merge pull request #937 from operasoftware-osp/provider-regression

Fix problem with parsing rules without quotes

commit | commitdiff | tree

david22swan [Thu, 6 Aug 2020 09:54:58 +0000 (10:54 +0100)]

Merge pull request #938 from sanfrancrisko/fix/spec_helper_method

(IAC-1025) Fix spec test helper method

commit | commitdiff | tree

Ciaran McCrisken [Wed, 5 Aug 2020 16:13:09 +0000 (17:13 +0100)]

(IAC-1025) Fix spec test helper method

Tests failing on RHEL systems as the `install_iptables` method
always assumed it was running against Debian / Ubuntu.

commit | commitdiff | tree

Łukasz Czapliński [Wed, 5 Aug 2020 15:13:44 +0000 (17:13 +0200)]

Fix problem with parsing rules without quotes

commit | commitdiff | tree

Adrian Iurca [Tue, 4 Aug 2020 10:18:37 +0000 (13:18 +0300)]

Merge pull request #933 from puppetlabs/pdksync_IAC-973

pdksync - (IAC-973) - Update travis/appveyor to run on new default branch main

commit | commitdiff | tree

David Swan [Tue, 4 Aug 2020 09:51:48 +0000 (10:51 +0100)]

(IAC-973) - Update travis/appveyor to run on new default branch main

commit | commitdiff | tree

Adrian Iurca [Tue, 28 Jul 2020 17:05:44 +0000 (20:05 +0300)]

Merge pull request #932 from puppetlabs/release

Release prep version 2.5.0

commit | commitdiff | tree

Auto-release [Tue, 28 Jul 2020 13:26:56 +0000 (13:26 +0000)]

Release version 2.5.0

commit | commitdiff | tree

daianamezdrea [Wed, 22 Jul 2020 09:25:13 +0000 (12:25 +0300)]

Merge pull request #931 from adrianiurca/add_acceptance_and_unit_test

Add acceptance and unit test

commit | commitdiff | tree

Adrian Iurca [Wed, 22 Jul 2020 08:53:36 +0000 (11:53 +0300)]

Update firewall.rb

commit | commitdiff | tree

Adrian Iurca [Wed, 22 Jul 2020 08:50:18 +0000 (11:50 +0300)]

Update spec_helper_acceptance_local.rb

commit | commitdiff | tree

adrianiurca [Thu, 16 Jul 2020 16:10:31 +0000 (19:10 +0300)]

Add acceptance and unit test for notrack parameter

commit | commitdiff | tree

Jesper Brix Rosenkilde [Thu, 26 Mar 2020 07:57:53 +0000 (08:57 +0100)]

Fix RuboCop offence

commit | commitdiff | tree

Jesper Brix Rosenkilde [Tue, 24 Mar 2020 15:52:20 +0000 (16:52 +0100)]

Add --notrack flag

commit | commitdiff | tree

sanfrancrisko [Thu, 16 Jul 2020 10:14:19 +0000 (11:14 +0100)]

Merge pull request #930 from adrianiurca/add_acceptance_test_hex_string

[IAC-899] - Add acceptance test for string_hex parameter

commit | commitdiff | tree

Mark Nejedlo [Fri, 5 Jun 2020 15:22:44 +0000 (10:22 -0500)]

fix parsing of '! --hex-string' from iptables-save

iptables-save outputs the value of --hex-string inside quotes, which was
causing quotes inside quotes problems with the value. This change adds
a special case parser for --hex-string to get the ! inside the quotes
and eliminate the doubled quotation marks

commit | commitdiff | tree

adrianiurca [Thu, 16 Jul 2020 08:57:39 +0000 (11:57 +0300)]

add acceptance test for hex_string

commit | commitdiff | tree

Mark Nejedlo [Mon, 1 Jun 2020 19:01:44 +0000 (14:01 -0500)]

add string_hex to ip6tables provider. MODULES-10684

commit | commitdiff | tree

david22swan [Thu, 9 Jul 2020 13:40:21 +0000 (14:40 +0100)]

Merge pull request #928 from adrianiurca/configure_docker_container_debian10

(IAC-898) - add pre configuration for docker: debian10

commit | commitdiff | tree

adrianiurca [Thu, 9 Jul 2020 12:50:59 +0000 (15:50 +0300)]

add pre configuration for docker: debian10

commit | commitdiff | tree

sheenaajay [Fri, 19 Jun 2020 17:04:53 +0000 (18:04 +0100)]

Merge pull request #921 from frh/ip6tables-nflog

Add support for NFLOG options to ip6tables

commit | commitdiff | tree

david22swan [Mon, 15 Jun 2020 09:12:09 +0000 (10:12 +0100)]

Merge pull request #925 from puppetlabs/pdksync_maint/iac-886

pdksync - (IAC-886) Back out SLES 11 from release checks

commit | commitdiff | tree

Ciaran McCrisken [Fri, 12 Jun 2020 15:33:37 +0000 (16:33 +0100)]

(IAC-886) Remove SLES 11 from release checks

commit | commitdiff | tree

frh [Thu, 21 May 2020 16:54:12 +0000 (18:54 +0200)]

Unquote nflog-group

commit | commitdiff | tree

frh [Thu, 21 May 2020 16:46:28 +0000 (18:46 +0200)]

Fix case

commit | commitdiff | tree

frh [Thu, 21 May 2020 16:37:40 +0000 (18:37 +0200)]

Fix missing comma

commit | commitdiff | tree

frh [Thu, 21 May 2020 15:56:31 +0000 (17:56 +0200)]

Add ip6tables NFLOG unit test

commit | commitdiff | tree

daianamezdrea [Thu, 21 May 2020 08:24:46 +0000 (11:24 +0300)]

Merge pull request #922 from puppetlabs/pdksync_IAC-746

(IAC-746) - Add ubuntu 20.04 support

commit | commitdiff | tree

David Swan [Wed, 20 May 2020 10:52:06 +0000 (11:52 +0100)]

(IAC-746) - Add ubuntu 20.04 support

commit | commitdiff | tree

frh [Tue, 19 May 2020 12:19:18 +0000 (14:19 +0200)]

Add support for NFLOG options to ip6tables

commit | commitdiff | tree

sheenaajay [Tue, 19 May 2020 08:48:39 +0000 (09:48 +0100)]

Merge pull request #920 from puppetlabs/pdksync_abs

pdksync - Use abs instead of vmpooler to provision test resources

commit | commitdiff | tree

Daniel Carabas [Mon, 18 May 2020 07:02:02 +0000 (10:02 +0300)]

Switch to default spec_helper_acceptance file

commit | commitdiff | tree

Daniel Carabas [Mon, 18 May 2020 06:55:45 +0000 (09:55 +0300)]

Change provision from vmpooler to abs

commit | commitdiff | tree

sanfrancrisko [Thu, 14 May 2020 10:23:15 +0000 (11:23 +0100)]

Merge pull request #918 from puppetlabs/pdksync_PDK_UPDATE

pdksync - (maint) - Pdk Update

commit | commitdiff | tree

sanfrancrisko [Wed, 13 May 2020 14:23:26 +0000 (15:23 +0100)]

Merge pull request #919 from puppetlabs/release

(IAC-792) - v2.4.0 Release Mergeback

commit | commitdiff | tree

Auto-release [Wed, 13 May 2020 10:10:47 +0000 (10:10 +0000)]

Release version 2.4.0

commit | commitdiff | tree

david22swan [Wed, 13 May 2020 09:41:23 +0000 (10:41 +0100)]

(maint) - set travis environments to trusty

commit | commitdiff | tree

david22swan [Wed, 13 May 2020 09:06:48 +0000 (10:06 +0100)]

(maint) - add back gems removed by pdk update

commit | commitdiff | tree

David Swan [Tue, 12 May 2020 14:39:47 +0000 (15:39 +0100)]

(maint) - Pdk Update

commit | commitdiff | tree

david22swan [Mon, 11 May 2020 13:38:52 +0000 (14:38 +0100)]

Merge pull request #917 from sanfrancrisko/add_u32_module

Add support for u32 module in iptables

commit | commitdiff | tree

Mohammed El-Hakim [Thu, 9 Jan 2020 11:01:12 +0000 (12:01 +0100)]

Adding u32

commit | commitdiff | tree

sanfrancrisko [Wed, 6 May 2020 15:32:50 +0000 (16:32 +0100)]

Merge pull request #916 from akerl-unpriv/feature/cgroup-support

Add support for cgroup arg

commit | commitdiff | tree

Les Aker [Mon, 4 May 2020 19:47:14 +0000 (15:47 -0400)]

add cgroup support

commit | commitdiff | tree

daianamezdrea [Thu, 30 Apr 2020 11:21:50 +0000 (14:21 +0300)]

Merge pull request #914 from martialblog/log-options

Extend LOG options

commit | commitdiff | tree

daianamezdrea [Mon, 27 Apr 2020 12:25:52 +0000 (15:25 +0300)]

Merge pull request #915 from puppetlabs/pdksync_dependency_gems_update

pdksync - Add dependency gems to development group

commit | commitdiff | tree

Daniel Carabas [Mon, 27 Apr 2020 11:26:50 +0000 (14:26 +0300)]

Add net-ssh dependency gems to development group

commit | commitdiff | tree

david22swan [Wed, 22 Apr 2020 13:19:42 +0000 (14:19 +0100)]

Merge pull request #911 from NITEMAN/MODULES-8543

(MODULES-8543) Remove nftables' backend warning from iptables_save outtput

commit | commitdiff | tree

Markus Opolka [Wed, 22 Apr 2020 07:32:19 +0000 (09:32 +0200)]

Extend LOG options

- Adds booleans for --log-tcp-sequence, --log-tcp-options, --log-ip-options

commit | commitdiff | tree

Pedro González Serrano [Tue, 14 Apr 2020 06:38:14 +0000 (08:38 +0200)]

(MODULES-8543) Extend nftables' backend warning removal to ip6tables

commit | commitdiff | tree

Pedro González Serrano [Wed, 1 Apr 2020 10:49:22 +0000 (12:49 +0200)]

(MODULES-8543) Remove nftables' backend warning from iptables_save output

commit | commitdiff | tree

carabasdaniel [Thu, 26 Mar 2020 16:56:10 +0000 (18:56 +0200)]

Merge pull request #910 from puppetlabs/release

(IAC-627) Release MergeBack

commit | commitdiff | tree

sheenaajay [Thu, 26 Mar 2020 13:38:25 +0000 (13:38 +0000)]

Merge pull request #909 from carabasdaniel/release_prep

(IAC-625) Release version v2.3.0

commit | commitdiff | tree

Auto-release [Thu, 26 Mar 2020 12:13:04 +0000 (12:13 +0000)]

Release version 2.3.0

commit | commitdiff | tree

carabasdaniel [Thu, 26 Mar 2020 10:58:16 +0000 (12:58 +0200)]

Merge pull request #907 from alexconrey/iptables-hex

Add iptables --hex-string support to firewall resource

commit | commitdiff | tree

Alex Conrey [Sun, 22 Mar 2020 01:22:52 +0000 (18:22 -0700)]

typo in iptables fixture

commit | commitdiff | tree

Alex Conrey [Sun, 22 Mar 2020 00:57:44 +0000 (17:57 -0700)]

Add iptables --hex-string support to firewall resource

commit | commitdiff | tree

carabasdaniel [Wed, 18 Mar 2020 12:05:46 +0000 (14:05 +0200)]

Merge pull request #906 from Filipovici-Andrei/master

(maint) Use fact.flush only when available

RSS Atom