From 5661b2b72c1e7e20e88c07b3c5635bbdaaaf7cc0 Mon Sep 17 00:00:00 2001
From: Ken Barber <ken@bob.sh>
Date: Wed, 10 Apr 2013 13:44:38 +0100
Subject: [PATCH] Get rid of examples it isn't being maintained and it belongs
 in docs

I think the expectation that people should drop to looking at code for examples
is wrong anyway, we should express examples through documentation if we can.

Signed-off-by: Ken Barber <ken@bob.sh>
---
 examples/ip6tables/test.pp  | 104 -----------------------------
 examples/iptables/readme.pp |  35 ----------
 examples/iptables/run.sh    |   3 -
 examples/iptables/test.pp   | 128 ------------------------------------
 4 files changed, 270 deletions(-)
 delete mode 100644 examples/ip6tables/test.pp
 delete mode 100644 examples/iptables/readme.pp
 delete mode 100755 examples/iptables/run.sh
 delete mode 100644 examples/iptables/test.pp

diff --git a/examples/ip6tables/test.pp b/examples/ip6tables/test.pp
deleted file mode 100644
index db52cf7..0000000
--- a/examples/ip6tables/test.pp
+++ /dev/null
@@ -1,104 +0,0 @@
-firewall { '000 allow foo':
-  dport    => [7061, 7062],
-  action   => accept,
-  proto    => 'tcp',
-  provider => 'ip6tables'
-}
-
-firewall { '001 allow boo':
-  action      => accept,
-  iniface     => 'eth0',
-  sport       => 123,
-  dport       => 123,
-  proto       => 'tcp',
-  destination => '::1/128',
-  provider    => 'ip6tables'
-}
-
-firewall { '002 foo':
-  dport    => 1233,
-  proto    => 'tcp',
-  action   => drop,
-  provider => 'ip6tables'
-}
-
-firewall { '005 INPUT disregard DHCP':
-  dport    => ['bootpc', 'bootps'],
-  action   => drop,
-  proto    => 'udp',
-  provider => 'ip6tables'
-}
-
-firewall { '006 INPUT disregard netbios':
-  port     => ['netbios-ns', 'netbios-dgm', 'netbios-ssn'],
-  action   => drop,
-  proto    => 'udp',
-  provider => 'ip6tables'
-}
-
-firewall { '006 Disregard CIFS':
-  dport    => 'microsoft-ds',
-  action   => drop,
-  proto    => 'tcp',
-  provider => 'ip6tables'
-}
-
-firewall { '010 icmp':
-  proto    => 'ipv6-icmp',
-  icmp     => 'echo-reply',
-  action   => accept,
-  provider => 'ip6tables'
-}
-
-firewall { '010 INPUT allow loopback':
-  iniface  => 'lo',
-  chain    => 'INPUT',
-  action   => accept,
-  provider => 'ip6tables'
-}
-
-firewall { '050 INPUT drop invalid':
-  state    => 'INVALID',
-  action   => drop,
-  provider => 'ip6tables'
-}
-
-firewall { '051 INPUT allow related and established':
-  state    => ['RELATED', 'ESTABLISHED'],
-  action   => accept,
-  provider => 'ip6tables'
-}
-
-firewall { '053 INPUT allow ICMP':
-  icmp     => '8',
-  proto    => 'ipv6-icmp',
-  action   => accept,
-  provider => 'ip6tables'
-}
-
-firewall { '055 INPUT allow DNS':
-  sport    => 'domain',
-  proto    => 'udp',
-  action   => accept,
-  provider => 'ip6tables'
-}
-
-firewall { '999 FORWARD drop':
-  chain    => 'FORWARD',
-  action   => drop,
-  provider => 'ip6tables'
-}
-
-firewall { '001 OUTPUT allow loopback':
-  chain    => 'OUTPUT',
-  outiface => 'lo',
-  action   => accept,
-  provider => 'ip6tables'
-}
-
-firewall { '100 OUTPUT drop invalid':
-  chain    => 'OUTPUT',
-  state    => 'INVALID',
-  action   => drop,
-  provider => 'ip6tables'
-}
diff --git a/examples/iptables/readme.pp b/examples/iptables/readme.pp
deleted file mode 100644
index bc45160..0000000
--- a/examples/iptables/readme.pp
+++ /dev/null
@@ -1,35 +0,0 @@
-  firewall { '000 allow packets with valid state':
-    state   => ['RELATED', 'ESTABLISHED'],
-    action  => 'accept',
-  }
-  firewall { '001 allow icmp':
-    proto   => 'icmp',
-    action  => 'accept',
-  }
-  firewall { '002 allow all to lo interface':
-    iniface => 'lo',
-    action  => 'accept',
-  }
-  firewall { '100 allow http':
-    proto  => 'tcp',
-    dport  => '80',
-    action => 'accept',
-  }
-  firewall { '100 allow ssh':
-    proto  => 'tcp',
-    dport  => '22',
-    action => 'accept',
-  }
-  firewall { '100 allow mysql from internal':
-    proto  => 'tcp',
-    dport  => '3036',
-    source => '10.5.5.0/24',
-    action => 'accept',
-  }
-  firewall { '999 drop everything else':
-    action => 'drop',
-  }
-
-  resources { 'firewall':
-    purge => true,
-  }
diff --git a/examples/iptables/run.sh b/examples/iptables/run.sh
deleted file mode 100755
index c3a68de..0000000
--- a/examples/iptables/run.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-puppet apply --debug --libdir ../../lib readme.pp
diff --git a/examples/iptables/test.pp b/examples/iptables/test.pp
deleted file mode 100644
index bb9714c..0000000
--- a/examples/iptables/test.pp
+++ /dev/null
@@ -1,128 +0,0 @@
-firewall { '000 allow foo':
-  dport  => [7061, 7062],
-  action => accept,
-  proto  => 'tcp',
-}
-
-firewall { '975 log test':
-  state     => 'NEW',
-  log_level => 'panic',
-  jump      => 'LOG'
-}
-
-firewall { '001 allow boo':
-  action      => accept,
-  iniface     => 'eth0',
-  sport       => '123',
-  dport       => '123',
-  proto       => 'tcp',
-  destination => '1.1.1.0/24',
-  source      => '2.2.2.0/24',
-}
-
-firewall { '100 snat for network foo2':
-  chain    => 'POSTROUTING',
-  jump     => 'MASQUERADE',
-  proto    => 'all',
-  outiface => 'eth0',
-  source   => '10.1.2.0/24',
-  table    => 'nat'
-}
-
-firewall { '999 bar':
-  action => accept,
-  dport  => '1233',
-  proto  => 'tcp',
-}
-
-firewall { '002 foo':
-  action => drop,
-  dport  => '1233',
-  proto  => 'tcp',
-}
-
-firewall { '010 icmp':
-  action => accept,
-  proto  => 'icmp',
-  icmp   => 'echo-reply',
-}
-
-firewall { '010 INPUT allow loopback':
-  action  => accept,
-  iniface => 'lo',
-  chain   => 'INPUT',
-}
-
-firewall { '005 INPUT disregard DHCP':
-  action => drop,
-  dport  => ['bootpc', 'bootps'],
-  proto  => 'udp'
-}
-
-firewall { '006 INPUT disregard netbios':
-  action => drop,
-  proto  => 'udp',
-  dport  => ['netbios-ns', 'netbios-dgm', 'netbios-ssn'],
-}
-
-firewall { '006 Disregard CIFS':
-  action => drop,
-  dport  => 'microsoft-ds',
-  proto  => 'tcp'
-}
-
-firewall { '050 INPUT drop invalid':
-  action => drop,
-  state  => 'INVALID',
-}
-
-firewall { '051 INPUT allow related and established':
-  action => accept,
-  state  => ['RELATED', 'ESTABLISHED'],
-}
-
-firewall { '053 INPUT allow ICMP':
-  action => accept,
-  icmp   => '8',
-  proto  => 'icmp',
-}
-
-firewall { '055 INPUT allow DNS':
-  action => accept,
-  proto  => 'udp',
-  sport  => 'domain'
-}
-
-firewall { '056 INPUT allow web in and out':
-  action => accept,
-  proto  => 'tcp',
-  port   => 80
-}
-
-firewall { '057 INPUT limit NTP':
-  action => accept,
-  proto  => 'tcp',
-  dport  => ntp,
-  limit  => '15/hour'
-}
-
-firewall { '999 FORWARD drop':
-  action => drop,
-  chain  => 'FORWARD',
-}
-
-firewall { '001 OUTPUT allow loopback':
-  action   => accept,
-  chain    => 'OUTPUT',
-  outiface => 'lo',
-}
-
-firewall { '100 OUTPUT drop invalid':
-  action => drop,
-  chain  => 'OUTPUT',
-  state  => 'INVALID',
-}
-
-resources { 'firewall':
-  purge => true
-}
-- 
2.45.2