Mercurial > repos > other > Puppet

diff modules/my_fw/manifests/pre.pp @ 480:2c3e745be8d2
Update server defs and own modules to match * $osver and $fqdn and others are now all in $facts * Firewall swapped action for jump and has new way to do IPv6 * SSH server setup changed * Resolve warnings from fileserver.conf * has_key() no longer exists because Puppet can do "key in array" * Some variables are now more strictly typed Also: * Try to configure full IPv6 DNS resolver * Clean up old config - unused servers and some CentOS complexity
author: IBBoard <dev@ibboard.co.uk>
date: Thu, 29 Aug 2024 18:58:49 +0100
parents: 11d940c9014e
--- a/modules/my_fw/manifests/pre.pp	Thu Aug 29 18:48:03 2024 +0100
+++ b/modules/my_fw/manifests/pre.pp	Thu Aug 29 18:58:49 2024 +0100
@@ -8,23 +8,23 @@
 
    # Default firewall rules
   firewall { '000 accept all icmp':
-    proto   => $icmp_proto,
-    action  => 'accept',
+    proto => $icmp_proto,
+    jump  => 'accept',
   } ->
   firewall { '001 accept all to lo interface':
     proto   => 'all',
     iniface => 'lo',
-    action  => 'accept',
+    jump    => 'accept',
   } ->
   firewall { "002 reject local traffic not on loopback interface":
     iniface     => '! lo',
     proto       => 'all',
     destination => $localhost,
-    action      => 'reject',
+    jump        => 'reject',
   } ->
   firewall { '005 accept related established rules':
-    proto   => 'all',
+    proto => 'all',
     state => ['RELATED', 'ESTABLISHED'],
-    action  => 'accept',
+    jump  => 'accept',
   }
 }
author	IBBoard <dev@ibboard.co.uk>
date	Thu, 29 Aug 2024 18:58:49 +0100
parents	11d940c9014e
children