Mercurial > repos > other > Puppet

view modules/my_fw/manifests/pre.pp @ 142:dae1088dd218 puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add OLE detection to SpamAssassin without ClamAV Note: currently subject to https://github.com/JonathanThorpe/spamassassin-vba-macro/issues/15
author IBBoard <dev@ibboard.co.uk>
date Thu, 09 Feb 2017 20:54:30 +0000
parents 222904296578
children e36b7f4f85f2
line wrap: on
line source

class my_fw::pre {
  Firewall {
    require => undef,
  }
   # Default firewall rules
  firewall { '000 accept all icmp':
    proto   => 'icmp',
    action  => 'accept',
  } ->
  firewall { '001 accept all to lo interface':
    proto   => 'all',
    iniface => 'lo',
    action  => 'accept',
  } ->
  firewall { "002 reject local traffic not on loopback interface":
    iniface     => '! lo',
    proto       => 'all',
    destination => '127.0.0.1/8',
    action      => 'reject',
  } ->
  firewall { '003 accept related established rules':
    proto   => 'all',
    state => ['RELATED', 'ESTABLISHED'],
    action  => 'accept',
  }
}