GitHub puppet-firewalld
Puppet module for managing firewalld

Repo Checks ( 13 of 18 successfull )
Metadata Valid
No translation
passed
Correct Puppet Version Range
Supported Puppet version range is %{PUPPET_SUPPORT_RANGE}
failed
With Puppet Version Range
Puppet version range is present in requirements in metadata.json
passed
With Operatingsystem Support
No translation
passed
Operatingsystems
No translation
passed
Supports Only Current Redhat
No translation
passed
Supports Latest Redhat
No translation
passed
Supports Only Current Centos
No translation
passed
Supports Latest Centos
No translation
failed
Supports Only Current Oraclelinux
No translation
passed
Supports Latest Oraclelinux
No translation
failed
In Modulesync Repo
Is listed as a module managed using modulesync_config
passed
Synced
Has a .msync.yml file
passed
Latest Modulesync
Has been synchronized with the latest tagged version of modulesync_config
failed
Has Modulesync
Is present in voxpupuli/modulesync_config/managed_modules.yml
passed
Released
Is in modulesync_config and in forge releases.
passed
Valid Sync File
If a (optional) sync file is present, it must not contain a `.travis.yml` entry.
failed
Reference Dot Md
The repository has a REFERENCE.md. It needs to be generated / puppet-strings documentation is missing.
passed

Open Pull Requests

Add methods instances and prefetch for firewalld_service

Add method instances and prefetch into firewalld_service provider.

Open PR in GitHub
Speed up ipset entries changes
enhancement
needs-rebase

We now use --add-entries-from-file and --remove-entries-from-file to
change firewalld ipset. Adding or removing entries one by one was really
slow.

This pull request is based on
https://github.com/42wim/puppet-firewalld/blob/04683b46cbe6e6a925c585283941cc363752aceb/lib/puppet/provider/firewalld_ipset/firewall_cmd.rb
first pull request was here: jfroche/puppet-firewalld#4

Open PR in GitHub
Add enhancement for purging unmanaged zones
merge-conflicts
needs-rebase
needs-tests

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

This pull request adds the ability to purge unmanaged firewalld zones.

This Pull Request (PR) fixes the following issues:

Fixes #134

Open PR in GitHub
add package manage
needs-tests

Add the option to manage or not the package. Don't change default behaviour.

Open PR in GitHub
Pass the protocols to custom_service
needs-tests
needs-rebase

Pull Request (PR) description

This allows you to specify protocols in through firewalld::custom_service, which are then passed on to firewalld_custom_service.

Signed-off-by: Jo Vandeginste Jo.Vandeginste@kuleuven.be

Open PR in GitHub
Fix276
needs-squash
needs-rebase

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

This pull request allows the reload of firewalld rules to get triggered when they are not present in the runtime stage of firewalld and are only present in permanent. It fixes the rules that get stuck in permanent stage because of a skipped reload caused by a puppet error between the deployment of rules and the reload.

This Pull Request (PR) fixes the following issues

Fixes #276

Open PR in GitHub
firewalld_zone: Fix failure creating new zone

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

Possibly due to a change in recent firewalld versions (I'm on 2.1.1), creating a new zone fails with:

Debug: Firewalldzone[test3](provider=firewallcmd): Creating new zone test3 with target: ''
Debug: Puppet::Type::Firewalldzone::ProviderFirewallcmd: Executing --state command - current value
Debug: Executing: '/usr/sbin/firewall-cmd --state'
Debug: Executing: '/usr/sbin/firewall-offline-cmd --new-zone test3'
Debug: Puppet::Type::Firewalldzone::ProviderFirewallcmd: Executing --state command - current value
Debug: Executing: '/usr/sbin/firewall-cmd --state'
Debug: Executing: '/usr/sbin/firewall-offline-cmd --zone test3 --list-interfaces'
Debug: Firewalldzone[test3](provider=firewallcmd): removing icmp block inversion for zone test3
Debug: Puppet::Type::Firewalldzone::ProviderFirewallcmd: Executing --state command - current value
Debug: Executing: '/usr/sbin/firewall-cmd --state'
Debug: Executing: '/usr/sbin/firewall-offline-cmd --zone test3 --remove-icmp-block-inversion'
Error: Execution of '/usr/sbin/firewall-offline-cmd --zone test3 --remove-icmp-block-inversion' returned 12:
Error: /Stage[main]/Main/Firewalld_zone[test3]/ensure: change from 'absent' to 'present' failed: Execution of '/usr/sbin/firewall-offline-cmd --zone test3 --remove-icmp-block-inversion' returned 12:

which seems to be because ICMP block inversion is unset by default:

```

/usr/sbin/firewall-offline-cmd --zone test3 --remove-icmp-block-inversion
NOT_ENABLED: icmp-block-inversion
echo $?
12
```

Only manage icmp_block_inversion property on new zones if set to true.

This Pull Request (PR) fixes the following issues

None. This is a report and fix all in one. Feel free to suggest changes.

Open PR in GitHub
modulesync 9.1.0
modulesync

modulesync 9.1.0

Open PR in GitHub