Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

cerberus (4) Versions 0.2.0

Installs/Configures Cerberus firewall manager for Windows 2003 and 2008

Policyfile
Berkshelf
Knife
cookbook 'cerberus', '= 0.2.0', :supermarket
cookbook 'cerberus', '= 0.2.0'
knife supermarket install cerberus
knife supermarket download cerberus
README
Dependencies
Quality -%

Description

Installs/Configures cerberus firewall manager for Windows 2003. The key thought behind Cerberus' modus operandi is simple: define the permitted ports and protocols in one databag and the permitted IP addresses / ranges in another. Any IP inside the ip_permit databag would have access to any of the declared ports.

http://bit.ly/chefcerberus

Requirements

Windows 2003 or 2008, a data bag to hold permitted ip addresses and a data bag to hold protocol details. Also requires the twitter cookbook to tweet service status changes; this dependency can be broken and removed easily.

Attributes

The Windows 2003 version uses a few attributes to point at the the "inf" file used for rule deployment; however, the vast majority of the information is stored inside data bags.

Usage

Create two data bags and add the permitted ips to the first and the permitted ports to the second as such:

ip_permit (sample item below)
{
"name": "data_bag_item_ip_permit_www",
"raw_data": {
"netmask": "/32",
"comment": "example host description here",
"fqdn": "www.smashrun.com",
"ipaddress": "192.168.0.110",
"id": "www",
"owner": "Joe User"
},
"json_class": "Chef::DataBagItem",
"data_bag": "ip_permit",
"chef_type": "data_bag_item"
}

firewall_rules (sample item below)
{
"name": "data_bag_item_firewall_rules_3389",
"raw_data": {
"name": "rdp",
"protocol": "tcp",
"id": "3389",
"permit": "enabled",
"description": "Remote Desktop (tcp 3389)"
},
"json_class": "Chef::DataBagItem",
"data_bag": "firewall_rules",
"chef_type": "data_bag_item"
}

Then add the cookbook to the runlist and watch it go!

No quality metric results found