cookbook 'chz-firewall', '= 0.1.1'
chz-firewall (6) Versions 0.1.1 Follow0
Installs/Configures firewalls
cookbook 'chz-firewall', '= 0.1.1', :supermarket
knife supermarket install chz-firewall
knife supermarket download chz-firewall
Firewall cookbook for Windows and GNU/Linux applications, developed at Cheezburger Inc.
New BSD License
Windows, Ubuntu, or RHEL based
['chz-firewall']['version'] Integer, if changed firewall will reload on windows.
Linux firewall is dynamic with attribute changes
['chz-firewall']['whitelist'] Array of IPs to whitelist
['chz-firewall']['blacklist'] Array of IPs to blacklist
['chz-firewall']['enable_ping'] Boolean, to allow incoming ping
['chz-firewall']['tcp_in'] Array of ports to open
['chz-firewall']['tcp_out'] Same
['chz-firewall']['udp_in'] Same
['chz-firewall']['udp_out'] Same
['chz-firewall']['firewall_type'] Iptables or windows autodetected, csf ( partial support
['chz-firewall']['whitelist_interfaces'] = [ "lo" ]
['chz-firewall']['enable_vrrp'] Boolean, to enable vrrp (for keepalived to work)
['chz-firewall']['default_deny_in'] Boolean, drops unmatched traffic in if true
['chz-firewall']['default_deny_out'] Boolean, drops unmatched traffic out if true
['chz-firewall']['allow_established'] Boolean, allows established connections if true
Use default recipe for default rules with iptables or windows firewall.
Use attribute overrides to change settings
Not all attributes are yet supported by all types of firewalls. Vrrp and interface whitelist do not work in windows.
Tested on Ubuntu 12.04, Windows 2012 and 2008r2.
Dependent cookbooks
powershell >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.