Menu

Chef Supermarket

Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

View our collection of guides, documentation, and articles

Cookbooks
Advanced Options

Select Badges

Select Supported Platforms

RSS

L7-firewall (9) Versions 1.0.14

Installs/Configures firewall

Berkshelf
Policyfile
Knife 
cookbook 'L7-firewall', '~> 1.0.14'
cookbook 'L7-firewall', '~> 1.0.14', :supermarket
knife supermarket install L7-firewall
knife supermarket download L7-firewall
README
Dependencies
Quality 38%

firewall cookbook

Build Status security Cookbook Version

Description

Configures iptables packet filter via Opscode Chef in /etc/iptables.rules

Supported Platforms

  • Ubuntu
  • Debian

Tested on

  • Ubuntu 12.04, 14.04
  • Debian 7

Recipes

  • L7-firewall - The default recipe.
  • L7-firewall::allow_ssh - allows ssh on port 22
  • L7-firewall::basic_firewall - sets up a basic firewall rule and chain set with default drop policy
  • L7-firewall::basic_firewall_ipv6 - same as basic_firewall but for ipv6
  • L7-firewall::get_ips - sets public_ipaddress and public_ip6address attributes based on public ip addresses of the machine

Usage

Policy

  • table: iptables table. (default: filter)
  • chain: iptables chain. (default: INPUT)
  • protoversion: ipv4 or ipv6. (default: ipv4)
  • policy: iptables policy. (default: ACCEPT)
L7_firewall_policy 'Drop input' do
  policy 'DROP'
  chain 'INPUT'
end

Notrack

  • proto: protocol. (default: tcp)
  • protoversion: ipv4 or ipv6. (default: ipv4)
  • port: tcp or udp port. (default: '')
L7_firewall_notrack "Do not track http traffic" do
  port "80"
end

Rule

  • rule: iptables rule. (default: '')
  • position: position in the rule list. (default: APPEND)
  • table: iptables table. (default: filter)
  • chain: iptables chain. (default: INPUT)
  • proto: protocol. (default: all)
  • protoversion: ipv4 or ipv6. (default: ipv4)
  • jump: where to jump, like -j. (default: ACCEPT)
  • enabled: boolean. (default: true)

Example disabled rule to drop all traffic from 1.2.3.4 in blacklist chain: ruby L7_firewall_rule 'Example blacklist rule' do rule '-s 1.2.3.4' jump 'DROP' chain 'BLACKLIST' enabled false end

TODO

  • Rewrite to LWRP

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Added some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

License

  • Freely distributable and licensed under the MIT license.
  • Copyright (c) 2015 Gabor Szelcsanyi

image

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

L7-zabbix Applicable Versions
L7-zabbix 1.0.11
L7-zabbix 1.0.12
L7-zabbix 1.0.14
L7-zabbix 1.0.15
L7-zabbix 1.0.16
L7-zabbix 1.0.17
L7-zabbix 1.0.18
L7-zabbix 1.0.19
L7-zabbix 1.0.20

Collaborator Number Metric 
            
1.0.14 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric 
            
1.0.14 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric 
            
1.0.14 failed this metric
FC066: Ensure chef_version is set in metadata: L7-firewall/metadata.rb:1
Run with Foodcritic Version 14.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

No Binaries Metric 
            
1.0.14 passed this metric

Publish Metric 
            
1.0.14 passed this metric

Supported Platforms Metric 
            
1.0.14 passed this metric

Testing File Metric 
            
1.0.14 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric 
            
1.0.14 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number

Gabor Szelcsanyi Gabor Szelcsanyi

Details

View Source View Issues

Updated July 26, 2017 Created on

Platforms

  • debian >= 7.0
  • ubuntu >= 14.04

License

MIT

Download Cookbook