cookbook 'netsh_firewall', '= 0.3.2'
netsh_firewall (8) Versions 0.3.2 Follow11
Configures Windows Firewall using netsh
cookbook 'netsh_firewall', '= 0.3.2', :supermarket
knife supermarket install netsh_firewall
knife supermarket download netsh_firewall
netsh_firewall
This cookbook provides resources for managing Windows Firewall using the netsh utility. See https://technet.microsoft.com/en-us/library/Dd734783.aspx for details on configuring Windows Firewall using netsh.
Platforms
- Windows Vista
- Windows 7
- Windows 8, 8.1
- Windows Server 2008, 2008 R2
- Windows Server 2012, 2012 R2
Recipes
default
If the ['netsh_firewall']['disable_unmanaged_rules']
attribute is set to true this recipe will disable firewall rules that are not managed with Chef or whitelisted using attributes. Use at your own risk.
Attributes
-
['netsh_firewall']['disable_unmanaged_rules']
- disable unmanaged firewall rules; defaults to false -
['netsh_firewall']['group_whitelist']
- an array of firewall groups to leave enabled, e.g. 'Core Networking' -
['netsh_firewall']['rule_whitelist']
- an array of firewall names to leave enabled, e.g. 'Remote Desktop (TCP-In)'
Resources
netsh_firewall_profile
Actions
-
:disable
: disable a firewall profile -
:enable
: enable a firewall profile and set inbound/outbound policy; this is the default action
Parameters
-
name
: name attribute; specifyall
,domain
,private
, orpublic
-
inbound
::allow
or:block
(default) -
outbound
::allow
(default) or:block
Example
netsh_firewall_profile 'all' do inbound :block outbound :allow end
netsh_firewall_rule
Actions
-
:allow
: create a rule to allow traffic through the firewall; this is the default action -
:block
: create a rule to block traffic -
:disable
: disable an existing rule (useful for built-in rules) -
:enable
: enable an existing rule
Parameters
-
name
: name attribute; the name of the rule to create -
description
: an optional description for the rule -
dir
::in
(default) or:out
; the direction of the rule -
localip
: a comma separated list of IP addresses or subnets in CIDR notation; defaults to 'any' -
localport
: the local port number; defaults to 'any' -
profile
::any
(default),:domain
,:private
, or:public
-
program
: a path to a program; traffic generated by the program will match this rule -
protocol
::tcp
(default),:udp
,:icmpv4
,:icmpv6
, or:any
-
remoteip
: a comma separated list of IP addresses or subnets in CIDR notation; defaults to 'any' -
remoteport
: the remote port number; defaults to 'any'
Examples
netsh_firewall_rule 'Windows Remote Management (HTTPS-In)' do description 'Allow remote management over SSL' localport '5986' action :allow end netsh_firewall_rule 'Windows Remote Management (HTTP-In)' do action :disable end
License
Copyright 2015 Biola University
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Dependent cookbooks
This cookbook has no specified dependencies.
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
netsh_firewall Cookbook CHANGELOG
This file is used to list changes made in each version of the netsh_firewall cookbook.
v0.3.2 (2016-01-19)
- Fixed ICMP rules not working due to default values for localport and remoteport
Collaborator Number Metric
0.3.2 failed this metric
Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.3.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.3.2 failed this metric
FC059: LWRP provider does not declare use_inline_resources: netsh_firewall/providers/profile.rb:1
FC059: LWRP provider does not declare use_inline_resources: netsh_firewall/providers/rule.rb:1
Run with Foodcritic Version 12.2.1 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
License Metric
0.3.2 failed this metric
netsh_firewall does not have a valid open source license.
Acceptable licenses include Apache-2.0, apachev2, Apache 2.0, MIT, mit, GPL-2.0, gplv2, GNU Public License 2.0, GPL-3.0, gplv3, GNU Public License 3.0.
No Binaries Metric
0.3.2 passed this metric
Testing File Metric
0.3.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.3.2 passed this metric
0.3.2 failed this metric
0.3.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.3.2 failed this metric
FC059: LWRP provider does not declare use_inline_resources: netsh_firewall/providers/profile.rb:1
FC059: LWRP provider does not declare use_inline_resources: netsh_firewall/providers/rule.rb:1
Run with Foodcritic Version 12.2.1 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
License Metric
0.3.2 failed this metric
netsh_firewall does not have a valid open source license.
Acceptable licenses include Apache-2.0, apachev2, Apache 2.0, MIT, mit, GPL-2.0, gplv2, GNU Public License 2.0, GPL-3.0, gplv3, GNU Public License 3.0.
No Binaries Metric
0.3.2 passed this metric
Testing File Metric
0.3.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.3.2 passed this metric
0.3.2 failed this metric
FC059: LWRP provider does not declare use_inline_resources: netsh_firewall/providers/rule.rb:1
Run with Foodcritic Version 12.2.1 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
0.3.2 failed this metric
netsh_firewall does not have a valid open source license.
Acceptable licenses include Apache-2.0, apachev2, Apache 2.0, MIT, mit, GPL-2.0, gplv2, GNU Public License 2.0, GPL-3.0, gplv3, GNU Public License 3.0.
No Binaries Metric
0.3.2 passed this metric
Testing File Metric
0.3.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.3.2 passed this metric
0.3.2 passed this metric
0.3.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.3.2 passed this metric
0.3.2 passed this metric