Ask Your Question
2

Are there any plans to support firewalld with puppetlabs/firewall?

asked 2014-11-13 11:31:23 -0500

Gary Jackson gravatar image

updated 2016-09-27 18:15:46 -0500

Would something like this even make sense? If so, when would we expect to see this materialize?

I apologize if this is an inappropriate venue to ask this question.

NEEDS AN UPDATE- the module mentions firewalld, but no details.

edit retag flag offensive close merge delete

Comments

Re-opening this question (I hope) puppetlabs/firewall starts service "firewalld" for RHEL/CentOS 7, but I see no information about zones and services and such. Contrarywise, there is crayfishx/firewalld So the question then becomes: Do we use one or the other ? Neither ? Both ? ...???!

LinuxDan gravatar imageLinuxDan ( 2016-09-27 06:55:09 -0500 )edit

puppetlabs/firewall 'stops' firewalld, it doesn't start it: https://github.com/puppetlabs/puppetlabs-firewall/blob/master/manifests/linux/redhat.pp#L29. So, it does not support firewalld. Craig's firewalld module seems like the alternative.

ken gravatar imageken ( 2016-09-28 08:10:14 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
-1

answered 2014-11-14 16:07:58 -0500

Gary Jackson gravatar image

I got an answer from Hunter Haugen in the Puppet Google Group:

Unfortunately we (the puppetlabs module team) haven't yet started on the initiative to make this happen, but it has definitely been on our minds for a long while now.

I made https://tickets.puppetlabs.com/browse/MODULES-1498 really quickly to begin tracking this work though; as of yet there is no estimation for completion.

If you know any authors of an awesome firewalld module with whom we could work, make sure to point them our way!

I consider this matter answered.

edit flag offensive delete link more

Comments

1

Too old. This question should have an answer by now

LinuxDan gravatar imageLinuxDan ( 2016-09-27 18:10:51 -0500 )edit

I can't quite understand why this answer is unacceptable and has been re-opened as such. A link to a ticket has been provided tracking progress, and nothing has been done on it, but the answer itself is answered. Are we going to keep poking this until someone says 'yes it works' or something?

ken gravatar imageken ( 2016-09-28 08:05:44 -0500 )edit

Apologies for the buggered approach. I am working on RHEL7 servers that require firewalld. This module currently installs and runs firewalld on a RHEL/CentOS 7 server, but there appears to be no provision for customizing the firewalld definitions.

LinuxDan gravatar imageLinuxDan ( 2016-09-28 08:41:33 -0500 )edit

Would a new question / issue / whatever be more appropriate ?

LinuxDan gravatar imageLinuxDan ( 2016-09-28 08:41:59 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2014-11-13 11:31:23 -0500

Seen: 993 times

Last updated: Sep 27 '16