Ask Your Question
1

Firewall plus rules not managed by puppet?

asked 2014-03-05 16:24:30 -0500

fm82503 gravatar image

updated 2014-03-06 09:21:50 -0500

This is for puppet 3.4.3 and firewall module 1.0.2.

I'm getting started setting up puppet on our servers so I'm still pretty new at this. I've managed to configure most of our services and customized files with few problems.

I'm working on our firewall access right now. I've set up the firewall rules in puppet and that is working fine. We have various ports that need to be open in various servers for customers to use. We also have administrators and developers that need access to the servers to do their ... (more)

edit retag flag offensive close merge delete

Comments

Apparently, the firewall module does support unmanaged rules, but there is no documentation on it short of digging through the source code. I really wish people documented things better.

fm82503 gravatar imagefm82503 ( 2014-03-06 12:54:56 -0500 )edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2014-03-06 13:40:16 -0500

I want to try the same with firewall rule and not sure how it will behave with auto-auditing, please help.

Kumar Parab

edit flag offensive delete link more
0

answered 2014-03-07 06:49:59 -0500

robrwo gravatar image

I've had similar problems using the firewall module with fail2ban. If something else is managing a port, then the firewall module cannot manage that port. I'm not sure of a workaround if puppet changes are regularly applied. Perhaps you can open port 22 and notify the service that manages the firewall, so that every time Puppet changes the settings for that port, the service that managed it will make the necessary changes afterwards.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2014-03-05 16:24:30 -0500

Seen: 62 times

Last updated: Mar 07 '14