Created
August 26, 2014 14:31
-
-
Save raphink/e25a4e490a571ddb2d44 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Default firewall rules | |
| firewall { '000 accept all icmp': | |
| proto => 'icmp', | |
| action => 'accept', | |
| } | |
| firewall { '001 accept all to lo interface': | |
| proto => 'all', | |
| iniface => 'lo', | |
| action => 'accept', | |
| } | |
| firewall { '002 accept related established rules': | |
| proto => 'all', | |
| ctstate => ['RELATED', 'ESTABLISHED'], | |
| action => 'accept', | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ puppet apply --noop --modulepath . firewall.pp --verbose | |
| Info: Loading facts in /home/rpinson/bas/puppet/firewall/puppet-firewall/lib/facter/iptables_persistent_version.rb | |
| Info: Loading facts in /home/rpinson/bas/puppet/firewall/puppet-firewall/lib/facter/iptables_version.rb | |
| Info: Loading facts in /home/rpinson/bas/puppet/firewall/puppet-firewall/lib/facter/ip6tables_version.rb | |
| Notice: Compiled catalog for wrk15.wrk.cby.camptocamp.com in environment production in 0.06 seconds | |
| Info: Applying configuration version '1409062655' | |
| Notice: /Stage[main]/Main/Firewall[000 accept all icmp]/ensure: current_value absent, should be present (noop) | |
| Notice: /Stage[main]/Main/Firewall[002 accept related established rules]/ensure: current_value absent, should be present (noop) | |
| Notice: /Stage[main]/Main/Firewall[001 accept all to lo interface]/ensure: current_value absent, should be present (noop) | |
| Notice: Class[Main]: Would have triggered 'refresh' from 3 events | |
| Notice: Stage[main]: Would have triggered 'refresh' from 1 events | |
| Notice: Finished catalog run in 0.59 seconds |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ puppet apply --noop --modulepath . firewall.pp --verbose | |
| Info: Loading facts in /home/rpinson/bas/puppet/firewall/puppet-firewall/lib/facter/iptables_persistent_version.rb | |
| Info: Loading facts in /home/rpinson/bas/puppet/firewall/puppet-firewall/lib/facter/iptables_version.rb | |
| Info: Loading facts in /home/rpinson/bas/puppet/firewall/puppet-firewall/lib/facter/ip6tables_version.rb | |
| Notice: Compiled catalog for wrk15.wrk.cby.camptocamp.com in environment production in 0.06 seconds | |
| Info: Applying configuration version '1409062668' | |
| Notice: /Stage[main]/Main/Firewall[000 accept all icmp]/ensure: current_value absent, should be present (noop) | |
| Notice: /Stage[main]/Main/Firewall[001 accept all to lo interface]/ensure: current_value absent, should be present (noop) | |
| Notice: /Stage[main]/Main/Firewall[002 accept related established rules]/ensure: current_value absent, should be present (noop) | |
| Notice: Class[Main]: Would have triggered 'refresh' from 3 events | |
| Notice: Stage[main]: Would have triggered 'refresh' from 1 events | |
| Notice: Finished catalog run in 0.65 seconds |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment