BTW - this is awesome!-JesseOn Apr 3, 2011, at 5:02 PM, Charles Duffy wrote:Howdy, all --
At the recent training/meetup in Austin, it came up that there's been some discussion on the need for firewall management. In that light, Tippr is releasing the cookbook we use for Shorewall-based iptables configuration. Our repository is available at https://github.com/Tippr/tippr-public-cookbooks/tree/master/shorewall. Patches, feedback, and the like would be appreciated; there's some extremely low-hanging fruit (such as support for operating systems other than CentOS) available to be plucked. That said, we've been using this cookbook in production for some time, and it works well for us.
The README should give a taste of the capabilities -- we provide helpers which use search to identify systems which should be placed in zones or to which specific firewall rules should apply. That said, it should be possible to use this cookbook in a chef-solo environment by avoiding search-related functionality (some of the defaults, particularly the definition of the `lan` zone, may need to be overridden for this purpose).
Thanks, and enjoy!
Archive powered by MHonArc 2.6.16.