How to manage iptables with puppet

Recommend Documents

Fabric (cotton or other), felt for features, sewing thread, fabric glue, basic hand ... Using the basic finger puppet pattern, cut out two pieces of felt the same size.

How To…Manage Teams

How To…Manage Teams. 1. 1. Introduction. John Adair (see www.johnadair.co. uk) created the Action Centred Leadership model which suggests there are three.

How to manage performance

Why not keep up-to-date with Acas news and notifications by signing up ..... Your business plan will help guide objectiv

How to manage performance

What are seen as the advantages of linking pay to performance? 32. What are seen ... goes the extra mile â particularl

How to manage refractory GERD

2 Define refractory GERD. 3 Describe the most ... achalasia, gastroparesis or functional heartburn. Keywords ... defined diseases that can be identified by careful.

How to Manage Refugee Helplines

A few simple and inexpensive measures suffice to create a call centre. With an efficient helpline in place, ... office,

Firewall – IPTABLES

Firewall IPTABLES. O que é um Firewall? Um firewall é uma barreira inteligente entre duas redes, através do qual só passa tráfego autorizado. Este tráfego é ...

How to Manage Tracking Error with Greater Certainty - Benefits and ...

Oct 2, 2015 - 3 The original work on using an optimizer to manage tracking error risk .... Table 3 â Performance Compa

How to manage the negotiation process with a Chinese company

knowledge that may be gained from studying Chinese business negotiation ... information and real life experience of Chinese business negotiations.

PDF Dealing with Problem Employees: How to Manage ... - Google Sites

... to firing and severance packages, learn techniques to help problem employees ... Performance Personal Issues in the

How to manage children with the eye signs of

the child's overall visual function may improve. Children in whom surgery is not possible should be referred for rehabilitation. Staphyloma and phthisis bulbi.

[PDF] Dealing with Problem Employees: How to Manage Performance ...

Performance Personal Issues in the Workplace Popular Colection ... to deal with poor employee performance at Team Manage

How to Manage and Work With Digital Images

FastStone Image Viewer gives us a lot of user-defined options that we can set to ... our way through the various functio

HOW TO MANAGE EARNINGS MANAGEMENT?

legal. They are using the discretion at their disposal to present their financial results in a manner that best suits their ... Institute of Chartered Financial Analysts of India. ..... Private Information, Earnings Manipulations, Executive Stock Opt

How to Manage Silver Bearing Hazardous Wastes

to Kentucky hazardous waste regulations have been included in brackets for ... Photographic processing wastes include fixer solutions that often contain.

How to manage cloudburst and rain water

cloudburst and rain water. Page 4. Page 5. How to manage cloudburst and rain water – Action plan for a climate-proof Denmark. 3. Contents. Foreword .

UNESCO Geopark Action How to manage Geoparks!

Nov 15, 2011 - Application contact person (name, position, tel./fax, e-mail) ... words (this will be used only for the g

Infographic- How to manage difficult converesations - PhonakPro

hearing OSSes. When family and it is now finding its Way into hearing member is present healthcare. 1 Kris English et al

hemoptysis : how to manage - Nepal Journals Online

Hemoptysis is the expectoration of blood coming from tracheobronchial tree or ... Massive hemoptysis is life threatening and requires prompt treatment. Number ...

How to manage testicular capillary haemangioma

However, only 10% of all palpable tumors are reported as benign(3). Of note is ... Zaznaczyć należy, że powyższe dane pochodzą z populacji mężczyzn, którzy.

How to Manage the Online - Bitly

Apr 14, 2010 - This article is part of the April 2010 issue of Pharma Marketing News. For other articles ..... pressions

How to Manage Mercury Switches in Vehicles

There are also mercury switches in other parts of vehicles, such as the ABS system G-force sensors. How much mercury .... Appliance Recycling Information Center ... Grand Cherokee. 1993, 1995-1999. Grand Cherokee Wagoneer 1989. Jeep.

How to Manage Cravings- Reduce Stress

^185* Download The Food Addiction Recovery Workbook: How to Manage ... Ross by phone at 303-355-2445, or by e-mail at ca

149 Health / How To Manage DiabetesJuggun ... - WordPress.com

Orange County, California - Health Care Agency. City of San Antonio Metropolitan Health District. ... University of Miam

How to manage iptables with puppet

Download PDF

11 downloads 231195 Views 84KB Size Report

Comment

Feb 18, 2010 ... iptables-restore. ⇒ manage iptable backup file, then reload from backup. ⇒ same needs, many different home-made solutions. Marc Fournier.

How to manage iptables with puppet Marc Fournier

18. february 2010

Marc Fournier

How to manage iptables with puppet

Hmmm...

Or maybe not ?

Marc Fournier

How to manage iptables with puppet

common approaches

erb templates file fragments augeas iptables-restore ⇒ manage iptable backup file, then reload from backup ⇒ same needs, many different home-made solutions.

Marc Fournier

How to manage iptables with puppet

native iptables type ⇒ Dmitri Priimak, october 2007 iptables { "80": destination => "10.0.0.1", ensure => "open", }

more flexibility rules added one by one, then old rules removed resources collected, then rules applied in one run suitable for simple firewalls (else use shorewall)

Marc Fournier

How to manage iptables with puppet

overview of hosts/network iptable rules

SELECT p.name, v.value, r.title, h.name FROM param_names AS p, param_values AS v, resources AS r, hosts AS h WHERE r.id=v.resource_id AND p.id=v.param_name_id AND r.host_id=h.id AND r.restype="Iptables" AND h.name="foobar.example.com";

⇒ better: use ActiveRecords Marc Fournier

How to manage iptables with puppet

issues

unusual terminology bug: firewall reloaded at every puppet run very few options current version attempts to solve these issues. ⇒ http://github.com/camptocamp/puppet-iptables

Marc Fournier

How to manage iptables with puppet

examples

iptables { "allow icmp": proto => "icmp", icmp => "any", jump => "ACCEPT", }

Marc Fournier

How to manage iptables with puppet

examples

iptables { source proto dport jump reject }

"reject ssh from hostile subnet": => "10.1.0.0/16", => "tcp", => "22", => "REJECT", => "icmp-port-unreachable",

Marc Fournier

How to manage iptables with puppet

examples

iptables { "redirect port 80 to port 8080": chain => "PREROUTING", table => "nat", proto => "tcp", dport => "80", redirect => "8080", jump => "REDIRECT", }

Marc Fournier

How to manage iptables with puppet

the problem with iptables & puppet

iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT != iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT

puppet resource order is semi-random iptables resources order does really matter

Marc Fournier

How to manage iptables with puppet

the only reasonable solution

iptables iptables iptables iptables

{ { { {

"a": "b": "c": "d":

} require => Iptables["a"] } require => Iptables["b"] } require => Iptables["c"] }

inconvenient with more than a few rules a problem when rules are defined in modules

Marc Fournier

How to manage iptables with puppet

Help !

I need your opinion...

Marc Fournier

How to manage iptables with puppet