cloud-mu 3.5.0 → 3.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Berksfile +5 -2
- data/Berksfile.lock +135 -0
- data/ansible/roles/mu-base/README.md +33 -0
- data/ansible/roles/mu-base/defaults/main.yml +2 -0
- data/ansible/roles/mu-base/files/check_apm.cfg +1 -0
- data/ansible/roles/mu-base/files/check_apm.sh +18 -0
- data/ansible/roles/mu-base/files/check_disk.cfg +1 -0
- data/ansible/roles/mu-base/files/check_elastic_shards.cfg +1 -0
- data/ansible/roles/mu-base/files/check_elastic_shards.sh +12 -0
- data/ansible/roles/mu-base/files/check_logstash.cfg +1 -0
- data/ansible/roles/mu-base/files/check_logstash.sh +14 -0
- data/ansible/roles/mu-base/files/check_mem.cfg +1 -0
- data/ansible/roles/mu-base/files/check_updates.cfg +1 -0
- data/ansible/roles/mu-base/files/logrotate.conf +35 -0
- data/ansible/roles/mu-base/files/nrpe-apm-sudo +1 -0
- data/ansible/roles/mu-base/files/nrpe-elasticshards-sudo +2 -0
- data/ansible/roles/mu-base/handlers/main.yml +5 -0
- data/ansible/roles/mu-base/meta/main.yml +53 -0
- data/ansible/roles/mu-base/tasks/main.yml +113 -0
- data/ansible/roles/mu-base/templates/nrpe.cfg.j2 +231 -0
- data/ansible/roles/mu-base/tests/inventory +2 -0
- data/ansible/roles/mu-base/tests/test.yml +5 -0
- data/ansible/roles/mu-base/vars/main.yml +1 -0
- data/ansible/roles/mu-compliance/README.md +33 -0
- data/ansible/roles/mu-compliance/defaults/main.yml +2 -0
- data/ansible/roles/mu-compliance/files/U_MS_Windows_Server_2016_V2R1_STIG_SCAP_1-2_Benchmark.xml +15674 -0
- data/ansible/roles/mu-compliance/files/U_MS_Windows_Server_2019_V2R1_STIG_SCAP_1-2_Benchmark.xml +17553 -0
- data/ansible/roles/mu-compliance/handlers/main.yml +2 -0
- data/ansible/roles/mu-compliance/meta/main.yml +53 -0
- data/ansible/roles/mu-compliance/tasks/main.yml +45 -0
- data/ansible/roles/mu-compliance/tests/inventory +2 -0
- data/ansible/roles/mu-compliance/tests/test.yml +5 -0
- data/ansible/roles/mu-compliance/vars/main.yml +4 -0
- data/ansible/roles/mu-elastic/README.md +51 -0
- data/ansible/roles/mu-elastic/defaults/main.yml +2 -0
- data/ansible/roles/mu-elastic/files/jvm.options +93 -0
- data/ansible/roles/mu-elastic/handlers/main.yml +10 -0
- data/ansible/roles/mu-elastic/meta/main.yml +52 -0
- data/ansible/roles/mu-elastic/tasks/main.yml +186 -0
- data/ansible/roles/mu-elastic/templates/elasticsearch.yml.j2 +110 -0
- data/ansible/roles/mu-elastic/templates/kibana.yml.j2 +131 -0
- data/ansible/roles/mu-elastic/templates/password_set.expect.j2 +19 -0
- data/ansible/roles/mu-elastic/tests/inventory +2 -0
- data/ansible/roles/mu-elastic/tests/test.yml +5 -0
- data/ansible/roles/mu-elastic/vars/main.yml +2 -0
- data/ansible/roles/mu-logstash/README.md +51 -0
- data/ansible/roles/mu-logstash/defaults/main.yml +2 -0
- data/ansible/roles/mu-logstash/files/02-beats-input.conf +5 -0
- data/ansible/roles/mu-logstash/files/10-rails-filter.conf +16 -0
- data/ansible/roles/mu-logstash/files/jvm.options +84 -0
- data/ansible/roles/mu-logstash/files/logstash.yml +304 -0
- data/ansible/roles/mu-logstash/handlers/main.yml +20 -0
- data/ansible/roles/mu-logstash/meta/main.yml +52 -0
- data/ansible/roles/mu-logstash/tasks/main.yml +254 -0
- data/ansible/roles/mu-logstash/templates/20-cloudtrail.conf.j2 +28 -0
- data/ansible/roles/mu-logstash/templates/30-elasticsearch-output.conf.j2 +19 -0
- data/ansible/roles/mu-logstash/templates/apm-server.yml.j2 +33 -0
- data/ansible/roles/mu-logstash/templates/heartbeat.yml.j2 +29 -0
- data/ansible/roles/mu-logstash/templates/nginx/apm.conf.j2 +25 -0
- data/ansible/roles/mu-logstash/templates/nginx/default.conf.j2 +56 -0
- data/ansible/roles/mu-logstash/templates/nginx/elastic.conf.j2 +27 -0
- data/ansible/roles/mu-logstash/tests/inventory +2 -0
- data/ansible/roles/mu-logstash/tests/test.yml +5 -0
- data/ansible/roles/mu-logstash/vars/main.yml +2 -0
- data/ansible/roles/mu-rdp/README.md +33 -0
- data/ansible/roles/mu-rdp/meta/main.yml +53 -0
- data/ansible/roles/mu-rdp/tasks/main.yml +9 -0
- data/ansible/roles/mu-rdp/tests/inventory +2 -0
- data/ansible/roles/mu-rdp/tests/test.yml +5 -0
- data/ansible/roles/mu-windows/tasks/main.yml +3 -0
- data/bin/mu-ansible-secret +1 -1
- data/bin/mu-aws-setup +4 -3
- data/bin/mu-azure-setup +5 -5
- data/bin/mu-configure +25 -17
- data/bin/mu-firewall-allow-clients +1 -0
- data/bin/mu-gcp-setup +3 -3
- data/bin/mu-load-config.rb +1 -0
- data/bin/mu-node-manage +66 -33
- data/bin/mu-self-update +2 -2
- data/bin/mu-upload-chef-artifacts +6 -1
- data/bin/mu-user-manage +1 -1
- data/cloud-mu.gemspec +25 -23
- data/cookbooks/firewall/CHANGELOG.md +417 -224
- data/cookbooks/firewall/LICENSE +202 -0
- data/cookbooks/firewall/README.md +153 -126
- data/cookbooks/firewall/TODO.md +6 -0
- data/cookbooks/firewall/attributes/firewalld.rb +7 -0
- data/cookbooks/firewall/attributes/iptables.rb +3 -3
- data/cookbooks/firewall/chefignore +115 -0
- data/cookbooks/firewall/libraries/helpers.rb +5 -0
- data/cookbooks/firewall/libraries/helpers_firewalld.rb +1 -1
- data/cookbooks/firewall/libraries/helpers_firewalld_dbus.rb +72 -0
- data/cookbooks/firewall/libraries/helpers_iptables.rb +3 -3
- data/cookbooks/firewall/libraries/helpers_nftables.rb +170 -0
- data/cookbooks/firewall/libraries/helpers_ufw.rb +7 -0
- data/cookbooks/firewall/libraries/helpers_windows.rb +8 -9
- data/cookbooks/firewall/libraries/provider_firewall_firewalld.rb +9 -9
- data/cookbooks/firewall/libraries/provider_firewall_iptables.rb +7 -7
- data/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu.rb +12 -8
- data/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu1404.rb +13 -9
- data/cookbooks/firewall/libraries/provider_firewall_rule.rb +1 -1
- data/cookbooks/firewall/libraries/provider_firewall_ufw.rb +5 -5
- data/cookbooks/firewall/libraries/provider_firewall_windows.rb +4 -4
- data/cookbooks/firewall/libraries/resource_firewall_rule.rb +3 -3
- data/cookbooks/firewall/metadata.json +40 -1
- data/cookbooks/firewall/metadata.rb +15 -0
- data/cookbooks/firewall/recipes/default.rb +7 -7
- data/cookbooks/firewall/recipes/disable_firewall.rb +1 -1
- data/cookbooks/firewall/recipes/firewalld.rb +87 -0
- data/cookbooks/firewall/renovate.json +18 -0
- data/cookbooks/firewall/resources/firewalld.rb +28 -0
- data/cookbooks/firewall/resources/firewalld_config.rb +39 -0
- data/cookbooks/firewall/resources/firewalld_helpers.rb +106 -0
- data/cookbooks/firewall/resources/firewalld_icmptype.rb +88 -0
- data/cookbooks/firewall/resources/firewalld_ipset.rb +104 -0
- data/cookbooks/firewall/resources/firewalld_policy.rb +115 -0
- data/cookbooks/firewall/resources/firewalld_service.rb +98 -0
- data/cookbooks/firewall/resources/firewalld_zone.rb +118 -0
- data/cookbooks/firewall/resources/nftables.rb +71 -0
- data/cookbooks/firewall/resources/nftables_rule.rb +113 -0
- data/cookbooks/mu-activedirectory/Berksfile +1 -1
- data/cookbooks/mu-activedirectory/metadata.rb +1 -1
- data/cookbooks/mu-firewall/metadata.rb +2 -2
- data/cookbooks/mu-master/Berksfile +4 -3
- data/cookbooks/mu-master/attributes/default.rb +5 -2
- data/cookbooks/mu-master/files/default/check_elastic.sh +761 -0
- data/cookbooks/mu-master/files/default/check_kibana.rb +45 -0
- data/cookbooks/mu-master/libraries/mu.rb +24 -0
- data/cookbooks/mu-master/metadata.rb +5 -5
- data/cookbooks/mu-master/recipes/default.rb +31 -20
- data/cookbooks/mu-master/recipes/firewall-holes.rb +5 -0
- data/cookbooks/mu-master/recipes/init.rb +58 -19
- data/cookbooks/mu-master/recipes/update_nagios_only.rb +251 -178
- data/cookbooks/mu-master/templates/default/nagios.conf.erb +5 -11
- data/cookbooks/mu-master/templates/default/web_app.conf.erb +3 -0
- data/cookbooks/mu-php54/Berksfile +1 -1
- data/cookbooks/mu-php54/metadata.rb +2 -2
- data/cookbooks/mu-tools/Berksfile +2 -3
- data/cookbooks/mu-tools/attributes/default.rb +3 -4
- data/cookbooks/mu-tools/files/amazon/etc/bashrc +90 -0
- data/cookbooks/mu-tools/files/amazon/etc/login.defs +292 -0
- data/cookbooks/mu-tools/files/amazon/etc/profile +77 -0
- data/cookbooks/mu-tools/files/amazon/etc/security/limits.conf +63 -0
- data/cookbooks/mu-tools/files/amazon/etc/sysconfig/init +19 -0
- data/cookbooks/mu-tools/files/amazon/etc/sysctl.conf +82 -0
- data/cookbooks/mu-tools/files/amazon-2023/etc/login.defs +294 -0
- data/cookbooks/mu-tools/files/default/logrotate.conf +35 -0
- data/cookbooks/mu-tools/files/default/nrpe_conf_d.pp +0 -0
- data/cookbooks/mu-tools/libraries/helper.rb +21 -9
- data/cookbooks/mu-tools/metadata.rb +4 -4
- data/cookbooks/mu-tools/recipes/apply_security.rb +3 -2
- data/cookbooks/mu-tools/recipes/aws_api.rb +23 -5
- data/cookbooks/mu-tools/recipes/base_repositories.rb +4 -1
- data/cookbooks/mu-tools/recipes/gcloud.rb +56 -56
- data/cookbooks/mu-tools/recipes/nagios.rb +1 -1
- data/cookbooks/mu-tools/recipes/nrpe.rb +20 -2
- data/cookbooks/mu-tools/recipes/rsyslog.rb +12 -1
- data/cookbooks/mu-tools/recipes/set_local_fw.rb +1 -1
- data/data_bags/nagios_services/apm_backend_connect.json +5 -0
- data/data_bags/nagios_services/apm_listen.json +5 -0
- data/data_bags/nagios_services/elastic_shards.json +5 -0
- data/data_bags/nagios_services/logstash.json +5 -0
- data/data_bags/nagios_services/rhel7_updates.json +8 -0
- data/extras/image-generators/AWS/centos7.yaml +1 -0
- data/extras/image-generators/AWS/rhel7.yaml +21 -0
- data/extras/image-generators/AWS/win2k12r2.yaml +1 -0
- data/extras/image-generators/AWS/win2k16.yaml +1 -0
- data/extras/image-generators/AWS/win2k19.yaml +1 -0
- data/extras/list-stock-amis +0 -0
- data/extras/ruby_rpm/muby.spec +8 -5
- data/extras/vault_tools/export_vaults.sh +1 -1
- data/extras/vault_tools/recreate_vaults.sh +0 -0
- data/extras/vault_tools/test_vaults.sh +0 -0
- data/install/deprecated-bash-library.sh +1 -1
- data/install/installer +4 -2
- data/modules/mommacat.ru +3 -1
- data/modules/mu/adoption.rb +1 -1
- data/modules/mu/cloud/dnszone.rb +2 -2
- data/modules/mu/cloud/machine_images.rb +26 -25
- data/modules/mu/cloud/resource_base.rb +213 -182
- data/modules/mu/cloud/server_pool.rb +1 -1
- data/modules/mu/cloud/ssh_sessions.rb +7 -5
- data/modules/mu/cloud/wrappers.rb +2 -2
- data/modules/mu/cloud.rb +1 -1
- data/modules/mu/config/bucket.rb +1 -1
- data/modules/mu/config/function.rb +6 -1
- data/modules/mu/config/loadbalancer.rb +24 -2
- data/modules/mu/config/ref.rb +12 -0
- data/modules/mu/config/role.rb +1 -1
- data/modules/mu/config/schema_helpers.rb +42 -9
- data/modules/mu/config/server.rb +43 -27
- data/modules/mu/config/tail.rb +19 -10
- data/modules/mu/config.rb +6 -5
- data/modules/mu/defaults/AWS.yaml +78 -114
- data/modules/mu/deploy.rb +9 -2
- data/modules/mu/groomer.rb +12 -4
- data/modules/mu/groomers/ansible.rb +104 -20
- data/modules/mu/groomers/chef.rb +15 -6
- data/modules/mu/master.rb +9 -4
- data/modules/mu/mommacat/daemon.rb +4 -2
- data/modules/mu/mommacat/naming.rb +1 -2
- data/modules/mu/mommacat/storage.rb +7 -2
- data/modules/mu/mommacat.rb +33 -6
- data/modules/mu/providers/aws/database.rb +161 -8
- data/modules/mu/providers/aws/dnszone.rb +11 -6
- data/modules/mu/providers/aws/endpoint.rb +81 -6
- data/modules/mu/providers/aws/firewall_rule.rb +254 -172
- data/modules/mu/providers/aws/function.rb +65 -3
- data/modules/mu/providers/aws/loadbalancer.rb +39 -28
- data/modules/mu/providers/aws/log.rb +2 -1
- data/modules/mu/providers/aws/role.rb +25 -7
- data/modules/mu/providers/aws/server.rb +36 -12
- data/modules/mu/providers/aws/server_pool.rb +237 -127
- data/modules/mu/providers/aws/storage_pool.rb +7 -1
- data/modules/mu/providers/aws/user.rb +1 -1
- data/modules/mu/providers/aws/userdata/linux.erb +6 -2
- data/modules/mu/providers/aws/userdata/windows.erb +7 -5
- data/modules/mu/providers/aws/vpc.rb +49 -25
- data/modules/mu/providers/aws.rb +13 -8
- data/modules/mu/providers/azure/container_cluster.rb +1 -1
- data/modules/mu/providers/azure/loadbalancer.rb +2 -2
- data/modules/mu/providers/azure/server.rb +5 -2
- data/modules/mu/providers/azure/userdata/linux.erb +1 -1
- data/modules/mu/providers/azure.rb +11 -8
- data/modules/mu/providers/cloudformation/dnszone.rb +1 -1
- data/modules/mu/providers/google/container_cluster.rb +15 -2
- data/modules/mu/providers/google/folder.rb +2 -1
- data/modules/mu/providers/google/function.rb +130 -4
- data/modules/mu/providers/google/habitat.rb +2 -1
- data/modules/mu/providers/google/loadbalancer.rb +407 -160
- data/modules/mu/providers/google/role.rb +16 -3
- data/modules/mu/providers/google/server.rb +5 -1
- data/modules/mu/providers/google/user.rb +25 -18
- data/modules/mu/providers/google/userdata/linux.erb +1 -1
- data/modules/mu/providers/google/vpc.rb +53 -7
- data/modules/mu/providers/google.rb +39 -39
- data/modules/mu.rb +8 -8
- data/modules/tests/elk.yaml +46 -0
- data/test/mu-master-test/controls/all_in_one.rb +1 -1
- metadata +207 -112
- data/cookbooks/firewall/CONTRIBUTING.md +0 -2
- data/cookbooks/firewall/MAINTAINERS.md +0 -19
- data/cookbooks/firewall/libraries/matchers.rb +0 -30
- data/extras/image-generators/AWS/rhel71.yaml +0 -17
@@ -1,7 +1,205 @@
|
|
1
|
-
firewall Cookbook CHANGELOG
|
2
|
-
|
1
|
+
# firewall Cookbook CHANGELOG
|
2
|
+
|
3
3
|
This file is used to list changes made in each version of the firewall cookbook.
|
4
4
|
|
5
|
+
## 6.3.7 - *2024-07-15*
|
6
|
+
|
7
|
+
Standardise files with files in sous-chefs/repo-management
|
8
|
+
|
9
|
+
Standardise files with files in sous-chefs/repo-management
|
10
|
+
|
11
|
+
## 6.3.6 - *2024-05-06*
|
12
|
+
|
13
|
+
## 6.3.5 - *2024-05-06*
|
14
|
+
|
15
|
+
Added support for firewalld zone attribute
|
16
|
+
|
17
|
+
## 6.3.4 - *2023-12-21*
|
18
|
+
|
19
|
+
## 6.3.3 - *2023-09-28*
|
20
|
+
|
21
|
+
## 6.3.2 - *2023-09-04*
|
22
|
+
|
23
|
+
## 6.3.1 - *2023-08-30*
|
24
|
+
|
25
|
+
## 6.3.0 - *2023-08-01*
|
26
|
+
|
27
|
+
- Default to `firewalld` on EL8
|
28
|
+
|
29
|
+
## 6.2.18 - *2023-07-31*
|
30
|
+
|
31
|
+
Fixes typo in FORWARD chain of nftables default ruleset
|
32
|
+
|
33
|
+
## 6.2.17 - *2023-07-10*
|
34
|
+
|
35
|
+
## 6.2.16 - *2023-05-17*
|
36
|
+
|
37
|
+
## 6.2.15 - *2023-04-26*
|
38
|
+
|
39
|
+
Update CI runner to MacOS 12
|
40
|
+
|
41
|
+
## 6.2.14 - *2023-04-17*
|
42
|
+
|
43
|
+
## 6.2.13 - *2023-04-11*
|
44
|
+
|
45
|
+
Fix documentation to pass markdown lint
|
46
|
+
|
47
|
+
## 6.2.12 - *2023-04-07*
|
48
|
+
|
49
|
+
Standardise files with files in sous-chefs/repo-management
|
50
|
+
|
51
|
+
## 6.2.11 - *2023-04-04*
|
52
|
+
|
53
|
+
Fixed a typo in the readme
|
54
|
+
|
55
|
+
## 6.2.10 - *2023-04-01*
|
56
|
+
|
57
|
+
## 6.2.9 - *2023-04-01*
|
58
|
+
|
59
|
+
## 6.2.8 - *2023-04-01*
|
60
|
+
|
61
|
+
Standardise files with files in sous-chefs/repo-management
|
62
|
+
|
63
|
+
Standardise files with files in sous-chefs/repo-management
|
64
|
+
|
65
|
+
## 6.2.7 - *2023-03-02*
|
66
|
+
|
67
|
+
## 6.2.6 - *2023-02-23*
|
68
|
+
|
69
|
+
Standardise files with files in sous-chefs/repo-management
|
70
|
+
|
71
|
+
## 6.2.5 - *2023-02-16*
|
72
|
+
|
73
|
+
Standardise files with files in sous-chefs/repo-management
|
74
|
+
|
75
|
+
## 6.2.4 - *2023-02-15*
|
76
|
+
|
77
|
+
Standardise files with files in sous-chefs/repo-management
|
78
|
+
|
79
|
+
## 6.2.3 - *2022-12-08*
|
80
|
+
|
81
|
+
Standardise files with files in sous-chefs/repo-management
|
82
|
+
|
83
|
+
## 6.2.2 - *2022-12-08*
|
84
|
+
|
85
|
+
Standardise files with files in sous-chefs/repo-management
|
86
|
+
|
87
|
+
## 6.2.1 - *2022-12-02*
|
88
|
+
|
89
|
+
## 6.2.0 - *2022-12-02*
|
90
|
+
|
91
|
+
- Add support for for the description attribute when using UFW
|
92
|
+
|
93
|
+
## 6.1.0 - *2022-09-15*
|
94
|
+
|
95
|
+
- Add filepath selection based on OS for nftables.conf
|
96
|
+
|
97
|
+
## 6.0.2 - *2022-05-15*
|
98
|
+
|
99
|
+
Standardise files with files in sous-chefs/repo-management
|
100
|
+
|
101
|
+
## 6.0.1 - *2022-05-13*
|
102
|
+
|
103
|
+
- Standardise files with files in sous-chefs/repo-management
|
104
|
+
|
105
|
+
## 6.0.0 - *2022-05-09*
|
106
|
+
|
107
|
+
- Values for firewalld resources must be specified as one would
|
108
|
+
specify them to `firewall-cmd`.
|
109
|
+
- Do not use begin/rescue blocks when adding firewalld-objects, as
|
110
|
+
that resulted in errors being logged by firewalld.
|
111
|
+
- Various bug fixes that were found along the way.
|
112
|
+
|
113
|
+
## 5.1.0 - *2022-05-07*
|
114
|
+
|
115
|
+
- Add new providers for firewalld using the dbus-interface of firewalld.
|
116
|
+
|
117
|
+
## 5.0.0 - *2022-04-20*
|
118
|
+
|
119
|
+
- Add support for nftables
|
120
|
+
|
121
|
+
## 4.0.3 - *2022-04-11*
|
122
|
+
|
123
|
+
- Use resuable workflows instead of Chef Delivery
|
124
|
+
|
125
|
+
## 4.0.2 - *2022-02-17*
|
126
|
+
|
127
|
+
- Standardise files with files in sous-chefs/repo-management
|
128
|
+
- Remove delivery folder
|
129
|
+
|
130
|
+
## 4.0.1 - *2022-01-07*
|
131
|
+
|
132
|
+
- Remove extraneous task file that's no longer needed
|
133
|
+
|
134
|
+
## 4.0.0 - *2021-09-09*
|
135
|
+
|
136
|
+
- Remove dependency on chef-sugar cookbook
|
137
|
+
- Bump to require Chef Infra Client >= 15.5 for chef-utils
|
138
|
+
- Update metadata and README to Sous Chefs
|
139
|
+
|
140
|
+
## 3.0.2 - *2021-08-30*
|
141
|
+
|
142
|
+
- Standardise files with files in sous-chefs/repo-management
|
143
|
+
|
144
|
+
## 3.0.1 - *2021-07-08*
|
145
|
+
|
146
|
+
- Restart netfilter service in iptables mode after updating firewall rules
|
147
|
+
|
148
|
+
## 3.0.0 - *2021-06-14*
|
149
|
+
|
150
|
+
- Add Amazon Linux support
|
151
|
+
- Fix firewall resource actions list
|
152
|
+
- First attempt to modernize testing
|
153
|
+
- Various Cookstyle fixes
|
154
|
+
|
155
|
+
## 2.7.1 - *2021-06-01*
|
156
|
+
|
157
|
+
- resolved cookstyle error: libraries/helpers_windows.rb:47:9 convention: `Style/RedundantAssignment`
|
158
|
+
- resolved cookstyle error: libraries/helpers_windows.rb:48:9 convention: `Layout/IndentationWidth`
|
159
|
+
- resolved cookstyle error: libraries/helpers_windows.rb:49:16 convention: `Layout/ElseAlignment`
|
160
|
+
- resolved cookstyle error: libraries/helpers_windows.rb:50:9 convention: `Layout/IndentationWidth`
|
161
|
+
- resolved cookstyle error: libraries/helpers_windows.rb:51:16 warning: `Layout/EndAlignment`
|
162
|
+
- resolved cookstyle error: libraries/helpers_windows.rb:52:1 convention: `Layout/EmptyLinesAroundMethodBody`
|
163
|
+
- resolved cookstyle error: libraries/helpers_windows.rb:52:1 convention: `Layout/TrailingWhitespace`
|
164
|
+
- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:30:5 refactor: `ChefModernize/ActionMethodInResource`
|
165
|
+
- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:54:5 refactor: `ChefModernize/ActionMethodInResource`
|
166
|
+
- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:114:5 refactor: `ChefModernize/ActionMethodInResource`
|
167
|
+
- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:136:5 refactor: `ChefModernize/ActionMethodInResource`
|
168
|
+
- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:149:5 refactor: `ChefModernize/ActionMethodInResource`
|
169
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables.rb:33:5 refactor: `ChefModernize/ActionMethodInResource`
|
170
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables.rb:63:5 refactor: `ChefModernize/ActionMethodInResource`
|
171
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables.rb:112:5 refactor: `ChefModernize/ActionMethodInResource`
|
172
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables.rb:134:5 refactor: `ChefModernize/ActionMethodInResource`
|
173
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu.rb:34:5 refactor: `ChefModernize/ActionMethodInResource`
|
174
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu.rb:67:5 refactor: `ChefModernize/ActionMethodInResource`
|
175
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu.rb:133:5 refactor: `ChefModernize/ActionMethodInResource`
|
176
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu.rb:156:5 refactor: `ChefModernize/ActionMethodInResource`
|
177
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu1404.rb:34:5 refactor: `ChefModernize/ActionMethodInResource`
|
178
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu1404.rb:67:5 refactor: `ChefModernize/ActionMethodInResource`
|
179
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu1404.rb:133:5 refactor: `ChefModernize/ActionMethodInResource`
|
180
|
+
- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu1404.rb:156:5 refactor: `ChefModernize/ActionMethodInResource`
|
181
|
+
- resolved cookstyle error: libraries/provider_firewall_rule.rb:24:5 refactor: `ChefModernize/ActionMethodInResource`
|
182
|
+
- resolved cookstyle error: libraries/provider_firewall_ufw.rb:32:5 refactor: `ChefModernize/ActionMethodInResource`
|
183
|
+
- resolved cookstyle error: libraries/provider_firewall_ufw.rb:61:5 refactor: `ChefModernize/ActionMethodInResource`
|
184
|
+
- resolved cookstyle error: libraries/provider_firewall_ufw.rb:102:5 refactor: `ChefModernize/ActionMethodInResource`
|
185
|
+
- resolved cookstyle error: libraries/provider_firewall_ufw.rb:115:5 refactor: `ChefModernize/ActionMethodInResource`
|
186
|
+
- resolved cookstyle error: libraries/provider_firewall_windows.rb:29:5 refactor: `ChefModernize/ActionMethodInResource`
|
187
|
+
- resolved cookstyle error: libraries/provider_firewall_windows.rb:42:5 refactor: `ChefModernize/ActionMethodInResource`
|
188
|
+
- resolved cookstyle error: libraries/provider_firewall_windows.rb:97:5 refactor: `ChefModernize/ActionMethodInResource`
|
189
|
+
- resolved cookstyle error: libraries/provider_firewall_windows.rb:118:5 refactor: `ChefModernize/ActionMethodInResource`
|
190
|
+
- resolved cookstyle error: attributes/iptables.rb:8:54 refactor: `ChefStyle/AttributeKeys`
|
191
|
+
- resolved cookstyle error: attributes/iptables.rb:8:54 convention: `Style/StringLiteralsInInterpolation`
|
192
|
+
- resolved cookstyle error: attributes/iptables.rb:8:63 refactor: `ChefStyle/AttributeKeys`
|
193
|
+
- resolved cookstyle error: attributes/iptables.rb:8:64 convention: `Style/StringLiteralsInInterpolation`
|
194
|
+
- resolved cookstyle error: attributes/iptables.rb:9:56 refactor: `ChefStyle/AttributeKeys`
|
195
|
+
- resolved cookstyle error: attributes/iptables.rb:9:56 convention: `Style/StringLiteralsInInterpolation`
|
196
|
+
- resolved cookstyle error: attributes/iptables.rb:9:65 refactor: `ChefStyle/AttributeKeys`
|
197
|
+
- resolved cookstyle error: attributes/iptables.rb:9:66 convention: `Style/StringLiteralsInInterpolation`
|
198
|
+
- resolved cookstyle error: attributes/iptables.rb:10:55 refactor: `ChefStyle/AttributeKeys`
|
199
|
+
- resolved cookstyle error: attributes/iptables.rb:10:55 convention: `Style/StringLiteralsInInterpolation`
|
200
|
+
- resolved cookstyle error: attributes/iptables.rb:10:64 refactor: `ChefStyle/AttributeKeys`
|
201
|
+
- resolved cookstyle error: attributes/iptables.rb:10:65 convention: `Style/StringLiteralsInInterpolation`
|
202
|
+
|
5
203
|
## 2.7.0 (2018-12-19)
|
6
204
|
|
7
205
|
- Nominal support for Debian 9 (#202)
|
@@ -10,286 +208,281 @@ This file is used to list changes made in each version of the firewall cookbook.
|
|
10
208
|
|
11
209
|
- use platform_family instead of platform to include all rhels
|
12
210
|
|
13
|
-
v2.6.4 (2018-07-01)
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
v2.6.3 (2018-02-01)
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
v2.6.2 (2017-06-01)
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
v2.6.1 (2017-04-21)
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
v2.6.0 (2017-04-17)
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
v2.5.4 (2017-02-13)
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
v2.5.3 (2016-10-26)
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
v2.5.2 (2016-06-02)
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
v2.5.1 (2016-05-31)
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
v2.5.0 (2016-03-08)
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
v2.4.0 (2016-01-28)
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
* Remove testing ranges of ports on CentOS 5.x, as it's broken there.
|
99
|
-
|
100
|
-
v2.2.0 (2015-11-02)
|
101
|
-
-------------------
|
211
|
+
## v2.6.4 (2018-07-01)
|
212
|
+
|
213
|
+
- Stop including chef-sugar when it's >= 4.0.0 (#197)
|
214
|
+
|
215
|
+
## v2.6.3 (2018-02-01)
|
216
|
+
|
217
|
+
- Fix issue with deep merging of hashes and arrays in recent chef release (#185)
|
218
|
+
|
219
|
+
## v2.6.2 (2017-06-01)
|
220
|
+
|
221
|
+
- Incorrect file checking on Ubuntu, double file write (#173)
|
222
|
+
- Added testing on CentOS 6.9
|
223
|
+
- Clarify metadata that we're not working on Amazon Linux (#172)
|
224
|
+
|
225
|
+
## v2.6.1 (2017-04-21)
|
226
|
+
|
227
|
+
- Add recipe to disable firewall (#164)
|
228
|
+
|
229
|
+
## v2.6.0 (2017-04-17)
|
230
|
+
|
231
|
+
- Initial Chef 13.x support (#160, #159)
|
232
|
+
- Allow loopback and icmp, when enabled (#161)
|
233
|
+
- Address various newer rubocop and foodcritic complaints
|
234
|
+
- Convert rule provider away from DSL (#159)
|
235
|
+
|
236
|
+
## v2.5.4 (2017-02-13)
|
237
|
+
|
238
|
+
- Update Test Kitchen platforms to the latest
|
239
|
+
- Update copyright headers
|
240
|
+
- Allow package options to be passed through to the package install for firewall
|
241
|
+
- Define policy for Windows Firewall and use the attributes to set desired policy
|
242
|
+
|
243
|
+
## v2.5.3 (2016-10-26)
|
244
|
+
|
245
|
+
- Don't show firewall resource as updated (#133)
|
246
|
+
- Add :off as a valid logging level (#129)
|
247
|
+
- Add support for Ubuntu 16.04 (#149)
|
248
|
+
|
249
|
+
## v2.5.2 (2016-06-02)
|
250
|
+
|
251
|
+
- Don't issue commands when firewalld isn't active (#140)
|
252
|
+
- Install iptables-services on CentOS >= 7 (#131)
|
253
|
+
- Update Ruby version on Travis for listen gem
|
254
|
+
|
255
|
+
## v2.5.1 (2016-05-31)
|
256
|
+
|
257
|
+
- Protocol guard incorrectly prevents "none" protocol type on UFW helper (#128)
|
258
|
+
- Fix wrongly ordered conditional for converting ports to strings using port_to_s
|
259
|
+
- Fix notify_firewall attribute crashing firewall_rule provider (#130)
|
260
|
+
- Add warning if firewall rule opens all traffic (#132)
|
261
|
+
- Add ipv6 attribute respect to Ubuntu iptables (#138)
|
262
|
+
|
263
|
+
## v2.5.0 (2016-03-08)
|
264
|
+
|
265
|
+
- Don't modify parameter for port (#120)
|
266
|
+
- Remove a reference to the wrong variable name under windows (#123)
|
267
|
+
- Add support for mobile shell default firewall rule (#121)
|
268
|
+
- New rubocop rules and style fixes
|
269
|
+
- Correct a README.md example for `action :allow`
|
270
|
+
|
271
|
+
## v2.4.0 (2016-01-28)
|
272
|
+
|
273
|
+
- Expose default iptables ruleset so that raw rules can be used in conjunction with rulesets for other tables (#101).
|
274
|
+
|
275
|
+
## v2.3.1 (2016-01-08)
|
276
|
+
|
277
|
+
- Add raw rule support to the ufw firewall provider (#113).
|
278
|
+
|
279
|
+
## v2.3.0 (2015-12-23)
|
280
|
+
|
281
|
+
- Refactor logic so that firewall rules don't add a string rule to the firewall when their actions run. Just run the action once on the firewall itself. This is designed to prevent partial application of rules (#106)
|
282
|
+
|
283
|
+
- Switch to "enabled" (positive logic) instead of "disabled" (negative logic) on the firewall resource. It was difficult to reason with "disabled false" for some complicated recipes using firewall downstream. `disabled` is now deprecated.
|
284
|
+
|
285
|
+
- Add proper Windows testing and serverspec tests back into this cookbook.
|
286
|
+
|
287
|
+
- Fix the `port_to_s` function so it also works for Windows (#111)
|
288
|
+
|
289
|
+
- Fix typo checking action instead of command in iptables helper (#112)
|
290
|
+
|
291
|
+
- Remove testing ranges of ports on CentOS 5.x, as it's broken there.
|
292
|
+
|
293
|
+
## v2.2.0 (2015-11-02)
|
294
|
+
|
102
295
|
Added permanent as default option for RHEL 7 based systems using firewall-cmd.
|
103
296
|
This defaults to turned off, but it will be enabled by default on the next major version bump.
|
104
297
|
|
105
|
-
v2.1.0 (2015-10-15)
|
106
|
-
|
298
|
+
## v2.1.0 (2015-10-15)
|
299
|
+
|
107
300
|
Minor feature release.
|
108
|
-
* Ensure ICMPv6 is open when `['firewall']['allow_established']` is set to true (the default). ICMPv6 is critical for most IPv6 operations.
|
109
301
|
|
110
|
-
|
111
|
-
|
302
|
+
- Ensure ICMPv6 is open when `['firewall']['allow_established']` is set to true (the default). ICMPv6 is critical for most IPv6 operations.
|
303
|
+
|
304
|
+
## v2.0.5 (2015-10-05)
|
305
|
+
|
112
306
|
Minor bugfix release.
|
113
|
-
* Ensure provider filtering always yields 1 and only 1 provider, #97 & #98
|
114
|
-
* Documentation update #96
|
115
307
|
|
116
|
-
|
117
|
-
|
308
|
+
- Ensure provider filtering always yields 1 and only 1 provider, #97 & #98
|
309
|
+
- Documentation update #96
|
310
|
+
|
311
|
+
## v2.0.4 (2015-09-23)
|
312
|
+
|
118
313
|
Minor bugfix release.
|
119
|
-
* Allow override of filter chain policies, #94
|
120
|
-
* Fix foodcrtitic and chefspec errors
|
121
314
|
|
122
|
-
|
123
|
-
|
315
|
+
- Allow override of filter chain policies, #94
|
316
|
+
- Fix foodcrtitic and chefspec errors
|
317
|
+
|
318
|
+
## v2.0.3 (2015-09-14)
|
319
|
+
|
124
320
|
Minor bugfix release.
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
v1.4.0 (2015-06-30)
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
* #60 - Always add /32 or /128 to ipv4 or ipv6 addresses, respectively.
|
321
|
+
|
322
|
+
- Fix wrong conditional for firewalld ports, #93
|
323
|
+
- Fix ipv6 command logic under iptables, #91
|
324
|
+
|
325
|
+
## v2.0.2 (2015-09-08)
|
326
|
+
|
327
|
+
- Release with working CI, Chefspec matchers.
|
328
|
+
|
329
|
+
## v2.0.1 (2015-09-01)
|
330
|
+
|
331
|
+
- Add default related/established rule for iptables
|
332
|
+
|
333
|
+
## v2.0.0 (2015-08-31)
|
334
|
+
|
335
|
+
- 84, major rewrite
|
336
|
+
- Allow relative positioning of rules
|
337
|
+
- Use delayed notifications to create one firewall ruleset instead of incremental changes
|
338
|
+
- Remove poise dependency
|
339
|
+
- #82 - Introduce Windows firewall support and test-kitchen platform
|
340
|
+
- #73 - Add the option to disable ipv6 commands on iptables
|
341
|
+
- #78 - Use Chef-12 style `provides` to address provider mapping issues
|
342
|
+
- Rubocop and foodcritic cleanup
|
343
|
+
|
344
|
+
## v1.6.1 (2015-07-24)
|
345
|
+
|
346
|
+
- 80 - Remove an extra space in port range
|
347
|
+
|
348
|
+
## v1.6.0 (2015-07-15)
|
349
|
+
|
350
|
+
- 68 - Install firewalld when it does not exist
|
351
|
+
- 72 - Fix symbol that was a string, breaking comparisons
|
352
|
+
|
353
|
+
## v1.5.2 (2015-07-15)
|
354
|
+
|
355
|
+
- 75 - Use correct service in iptables save action, Add serverspec tests for iptables suite
|
356
|
+
|
357
|
+
## v1.5.1 (2015-07-13)
|
358
|
+
|
359
|
+
- 74 - add :save matcher for Chefspec
|
360
|
+
|
361
|
+
## v1.5.0 (2015-07-06)
|
362
|
+
|
363
|
+
- 70 - Add chef service resource to ensure firewall-related services are enabled/disabled
|
364
|
+
- Add testing and support for iptables on ubuntu in iptables provider
|
365
|
+
|
366
|
+
## v1.4.0 (2015-06-30)
|
367
|
+
|
368
|
+
- 69 - Support for CentOS/RHEL 5.x
|
369
|
+
|
370
|
+
## v1.3.0 (2015-06-09)
|
371
|
+
|
372
|
+
- 63 - Add support for protocol numbers
|
373
|
+
|
374
|
+
## v1.2.0 (2015-05-28)
|
375
|
+
|
376
|
+
- 64 - Support the newer version of poise
|
377
|
+
|
378
|
+
## v1.1.2 (2015-05-19)
|
379
|
+
|
380
|
+
- 60 - Always add /32 or /128 to ipv4 or ipv6 addresses, respectively
|
186
381
|
- Make comment quoting optional; iptables on Ubuntu strips quotes on strings without any spaces
|
187
382
|
|
188
|
-
v1.1.1 (2015-05-11)
|
189
|
-
|
190
|
-
|
383
|
+
## v1.1.1 (2015-05-11)
|
384
|
+
|
385
|
+
- 57 - Suppress warning: already initialized constant XXX while Chefspec
|
386
|
+
|
387
|
+
## v1.1.0 (2015-04-27)
|
388
|
+
|
389
|
+
- 56 - Better ipv6 support for firewalld and iptables
|
390
|
+
- 54 - Document raw parameter
|
191
391
|
|
192
|
-
v1.
|
193
|
-
-------------------
|
194
|
-
* #56 - Better ipv6 support for firewalld and iptables
|
195
|
-
* #54 - Document raw parameter
|
392
|
+
## v1.0.2 (2015-04-03)
|
196
393
|
|
197
|
-
|
198
|
-
-------------------
|
199
|
-
* #52 - Typo in :masquerade action name
|
394
|
+
- 52 - Typo in :masquerade action name
|
200
395
|
|
201
|
-
v1.0.1 (2015-03-28)
|
202
|
-
-------------------
|
203
|
-
* #49 - Fix position attribute of firewall_rule providers to be correctly used as a string in commands
|
396
|
+
## v1.0.1 (2015-03-28)
|
204
397
|
|
205
|
-
|
206
|
-
-------------------
|
207
|
-
* Major upgrade and rewrite as HWRP using poise
|
208
|
-
* Adds support for iptables and firewalld
|
209
|
-
* Modernize tests and other files
|
210
|
-
* Fix many bugs from ufw defaults to multiport suppot
|
398
|
+
- 49 - Fix position attribute of firewall_rule providers to be correctly used as a string in commands
|
211
399
|
|
212
|
-
|
213
|
-
--------------------
|
214
|
-
* Corrects issue where on a secondary converge would not distinguish between inbound and outbound rules
|
400
|
+
## v1.0.0 (2015-03-25)
|
215
401
|
|
402
|
+
- Major upgrade and rewrite as HWRP using poise
|
403
|
+
- Adds support for iptables and firewalld
|
404
|
+
- Modernize tests and other files
|
405
|
+
- Fix many bugs from ufw defaults to multiport suppot
|
406
|
+
|
407
|
+
## v0.11.8 (2014-05-20)
|
408
|
+
|
409
|
+
- Corrects issue where on a secondary converge would not distinguish between inbound and outbound rules
|
410
|
+
|
411
|
+
## v0.11.6 (2014-02-28)
|
216
412
|
|
217
|
-
v0.11.6 (2014-02-28)
|
218
|
-
--------------------
|
219
413
|
[COOK-4385] - UFW provider is broken
|
220
414
|
|
415
|
+
## v0.11.4 (2014-02-25)
|
221
416
|
|
222
|
-
v0.11.4 (2014-02-25)
|
223
|
-
--------------------
|
224
417
|
[COOK-4140] Only notify when a rule is actually added
|
225
418
|
|
419
|
+
## v0.11.2
|
226
420
|
|
227
|
-
v0.11.2
|
228
|
-
-------
|
229
421
|
### Bug
|
230
|
-
- **[COOK-3615](https://tickets.opscode.com/browse/COOK-3615)** - Install required UFW package on Debian
|
231
422
|
|
232
|
-
|
233
|
-
|
423
|
+
- [COOK-3615]: Install required UFW package on Debian
|
424
|
+
|
425
|
+
## v0.11.0
|
426
|
+
|
234
427
|
### Improvement
|
428
|
+
|
235
429
|
- [COOK-2932]: ufw providers work on debian but cannot be used
|
236
430
|
|
237
|
-
v0.10.2
|
238
|
-
|
431
|
+
## v0.10.2
|
432
|
+
|
239
433
|
- [COOK-2250] - improve readme
|
240
434
|
|
241
|
-
v0.10.0
|
242
|
-
|
435
|
+
## v0.10.0
|
436
|
+
|
243
437
|
- [COOK-1234] - allow multiple ports per rule
|
244
438
|
|
245
|
-
v0.9.2
|
246
|
-
|
439
|
+
## v0.9.2
|
440
|
+
|
247
441
|
- [COOK-1615] - Firewall example docs have incorrect direction syntax
|
248
442
|
|
249
|
-
v0.9.0
|
250
|
-
|
443
|
+
## v0.9.0
|
444
|
+
|
251
445
|
The default action for firewall LWRP is now :enable, the default action for firewall_rule LWRP is now :reject. This is in line with a "default deny" policy.
|
252
446
|
|
253
447
|
- [COOK-1429] - resolve foodcritic warnings
|
254
448
|
|
255
|
-
v0.8.0
|
256
|
-
|
449
|
+
## v0.8.0
|
450
|
+
|
257
451
|
- refactor all resources and providers into LWRPs
|
258
452
|
- removed :reset action from firewall resource (couldn't find a good way to make it idempotent)
|
259
453
|
- removed :logging action from firewall resource...just set desired level via the log_level attribute
|
260
454
|
|
261
|
-
v0.6.0
|
262
|
-
|
455
|
+
## v0.6.0
|
456
|
+
|
263
457
|
- [COOK-725] Firewall cookbook firewall_rule LWRP needs to support logging attribute.
|
264
458
|
- Firewall cookbook firewall LWRP needs to support :logging
|
265
459
|
|
266
|
-
v0.5.7
|
267
|
-
|
460
|
+
## v0.5.7
|
461
|
+
|
268
462
|
- [COOK-696] Firewall cookbook firewall_rule LWRP needs to support interface
|
269
463
|
- [COOK-697] Firewall cookbook firewall_rule LWRP needs to support the direction for the rules
|
270
464
|
|
271
|
-
v0.5.6
|
272
|
-
|
465
|
+
## v0.5.6
|
466
|
+
|
273
467
|
- [COOK-695] Firewall cookbook firewall_rule LWRP needs to support destination port
|
274
468
|
|
275
|
-
v0.5.5
|
276
|
-
|
469
|
+
## v0.5.5
|
470
|
+
|
277
471
|
- [COOK-709] fixed :nothing action for the 'firewall_rule' resource.
|
278
472
|
|
279
|
-
v0.5.4
|
280
|
-
|
473
|
+
## v0.5.4
|
474
|
+
|
281
475
|
- [COOK-694] added :reject action to the 'firewall_rule' resource.
|
282
476
|
|
283
|
-
v0.5.3
|
284
|
-
|
477
|
+
## v0.5.3
|
478
|
+
|
285
479
|
- [COOK-698] added :reset action to the 'firewall' resource.
|
286
480
|
|
287
|
-
v0.5.2
|
288
|
-
|
289
|
-
- Add missing 'requires' statements. fixes 'NameError: uninitialized constant' error.
|
290
|
-
|
481
|
+
## v0.5.2
|
482
|
+
|
483
|
+
- Add missing 'requires' statements. fixes 'NameError: uninitialized constant' error. Thanks to Ernad Husremović for the fix.
|
484
|
+
|
485
|
+
## v0.5.0
|
291
486
|
|
292
|
-
v0.5.0
|
293
|
-
------
|
294
487
|
- [COOK-686] create firewall and firewall_rule resources
|
295
488
|
- [COOK-687] create UFW providers for all resources
|