This branch is 209 commits ahead of webscale-formulas/ufw-formula:master.

Name	Name	Last commit message	Last commit date
Latest commit myii chore(gemfile.lock): update to latest gem versions (2022-W28) [skip ci] Jul 17, 2022 e9ba697 · Jul 17, 2022 History 223 Commits
.github/workflows	.github/workflows	ci(workflows/commitlint): add to repo [skip ci]	May 4, 2020
_modules	_modules	Handle test mode when enabling ufw	Mar 9, 2018
_states	_states	Adds "Rule inserted" validation	May 2, 2018
bin	bin	chore(gemfile.lock): update to latest gem versions (2022-W28) [skip ci]	Jul 17, 2022
docs	docs	ci(pre-commit): finalise `rstcheck` configuration [skip ci]	Oct 10, 2020
test	test	chore(gemfile.lock): update to latest gem versions (2022-W28) [skip ci]	Jul 17, 2022
ufw	ufw	chore(salt-lint): ignore violation [skip ci]	Feb 12, 2022
.gitignore	.gitignore	ci(kitchen+ci): update with latest CVE pre-salted images [skip ci]	Oct 5, 2021
.gitlab-ci.yml	.gitlab-ci.yml	ci: update `pre-commit` configuration inc. for pre-commit.ci [skip ci]	Jun 8, 2022
.pre-commit-config.yaml	.pre-commit-config.yaml	ci: update `pre-commit` configuration inc. for pre-commit.ci [skip ci]	Jun 8, 2022
.rstcheck.cfg	.rstcheck.cfg	chore(pre-commit): use `info` report level for `rstcheck` [skip ci]	May 20, 2021
.rubocop.yml	.rubocop.yml	ci: update linters to latest versions [skip ci]	Feb 12, 2022
.salt-lint	.salt-lint	ci(travis): update `salt-lint` config for `v0.0.10` [skip ci]	Oct 23, 2019
.travis.yml	.travis.yml	ci: update `pre-commit` configuration inc. for pre-commit.ci [skip ci]	Jun 8, 2022
.yamllint	.yamllint	ci: add Debian 11 Bullseye & update `yamllint` configuration [skip ci]	Jul 18, 2021
AUTHORS.md	AUTHORS.md	chore(release): 0.5.7 [skip ci]	Sep 10, 2020
CHANGELOG.md	CHANGELOG.md	chore(release): 0.5.7 [skip ci]	Sep 10, 2020
CODEOWNERS	CODEOWNERS	ci(kitchen+ci): update with `3004` pre-salted images/boxes [skip ci]	Nov 23, 2021
FORMULA	FORMULA	chore(release): 0.5.7 [skip ci]	Sep 10, 2020
Gemfile	Gemfile	chore(gemfile.lock): update to latest gem versions (2022-W22) [skip ci]	May 30, 2022
Gemfile.lock	Gemfile.lock	chore(gemfile.lock): update to latest gem versions (2022-W28) [skip ci]	Jul 17, 2022
LICENSE	LICENSE	feat(semantic-release): implement an automated changelog	May 13, 2019
commitlint.config.js	commitlint.config.js	chore(commitlint): add `{body,footer,header}-max(-line)-length` [skip…	Oct 7, 2020
kitchen.yml	kitchen.yml	ci: update `pre-commit` configuration inc. for pre-commit.ci [skip ci]	Jun 8, 2022
pillar.example	pillar.example	feat(yamllint): include for this repo and apply rules throughout	Aug 16, 2019
pre-commit_semantic-release.sh	pre-commit_semantic-release.sh	chore(semantic-release): replace broken `m2r` with `m2r2` [skip ci]	Jan 17, 2022
release-rules.js	release-rules.js	feat(semantic-release): implement an automated changelog	May 13, 2019
release.config.js	release.config.js	ci(gitlab-ci): use GitLab CI as Travis CI replacement	Dec 16, 2020

Repository files navigation

ufw-formula

Formula to set up and configure ufw

Table of Contents

General notes
Contributing to this repo
Available states
Usage
Testing

General notes

See the full SaltStack Formulas installation and usage instructions.

If you are interested in writing or contributing to formulas, please pay attention to the Writing Formula Section.

If you want to use this formula, please pay attention to the FORMULA file and/or git tag, which contains the currently released version. This formula is versioned according to Semantic Versioning.

See Formula Versioning Section for more details.

Contributing to this repo

Commit message formatting is significant!!

Please see How to contribute for more details.

`ufw`

Installs and configures the ufw package.

`ufw.package`

Installs the ufw package.

`ufw.config`

This state manages the file ufw.conf under /etc/ufw (template found in "ufw/files"). The configuration is populated by values in "ufw/map.jinja" based on the package's default values (and RedHat, Debian, Suse and Arch family distribution specific values), which can then be overridden by values of the same name in pillar.

Usage

All the configuration for the firewall is done via pillar (pillar.example).

Enable firewall, applying default configuration:

ufw:
  enabled: True

Allow 80/tcp (http) traffic from only two remote addresses:

ufw:
  services:
    http:
      protocol: tcp
      from_addr:
        - 10.0.2.15
        - 10.0.2.16

Allow 443/tcp (https) traffic from network 10.0.0.0/8 to an specific local ip:

ufw:
  services:
    https:
      protocol: tcp
      from_addr:
        - 10.0.0.0/8
      to_addr: 10.0.2.1

Allow from a service port:

ufw:
  services:
    smtp:
      protocol: tcp

Allow from an specific port, by number:

ufw:
  services:
    139:
      protocol: tcp

Allow from a range of ports, udp:

ufw:
  services:
    "10000:20000":
      protocol: udp

Allow from a range of ports, tcp and udp

ufw:
  services:
    "10000:20000/tcp":
      to_port: "10000:20000"
      protocol: tcp
    "10000:20000/udp":
      to_port: "10000:20000"
      protocol: udp

Allow from two specific ports, udp:

ufw:
  services:
    "30000,40000":
      protocol: udp

Allow an application defined at /etc/ufw/applications.d/:

ufw:
  applications:
    - OpenSSH

Testing

Linux testing is done with kitchen-salt.

Requirements

Ruby
Docker

$ gem install bundler
$ bundle install
$ bin/kitchen test [platform]

Where [platform] is the platform name defined in kitchen.yml, e.g. debian-9-2019-2-py3.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

ufw-formula

General notes

Contributing to this repo

Available states

`ufw`

`ufw.package`

`ufw.config`

Usage

Testing

Requirements

`bin/kitchen converge`

`bin/kitchen verify`

`bin/kitchen destroy`

`bin/kitchen test`

`bin/kitchen login`

About

Releases 12

Packages

Languages

License

saltstack-formulas/ufw-formula

Folders and files

Latest commit

History

Repository files navigation

ufw-formula

About

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Languages