|
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 |
- # Ufw Salt Formula
-
- [](https://travis-ci.org/aanriot/ufw-formula)
-
- This module manages your firewall using ufw with pillar configured rules.
-
- See the full [Salt Formulas installation and usage instructions](http://docs.saltstack.com/topics/development/conventions/formulas.html).
-
- ## Usage
-
- All the configuration for the firewall is done via pillar (pillar.example).
-
- Enable firewall, applying default configuration:
- ```javascript
- ufw:
- enabled: True
- ```
-
- Allow 80/tcp (http) traffic from only two remote addresses:
- ```
- ufw:
- services:
- http:
- protocol: tcp
- from_addr:
- - 10.0.2.15
- - 10.0.2.16
- ```
-
- Allow 443/tcp (https) traffic from network 10.0.0.0/8 to an specific local ip:
- ```
- ufw:
- services:
- https:
- protocol: tcp
- from_addr:
- - 10.0.0.0/8
- to_addr: 10.0.2.1
- ```
-
- Allow from a service port:
- ```
- ufw:
- services:
- smtp:
- protocol: tcp
- ```
-
- Allow from an specific port, by number:
- ```
- ufw:
- services:
- 139:
- protocol: tcp
- ```
-
- Allow from a range of ports, udp:
- ```
- ufw:
- services:
- "10000:20000":
- protocol: udp
- ```
-
- Allow from two specific ports, udp:
- ```
- ufw:
- services:
- "30000,40000":
- protocol: udp
- ```
-
- Allow an application defined at /etc/ufw/applications.d/:
- ```
- ufw:
- applications:
- - OpenSSH
- ```
-
- ## Run tests
-
- This formula is tested with [Kitchen](https://kitchen.ci/) and [Inspec](https://www.inspec.io/) in a Docker container.
-
- To run tests you need to
-
- * install Ruby dependencies : `bundle install`
- * run Kitchen : `kitchen test`
-
- ## Authors
-
- Original state and module based on the work from [Yigal Duppen](https://github.com/publysher/infra-example-nginx/tree/develop).
-
- Salt formula originally developed by Mario del Pozo.
-
|
