iptables-formula

Commit Graph

Author	SHA1	Message	Date
Nate Bohman	49aecda6f4	Merge branch 'master' of ssh://git.natrinicle.com/ExternalMirrors/iptables-formula Updating from upstream	5 years ago
Dzmitry Stremkouski	9633592374	Fixing travis for openstack kitchen driver installer Change-Id: I8ee6b47000515199adb58c97d337ec6f59b243f0	6 years ago
Dzmitry Stremkouski	1ca901c8b7	Setting up openstack tests for iptables formula Change-Id: Ib924de131cca35052b50555c280484ef0161ebaa	6 years ago
Martin Polreich	43899058c8	Freeze inspec version for salt-formulas tests - in inspec >= 3.0.0 there are changes in schema which require to have tests/integration dir to contain tests, otherwise fails - this is temporary workaround until we decide proper fix Change-Id: I6a1153afa5a8a7f9799347d2f2f3f1fd3d570b8f	6 years ago
Dzmitry Stremkouski	e353ce3c49	Refactor from the scratch Customer-Found Prod-Related: CEEMCP-19 Prod-Related: PROD-22620 Change-Id: Ib14838becc409c2f735d93b5fa8a8ead6ea1a5ec	6 years ago
Nate Bohman	8188337922	Python2->3 Iteritems Fix chain for loop was using iteritems which isn't available in Python3 anymore and was throwing an exception when run with Salt on Python3.	6 years ago
Dzmitry Stremkouski	1a1e8c7db2	Unhardcode tables for chains. There is a way to manage tables in rules, but there is no way to manage tables for chains when setting policy. Looks like pillar structure is bad from the beginning and to not break backward compatibility, as same chain names may occur in different tables, so it is proposed to check if 'chain.policy' is map. And if it is, specific policies would be ensured for specific tables, otherwise table 'filter' would be used as a fallback. To ensure chains in specific tables we iterate over all rules in each chain. This hash is valid: parameters: iptables: service: enabled: true chain: OUTPUT: policy: ACCEPT FORWARD: policy: - table: mangle policy: DROP INPUT: policy: - table: nat policy: ACCEPT rules: - jump: ACCEPT protocol: icmp POSTROUTING: rules: - jump: MASQUERADE protocol: icmp out_interface: ens3 table: nat Prod-Related: CEEMCP-12 Prod-Related: EME-313 Change-Id: Ib5ba97dad165d3ef2dec7e053b391ea36a996103	6 years ago
Martin Polreich	ef40020390	Fix Python version for Travis CI tests Change-Id: I6b37adb81766abd2f27da7ada7ba14681b47e07f	6 years ago
Petr Michalec	331f53265f	Merge "Add Salt 2018.3 tests"	6 years ago
Ondrej Smola	ad8648f61f	Merge "Create all chains before any rules"	6 years ago
Sergio Lystopad	d22315fbb9	Create all chains before any rules If some rules references other chains that are not yet present state fails. Make sure all chains are created before any rules by configuring requirement constraint. Change-Id: Iaf506919f330ff962891baab8132c3b46c49a47c Closes-Bug: PROD-18821	6 years ago
Martin Polreich	b20ab4e912	Add Salt 2018.3 tests Change-Id: I3fe9e15a42b12265524403b466c5016d1de86e93	6 years ago
Petr Michalec	e1b3f134d9	Update metadata.yml with correct URL Change-Id: I9a9053e3771d920ecfea30115bd6191c0c6959f6	6 years ago
Dzmitry Stremkouski	c01bfc9661	Unsafe grains call in iptables formula fix state iptables.rules may fail if grains_yaml is None Change-Id: Ibd59c33345f1af97267a7632d3e5b64d885c41e8	6 years ago
Petr Michalec	33df4d643a	Merge "Use new image for kitchen tests"	6 years ago
Martin Polreich	7b1db85555	Use new image for kitchen tests Change-Id: Iba7d940b7d909b8f70fe6b7490ce5149ad3cdbb4	6 years ago
Filip Pytloun	e4ab920a0c	Update Makefile	6 years ago
Jakub Josef	d1e9ae8d50	Fixed shebang kernel limitation with virtualenv during test run (https://github.com/pypa/virtualenv/issues/596 ) Change-Id: I268199df924a742f14d1c965b96eb7c5ef30d70a	6 years ago
Filip Pytloun	6ea72ab16c	Merge "Remove salt-master, reclass from pkg dependencis"	6 years ago
Petr Michalec	d2b9d4165e	Merge "Optimize kitchen tests for Travis CI"	6 years ago
Petr Michalec	e93b4732b4	Remove salt-master, reclass from pkg dependencis Change-Id: Ifd4fe5d0fa70a891169c7214c24f1d8b80bfc039	6 years ago
Martin Polreich	9c7f975282	Optimize kitchen tests for Travis CI Change-Id: Ie0cacec0eb6c69349db7a12a0a79965c6069ae7c	6 years ago
Jakub Josef	8227efbf22	Fixed typo in run_tests.sh file Change-Id: I8e14a443b25155465efcec80f6568d7c5a717c2b	7 years ago
Piotr Pieprzycki	7df3a168f8	Pillar that cointains string variables throw jinja error (#15 ) * change file mode to 644 * change file mode to 644 * Fix problem with stringvariable in pillar	7 years ago
Piotr Pieprzycki	63f4e9bdfc	Changed file permissions - fix (#14 ) * change file mode to 644 * change file mode to 644	7 years ago
Filip Pytloun	2a8f4002c7	Merge pull request #13 from ppieprzycki/master New parameters	7 years ago
Piotr Pieprzycki	91ac149b2b	added README example	7 years ago
Piotr Pieprzycki	166f97e199	new parameters allowed in pillar	7 years ago
Dmitry Stremkouski	afb406c73f	Adding comment option to iptables rule Change-Id: I9d93052cfc197a364b42240448344d5543e8805f	7 years ago
Martin Polreich	df842db008	Fix name in .kitchen.travis.yml file Change-Id: I07d6d020f629c9c34bb31e5ed81654b528fe3fcc	7 years ago
Martin Polreich	0278d2572f	Update .travis.yml and .kitchen.yml files for parallel testing Change-Id: I9f1df379fbceab316598ad1f683c0b516aa2cff6	7 years ago
Dennis Dmitriev	ba33a7e003	Update run_tests.sh to the latest revision Change-Id: I93c3c26a65a233ea0b3854e98efa04df02028858	7 years ago
Michel Nederlof	dd2d4cfe84	Allow custom chains to be present (#12 ) * Allow custom chains to be present, other than the INPUT, FORWARD, OUTPUT default chains. * Adding missing endif * Require the packages to be installed first. * Test should use rules as key, not rule. * Making it a array list, instead of a dict. * convert rules to a list instead of a dict. * Only if policy is defined, include this statement. * Only ensure chains if not container :) * The chain is only ensured if we are not a container. * Do not run at all for containers.	7 years ago
Filip Pytloun	2983e19198	Merge pull request #11 from Martin819/master Update .travis.yml and notififcations	7 years ago
Martin Polreich	b53b238af4	Update .travis.yml and notififcations	7 years ago
Filip Pytloun	1a7868bfc8	Merge pull request #10 from nmadhok/patch-1 Correct parameters spelling	7 years ago
Nitin Madhok	574663ad67	Correct parameters spelling	7 years ago
Filip Pytloun	8530cf58a3	Merge pull request #9 from Martin819/master Update Travis Notifications and disable sending email notifications	7 years ago
Martin819	4cbbe3b028	Update Travis Notifications and disable sending email notifications	7 years ago
Martin819	054f300a2b	add travis condition to only send notifications for master branch	7 years ago
Filip Pytloun	7d221cdfa1	Merge pull request #7 from Martin819/master Add travis condition to only send notifications for master branch [WIP]	7 years ago
Martin819	e07d0a9bf7	add travis condition to only send notifications for master branch	7 years ago
Martin819	12850467ee	Testing Travis Notifications - This should fail	7 years ago
Filip Pytloun	b297b20c1b	Merge pull request #5 from Martin819/master show 'make test' errors in Travis	7 years ago
Martin819	fe6e787ab2	added travis notifications	7 years ago
Martin819	f7613e483c	show 'make test' errors in Travis	7 years ago
Filip Pytloun	9de11c6172	Merge pull request #4 from Martin819/master Added Kitchen tests and Travis	7 years ago
Martin819	1d6f0a8182	Added Kitchen tests and Travis	7 years ago
Dennis van Dok	3bee76dcd6	add the option to specify the family per rule to support ipv6 (#3 ) Closes: #2 * add the option to specify the family per rule to support ipv6 * include policy updates for ipv6 * update documentation to mention ipv6 * Make ipv6 optional; remove spurious tabs from the readme. * set ipv6 policies only if ipv6 is enabled on the host and not explicitly turned off for this service	7 years ago
Filip Pytloun	b817b3596f	Unify Makefile, .gitignore and update readme	7 years ago

1 2

68 Commits (master) All Branches Search

68 Commits (master)

All Branches