salt
/
ufw-formula
forked from ExternalMirrors/ufw-formula
Watch 2
Star 0
Fork 0
Code Releases 8 Activity
Saltstack Official UFW Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19 Commits
1 Branch
Tree: fcc8a36a4c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fcc8a36a4c'
${ noResults }
ufw-formula/README.md

README.md 1.4KB
Raw Normal View History

Formula initial version
10 years ago
 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. ufw-formula

  2. ===========

  3. 

  4. This module manages your firewall using ufw with pillar configured rules.

  5. 

  6. See the full [Salt Formulas installation and usage instructions](http://docs.saltstack.com/topics/development/conventions/formulas.html).

  7. 

  8. Usage

  9. -----

  10. 

  11. All the configuration for the firewall is done via pillar (pillar.example).

  12. 

  13. Enable firewall, applying default configuration:

  14. ```javascript

  15. ufw:

  16.   enabled: True

  17. ```

  18. 

  19. Allow 80/tcp (http) traffic from only two remote addresses:

  20. ```

  21. ufw:

  22.   services:

  23.     http:

  24.       protocol: tcp

  25.       from_addr:

  26.         - 10.0.2.15

  27.         - 10.0.2.16

  28. ```

  29. 

  30. Allow 443/tcp (https) traffic from network 10.0.0.0/8 to an specific local ip:

  31. ```

  32. ufw:

  33.   services:

  34.     https:

  35.       protocol: tcp

  36.       from_addr:

  37.         - 10.0.0.0/8

  38.       to_addr: 10.0.2.1

  39. ```

  40. 

  41. Allow from a service port:

  42. ```

  43. ufw:

  44.   services:

  45.     smtp:

  46.       protocol: tcp

  47. ```

  48. 

  49. Allow from an specific port, by number:

  50. ```

  51. ufw:

  52.   services:

  53.     139:

  54.       protocol: tcp

  55. ```

  56. 

  57. Allow from a range of ports, udp:

  58. ```

  59. ufw:

  60.   services:

  61.     "10000:20000":

  62.       protocol: udp

  63. ```

  64. 

  65. Allow from two specific ports, udp:

  66. ```

  67. ufw:

  68.   services:

  69.     "30000,40000":

  70.       protocol: udp

  71. ```

  72. 

  73. Allow an application defined at /etc/ufw/applications.d/:

  74. ```

  75. ufw:

  76.   applications:

  77.     - OpenSSH

  78. ```

  79. 

  80. Authors

  81. -------

  82. 

  83. Original state and module based on the work from [Yigal Duppen](https://github.com/publysher/infra-example-nginx/tree/develop).

  84. 

  85. Salt formula developed by Mario del Pozo.

  86.