Sebastiaan Tesink
il y a 8 ans
7 fichiers modifiés avec 53 ajouts et 20 suppressions
+ 1
- 1
_modules/ufw.py
Voir le fichier
| @@ -29,5 +29,5 @@ def set_enabled(enabled): | |||
| def add_rule(rule): | |||
| cmd = "ufw " + rule | |||
| out = __salt__['cmd.run'](cmd) | |||
| # __salt__['cmd.run']("ufw reload") # why reload after adding a rule? :/ | |||
| __salt__['cmd.run']("ufw reload") | |||
| return out | |||
+ 4
- 0
ufw/files/applications.d/ssh-223
Voir le fichier
| @@ -0,0 +1,4 @@ | |||
| [SSH223] | |||
| title=Secure shell server, port 223 | |||
| description=OpenSSH webscale default port 223 | |||
| ports=223/tcp | |||
+ 18
- 0
ufw/files/applications.d/ufw-databaseserver
Voir le fichier
| @@ -0,0 +1,18 @@ | |||
| [MariaDB] | |||
| title=MariaDB database server | |||
| description=MariaDB is a MySQL-compatible database server. | |||
| ports=3306/tcp | |||
| [MySQL] | |||
| title=MySQL database server | |||
| description=MySQL database server. | |||
| ports=3306/tcp | |||
| [Postgresql] | |||
| title=Postgresql database server | |||
| description=Postgresql database server. | |||
| ports=5432/tcp | |||
+ 4
- 0
ufw/files/applications.d/ufw-munin
Voir le fichier
| @@ -0,0 +1,4 @@ | |||
| [Munin node] | |||
| title=Munin node | |||
| description=Munin is a simple monitoring system with nodes beeing queried by a central munin server. | |||
| ports=4949/tcp | |||
+ 4
- 0
ufw/files/applications.d/ufw-saltmaster
Voir le fichier
| @@ -0,0 +1,4 @@ | |||
| [Saltmaster] | |||
| title=salt master | |||
| description=fast and powerfull configuration management and remote execution | |||
| ports=4505,4506/tcp | |||
+ 14
- 0
ufw/files/applications.d/ufw-zabbix
Voir le fichier
| @@ -0,0 +1,14 @@ | |||
| [Zabbix server] | |||
| title=Zabbix server | |||
| description=Zabbix server listens on port 10051 | |||
| ports=10051/tcp | |||
| [Zabbix proxy] | |||
| title=Zabbix proxy | |||
| description=Zabbix proxy server listens on port 10051 | |||
| ports=10051/tcp | |||
| [Zabbix agent] | |||
| title=Zabbix agent | |||
| description=Zabbix agent listens on port 10050 | |||
| ports=10050/tcp | |||
+ 8
- 19
ufw/init.sls
Voir le fichier
| @@ -29,26 +29,15 @@ ufw: | |||
| - mode: 644 | |||
| - source: {{ sysctl_template }} | |||
| {%- if ufw.get('defaults', {}).get('incoming', False) %} | |||
| ufw-default-incoming: | |||
| ufw.default_incoming: | |||
| - default: {{ufw.get('defaults', {}).get('incoming', 'allow')}} | |||
| - require: | |||
| - pkg: ufw | |||
| {% endif %} | |||
| {%- if ufw.get('defaults', {}).get('outgoing', False) %} | |||
| ufw-default-outgoing: | |||
| ufw.default_outgoing: | |||
| - default: {{ufw.get('defaults', {}).get('outgoing', 'deny')}} | |||
| - require: | |||
| - pkg: ufw | |||
| {% endif %} | |||
| /etc/ufw/applications.d: | |||
| file.recurse: | |||
| - user: root | |||
| - group: root | |||
| - file_mode: 644 | |||
| - clean: False | |||
| - source: salt://ufw/files/applications.d | |||
| # services | |||
| {%- for service_name, service_details in ufw.get('services', {}).items() %} | |||
| {%- for from_addr in service_details.get('from_addr', [None]) %} | |||
Chargement…