Bläddra i källkod

rearrange with test

tags/v0.2.0
Sebastiaan Tesink 8 år sedan
förälder
incheckning
ece4926b5f
7 ändrade filer med 53 tillägg och 20 borttagningar
  1. +1
    -1
      _modules/ufw.py
  2. +4
    -0
      ufw/files/applications.d/ssh-223
  3. +18
    -0
      ufw/files/applications.d/ufw-databaseserver
  4. +4
    -0
      ufw/files/applications.d/ufw-munin
  5. +4
    -0
      ufw/files/applications.d/ufw-saltmaster
  6. +14
    -0
      ufw/files/applications.d/ufw-zabbix
  7. +8
    -19
      ufw/init.sls

+ 1
- 1
_modules/ufw.py Visa fil

@@ -29,5 +29,5 @@ def set_enabled(enabled):
def add_rule(rule):
cmd = "ufw " + rule
out = __salt__['cmd.run'](cmd)
# __salt__['cmd.run']("ufw reload") # why reload after adding a rule? :/
__salt__['cmd.run']("ufw reload")
return out

+ 4
- 0
ufw/files/applications.d/ssh-223 Visa fil

@@ -0,0 +1,4 @@
[SSH223]
title=Secure shell server, port 223
description=OpenSSH webscale default port 223
ports=223/tcp

+ 18
- 0
ufw/files/applications.d/ufw-databaseserver Visa fil

@@ -0,0 +1,18 @@
[MariaDB]
title=MariaDB database server
description=MariaDB is a MySQL-compatible database server.
ports=3306/tcp

[MySQL]
title=MySQL database server
description=MySQL database server.
ports=3306/tcp

[Postgresql]
title=Postgresql database server
description=Postgresql database server.
ports=5432/tcp





+ 4
- 0
ufw/files/applications.d/ufw-munin Visa fil

@@ -0,0 +1,4 @@
[Munin node]
title=Munin node
description=Munin is a simple monitoring system with nodes beeing queried by a central munin server.
ports=4949/tcp

+ 4
- 0
ufw/files/applications.d/ufw-saltmaster Visa fil

@@ -0,0 +1,4 @@
[Saltmaster]
title=salt master
description=fast and powerfull configuration management and remote execution
ports=4505,4506/tcp

+ 14
- 0
ufw/files/applications.d/ufw-zabbix Visa fil

@@ -0,0 +1,14 @@
[Zabbix server]
title=Zabbix server
description=Zabbix server listens on port 10051
ports=10051/tcp

[Zabbix proxy]
title=Zabbix proxy
description=Zabbix proxy server listens on port 10051
ports=10051/tcp

[Zabbix agent]
title=Zabbix agent
description=Zabbix agent listens on port 10050
ports=10050/tcp

+ 8
- 19
ufw/init.sls Visa fil

@@ -29,26 +29,15 @@ ufw:
- mode: 644
- source: {{ sysctl_template }}

{%- if ufw.get('defaults', {}).get('incoming', False) %}

ufw-default-incoming:
ufw.default_incoming:
- default: {{ufw.get('defaults', {}).get('incoming', 'allow')}}
- require:
- pkg: ufw

{% endif %}

{%- if ufw.get('defaults', {}).get('outgoing', False) %}

ufw-default-outgoing:
ufw.default_outgoing:
- default: {{ufw.get('defaults', {}).get('outgoing', 'deny')}}
- require:
- pkg: ufw

{% endif %}
/etc/ufw/applications.d:
file.recurse:
- user: root
- group: root
- file_mode: 644
- clean: False
- source: salt://ufw/files/applications.d

# services
{%- for service_name, service_details in ufw.get('services', {}).items() %}

{%- for from_addr in service_details.get('from_addr', [None]) %}

Laddar…
Avbryt
Spara