Sebastiaan Tesink
8 years ago
7 changed files with 53 additions and 20 deletions
+ 1
- 1
_modules/ufw.py
View File
| def add_rule(rule): | def add_rule(rule): | ||||
| cmd = "ufw " + rule | cmd = "ufw " + rule | ||||
| out = __salt__['cmd.run'](cmd) | out = __salt__['cmd.run'](cmd) | ||||
| # __salt__['cmd.run']("ufw reload") # why reload after adding a rule? :/ | |||||
| __salt__['cmd.run']("ufw reload") | |||||
| return out | return out |
+ 4
- 0
ufw/files/applications.d/ssh-223
View File
| [SSH223] | |||||
| title=Secure shell server, port 223 | |||||
| description=OpenSSH webscale default port 223 | |||||
| ports=223/tcp |
+ 18
- 0
ufw/files/applications.d/ufw-databaseserver
View File
| [MariaDB] | |||||
| title=MariaDB database server | |||||
| description=MariaDB is a MySQL-compatible database server. | |||||
| ports=3306/tcp | |||||
| [MySQL] | |||||
| title=MySQL database server | |||||
| description=MySQL database server. | |||||
| ports=3306/tcp | |||||
| [Postgresql] | |||||
| title=Postgresql database server | |||||
| description=Postgresql database server. | |||||
| ports=5432/tcp | |||||
+ 4
- 0
ufw/files/applications.d/ufw-munin
View File
| [Munin node] | |||||
| title=Munin node | |||||
| description=Munin is a simple monitoring system with nodes beeing queried by a central munin server. | |||||
| ports=4949/tcp |
+ 4
- 0
ufw/files/applications.d/ufw-saltmaster
View File
| [Saltmaster] | |||||
| title=salt master | |||||
| description=fast and powerfull configuration management and remote execution | |||||
| ports=4505,4506/tcp |
+ 14
- 0
ufw/files/applications.d/ufw-zabbix
View File
| [Zabbix server] | |||||
| title=Zabbix server | |||||
| description=Zabbix server listens on port 10051 | |||||
| ports=10051/tcp | |||||
| [Zabbix proxy] | |||||
| title=Zabbix proxy | |||||
| description=Zabbix proxy server listens on port 10051 | |||||
| ports=10051/tcp | |||||
| [Zabbix agent] | |||||
| title=Zabbix agent | |||||
| description=Zabbix agent listens on port 10050 | |||||
| ports=10050/tcp |
+ 8
- 19
ufw/init.sls
View File
| - mode: 644 | - mode: 644 | ||||
| - source: {{ sysctl_template }} | - source: {{ sysctl_template }} | ||||
| {%- if ufw.get('defaults', {}).get('incoming', False) %} | |||||
| ufw-default-incoming: | |||||
| ufw.default_incoming: | |||||
| - default: {{ufw.get('defaults', {}).get('incoming', 'allow')}} | |||||
| - require: | |||||
| - pkg: ufw | |||||
| {% endif %} | |||||
| {%- if ufw.get('defaults', {}).get('outgoing', False) %} | |||||
| ufw-default-outgoing: | |||||
| ufw.default_outgoing: | |||||
| - default: {{ufw.get('defaults', {}).get('outgoing', 'deny')}} | |||||
| - require: | |||||
| - pkg: ufw | |||||
| {% endif %} | |||||
| /etc/ufw/applications.d: | |||||
| file.recurse: | |||||
| - user: root | |||||
| - group: root | |||||
| - file_mode: 644 | |||||
| - clean: False | |||||
| - source: salt://ufw/files/applications.d | |||||
| # services | |||||
| {%- for service_name, service_details in ufw.get('services', {}).items() %} | {%- for service_name, service_details in ufw.get('services', {}).items() %} | ||||
| {%- for from_addr in service_details.get('from_addr', [None]) %} | {%- for from_addr in service_details.get('from_addr', [None]) %} |
Loading…