this is just heads-up to let you know early, that I've started working
on firewalld module for Puppet recently.
It's in very early stage, because I knew nothing about Puppet a week ago.
It lives here:
Testing it on Fedora is piece of cake, just get a repo file from
and put it into /etc/yum.repos.d/
There's only rawhide-x86_64 for Fedora, but that should be fine for all
Fedoras/archs, because the module is noarch.
Install the module with:
# yum install puppet-firewall
Then try the included example with:
# puppet apply /usr/share/doc/puppet-firewalld/examples/misc-example.pp
What the example does at the moment is:
- install firewalld package
- disable iptable services
- create a zone called "custom" with few opened ports and predefined
- set it as default zone
- (re)start firewalld
Sample of documentation is here:
I'll be glad for any suggestions as I know very little about what Puppet
can and can't do.
First, appreciate your work on firewalld.
A configuration flag to set where to log to rather than just being forced
A utility to check main configuration file (/etc/firewalld/firewalld.conf).
A utility to check/show warnings on user created service files.
What's the purpose of the *INPUT_direct* custom-chain in the
filter/INPUT chain? Is this the recommended chain to use when inserting
custom rules via the --direct option? Is it sort of like, to keep