Hi,
this is just heads-up to let you know early, that I've started working on firewalld module for Puppet recently. It's in very early stage, because I knew nothing about Puppet a week ago.
It lives here: https://github.com/jpopelka/puppet-firewalld
Testing it on Fedora is piece of cake, just get a repo file from https://copr.fedoraproject.org/coprs/jpopelka/puppet-firewalld/ and put it into /etc/yum.repos.d/ There's only rawhide-x86_64 for Fedora, but that should be fine for all Fedoras/archs, because the module is noarch.
Install the module with: # yum install puppet-firewall
Then try the included example with: # puppet apply /usr/share/doc/puppet-firewalld/examples/misc-example.pp
What the example does at the moment is: - install firewalld package - disable ip[6]table services - create a zone called "custom" with few opened ports and predefined services - set it as default zone - (re)start firewalld
Sample of documentation is here: http://jpopelka.fedorapeople.org/puppet-firewalld/doc/firewalld/zone.html
I'll be glad for any suggestions as I know very little about what Puppet can and can't do.
-- Jiri
It matters not to me, since i cannot install the new update to Firewalld. I,am still using the one that was installed by default The old fashion system used by Linux to install updates, is only used by the old school linux users, who can unpack it to the proper directory?nobody can, and then install it. Yum never opens tar.gz or tar.bz archives,returns a message and says (YUM nothing to do?) and if you cannot install an app,especially a Firewall daemon, what the hell is the sense of using it.like i said the update sytems are useless, and should be Auto installed,like Windows does it,with there install sheild, it is totally unusable by all Linux newbies, and mid level Linux users,as well. so we do not update, and cannot participate in any sharing of data to help fix any problems.I have said this over and over for years, and the same package update confusion still exists today. you should Standardize the package updating, and build auto installers,which put it in the correct Directory, and if any command line users want to install it themselves to another location, were they want it let them have the option at install, to bypass the auto install. Randy Fitzgerald
On Thu, Jun 26, 2014 at 7:19 AM, Jiri Popelka jpopelka@redhat.com wrote:
Hi,
this is just heads-up to let you know early, that I've started working on firewalld module for Puppet recently. It's in very early stage, because I knew nothing about Puppet a week ago.
It lives here: https://github.com/jpopelka/puppet-firewalld
Testing it on Fedora is piece of cake, just get a repo file from https://copr.fedoraproject.org/coprs/jpopelka/puppet-firewalld/ and put it into /etc/yum.repos.d/ There's only rawhide-x86_64 for Fedora, but that should be fine for all Fedoras/archs, because the module is noarch.
Install the module with: # yum install puppet-firewall
Then try the included example with: # puppet apply /usr/share/doc/puppet-firewalld/examples/misc-example.pp
What the example does at the moment is:
- install firewalld package
- disable ip[6]table services
- create a zone called "custom" with few opened ports and predefined
services
- set it as default zone
- (re)start firewalld
Sample of documentation is here: http://jpopelka.fedorapeople.org/puppet-firewalld/doc/firewalld/zone.html
I'll be glad for any suggestions as I know very little about what Puppet can and can't do.
-- Jiri _______________________________________________ firewalld-users mailing list firewalld-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/firewalld-users
On 06/26/2014 08:00 PM, Randy Fitzgerald wrote:
It matters not to me, since i cannot install the new update to Firewalld. I,am still using the one that was installed by default The old fashion system used by Linux to install updates, is only used by the old school linux users, who can unpack it to the proper directory?nobody can, and then install it. Yum never opens tar.gz or tar.bz http://tar.bz archives,returns a message and says (YUM nothing to do?) and if you cannot install an app,especially a Firewall daemon, what the hell is the sense of using it.like i said the update sytems are useless, and should be Auto installed,like Windows does it,with there install sheild, it is totally unusable by all Linux newbies, and mid level Linux users,as well. so we do not update, and cannot participate in any sharing of data to help fix any problems.I have said this over and over for years, and the same package update confusion still exists today. you should Standardize the package updating, and build auto installers,which put it in the correct Directory, and if any command line users want to install it themselves to another location, were they want it let them have the option at install, to bypass the auto install. Randy Fitzgerald
The tar archive is the source code. To use it you have to create a package that fits your distribution.
For Fedora there are updates available. Fedora 19 has an update to verson 0.3.9.1 and Fedora 20 has the update to 0.3.10.
It might be good to read this for basics about RPM packages: https://fedoraproject.org/wiki/How_to_create_an_RPM_package
If you want to have the latest version for an older Fedora version, then get the latest src rpm from http://koji.fedoraproject.org/koji/packageinfo?packageID=11388 and rebuild it with rpmbuild --rebuild <source rpm> . This will create packages for your Fedora version and you can update with yum update <package>
For other distributions you should have a look at their documentation...
On Thu, Jun 26, 2014 at 7:19 AM, Jiri Popelka <jpopelka@redhat.com mailto:jpopelka@redhat.com> wrote:
Hi, this is just heads-up to let you know early, that I've started working on firewalld module for Puppet recently. It's in very early stage, because I knew nothing about Puppet a week ago. It lives here: https://github.com/jpopelka/__puppet-firewalld <https://github.com/jpopelka/puppet-firewalld> Testing it on Fedora is piece of cake, just get a repo file from https://copr.fedoraproject.__org/coprs/jpopelka/puppet-__firewalld/ <https://copr.fedoraproject.org/coprs/jpopelka/puppet-firewalld/> and put it into /etc/yum.repos.d/ There's only rawhide-x86_64 for Fedora, but that should be fine for all Fedoras/archs, because the module is noarch. Install the module with: # yum install puppet-firewall Then try the included example with: # puppet apply /usr/share/doc/puppet-__firewalld/examples/misc-__example.pp What the example does at the moment is: - install firewalld package - disable ip[6]table services - create a zone called "custom" with few opened ports and predefined services - set it as default zone - (re)start firewalld Sample of documentation is here: http://jpopelka.fedorapeople.__org/puppet-firewalld/doc/__firewalld/zone.html <http://jpopelka.fedorapeople.org/puppet-firewalld/doc/firewalld/zone.html> I'll be glad for any suggestions as I know very little about what Puppet can and can't do. -- Jiri _________________________________________________ firewalld-users mailing list firewalld-users@lists.__fedorahosted.org <mailto:firewalld-users@lists.fedorahosted.org> https://lists.fedorahosted.__org/mailman/listinfo/__firewalld-users <https://lists.fedorahosted.org/mailman/listinfo/firewalld-users>
firewalld-users mailing list firewalld-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/firewalld-users
NONE OF THESE LINKS YOU SENT ME DO A DAMM THING ALL? I HAVE YUM AND YUMEX. WHEN YOU CLICK ON THESE WORTHLESS FEDORA LINK'S, YOU SENT ME, THERES NO PACKAGE THERE. JUST A SMALL PRINTED SCRIPT.THAT DOESN'T RUN. WHAT AM I TO DO WITH SOME THING LIKE THAT? AM I SUPPOSE TO OPEN THE TERMINAL, AND ENTER THIS ?WHY NO REAL YUM OR YUMEX INSTALL PACKAGE FOR FIREWALLD AND FOR FEDORA?.THERE'S NO INSTRUCTION'S FOR ANY OF WHAT YOUR TELLING ME. ONE LINK IS A GIT HUB, WHICH DOES ME NO GOOD.I WOULD STILL END UP TRYING TO UNTAR IT, UNGUNZIP IT, AND THEN THEY NEVER MAKE/INSTALL CORRECTLY. I JUST SPENT ALL DAY TRYING TO INSTALL BAUDLINE AND FFT-SPECTRA. THEY ALL DO THIS, VERY FEW OF THEM INSTALL FROM THE EXACT README INSTRUCTIONS. IT'S ALL A MADDENING MESS. FEDORA HAS YUM AND YUMEX. WHY CAN YOU NOT WRITE AND UPDATE INSTALL APP, WHICH IS REAL SIMPLE, (AND AUTO MATED)? I CANNOT BELEIVE YOU WROTE THIS AWESOME FIREWALL APP, AND YET CANNOT WRITE AN UPDATE APP, WHICH UPDATES EASILY AND SEAMLESS..JUST CALL YUM AND IT SHOULD START THE WHOLE THING, UNTIL IT INSTALLS. PLEASE INCLUDE AN ADDRESS LINK TO FIREWALLD'S UPDATE FILE, GIVE ME AN ADDRESS TO IT,EMAIL ME WITH IT, I CAN USE IT AT MY TERMINAL, I WILL DO A (YUM INSTALL) YUM WILL GO TO YOUR ADDRESS, AND GET THE FILE, AND INSTALL IT.THAT IS THE EASIEST WAY TO UPDATE. THANK YOU, VERY MUCH AGAIN, RANDY FITZGERALD.
On Thu, Jun 26, 2014 at 7:19 AM, Jiri Popelka jpopelka@redhat.com wrote:
Hi,
this is just heads-up to let you know early, that I've started working on firewalld module for Puppet recently. It's in very early stage, because I knew nothing about Puppet a week ago.
It lives here: https://github.com/jpopelka/puppet-firewalld
Testing it on Fedora is piece of cake, just get a repo file from https://copr.fedoraproject.org/coprs/jpopelka/puppet-firewalld/ and put it into /etc/yum.repos.d/ There's only rawhide-x86_64 for Fedora, but that should be fine for all Fedoras/archs, because the module is noarch.
Install the module with: # yum install puppet-firewall
Then try the included example with: # puppet apply /usr/share/doc/puppet-firewalld/examples/misc-example.pp
What the example does at the moment is:
- install firewalld package
- disable ip[6]table services
- create a zone called "custom" with few opened ports and predefined
services
- set it as default zone
- (re)start firewalld
Sample of documentation is here: http://jpopelka.fedorapeople.org/puppet-firewalld/doc/firewalld/zone.html
I'll be glad for any suggestions as I know very little about what Puppet can and can't do.
-- Jiri _______________________________________________ firewalld-users mailing list firewalld-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/firewalld-users
On 07/09/2014 12:41 AM, Randy Fitzgerald wrote:
NONE OF THESE LINKS YOU SENT ME DO A DAMM THING ALL? I HAVE YUM AND YUMEX. WHEN YOU CLICK ON THESE WORTHLESS FEDORA LINK'S, YOU SENT ME, THERES NO PACKAGE THERE. JUST A SMALL PRINTED SCRIPT.THAT DOESN'T RUN. WHAT AM I TO DO WITH SOME THING LIKE THAT? AM I SUPPOSE TO OPEN THE TERMINAL, AND ENTER THIS ?WHY NO REAL YUM OR YUMEX INSTALL PACKAGE FOR FIREWALLD AND FOR FEDORA?.THERE'S NO INSTRUCTION'S FOR ANY OF WHAT YOUR TELLING ME. ONE LINK IS A GIT HUB, WHICH DOES ME NO GOOD.I WOULD STILL END UP TRYING TO UNTAR IT, UNGUNZIP IT, AND THEN THEY NEVER MAKE/INSTALL CORRECTLY. I JUST SPENT ALL DAY TRYING TO INSTALL BAUDLINE AND FFT-SPECTRA. THEY ALL DO THIS, VERY FEW OF THEM INSTALL FROM THE EXACT README INSTRUCTIONS. IT'S ALL A MADDENING MESS. FEDORA HAS YUM AND YUMEX. WHY CAN YOU NOT WRITE AND UPDATE INSTALL APP, WHICH IS REAL SIMPLE, (AND AUTO MATED)? I CANNOT BELEIVE YOU WROTE THIS AWESOME FIREWALL APP, AND YET CANNOT WRITE AN UPDATE APP, WHICH UPDATES EASILY AND SEAMLESS..JUST CALL YUM AND IT SHOULD START THE WHOLE THING, UNTIL IT INSTALLS. PLEASE INCLUDE AN ADDRESS LINK TO FIREWALLD'S UPDATE FILE, GIVE ME AN ADDRESS TO IT,EMAIL ME WITH IT, I CAN USE IT AT MY TERMINAL, I WILL DO A (YUM INSTALL) YUM WILL GO TO YOUR ADDRESS, AND GET THE FILE, AND INSTALL IT.THAT IS THE EASIEST WAY TO UPDATE. THANK YOU, VERY MUCH AGAIN, RANDY FITZGERALD.
Dear Randy,
http://www.catb.org/esr/faqs/smart-questions.html
-- Jiri
On 06/26/2014 04:19 PM, Jiri Popelka wrote:
Hi,
this is just heads-up to let you know early, that I've started working on firewalld module for Puppet recently.
From my point of view it's able to configure all important features of firewalld (zones + rich rules, services, direct configuration, lockdown). See examples: https://github.com/jpopelka/puppet-firewalld/tree/master/examples
I pushed it to Puppet Forge (https://forge.puppetlabs.com/jpopelka/firewalld), so one can install it with # puppet module install jpopelka-firewalld or in case of Fedora/EPEL7 (only testing at this moment, but stable too in few days) with: # yum install puppet-firewalld
Documentation: http://jpopelka.fedorapeople.org/puppet-firewalld/doc/
-- Jiri
firewalld-users@lists.fedorahosted.org
-
Jiri Popelka -
Randy Fitzgerald -
Thomas Woerner