Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master

Jan 04, 2011

  1. Ken Barber

    Mistakes in markdown for README.

    authored January 04, 2011
  2. Ken Barber

    Fix up module installation instructions to be a bit more relevant.

    authored January 04, 2011

Oct 29, 2010

  1. Ken Barber

    Change module name to bobsh-iptables fo the forge.

    authored October 29, 2010
  2. Ken Barber

    Cycle master branch revision to be 1.3.0prealpha for next revision de…

    …velopment.
    authored October 29, 2010
  3. Ken Barber

    Increment version in modulefile for 1.2.0 release.

    authored October 29, 2010

Oct 27, 2010

  1. Ken Barber

    Fixed 2.6.x compatibility.

    authored October 28, 2010

Sep 01, 2010

  1. Sharif Nassar

    Add the ability to specify a hostname for source or destination

    authored August 31, 2010

Jul 19, 2010

  1. Ken Barber

    Fix for issues #2 and #3 in github. Avoid reloads for empty icmp fiel…

    …ds, and fix sport/dport ordering.
    authored July 19, 2010

Jul 01, 2010

  1. Ken Barber

    Increase revision of module to 1.1.0 for next release.

    authored July 01, 2010
  2. Ken Barber

    Test for state_types.

    authored July 01, 2010
  3. Ken Barber

    Add test for dcarley's new multiple source patch.

    authored July 01, 2010
  4. Ken Barber

    Fixed bug where icmp-type is not valid - it was still trying to run t…

    …he rule.
    authored July 01, 2010
  5. Dan Carley

    Add support for multiple sources

     - Relatively "low touch" approach for providing multiple sources as an
       array. Useful in conjunction with extlookup.
     - The same approach could be used to implement multiple destinations,
       with a little rejigging. Sources are more useful IMHO though.
     - Replace string concatenation with an array. Makes changing the
       arguments of the string at the end of initialize() easier.
     - No unit tests yet.
    authored July 01, 2010
  6. Dan Carley

    Remove the notion of "full" and "alt" rules

     - I can't reproduce a scenario whereby `iptables-save` omits the `-m
       <proto>` argument of an existing rule. Without any documentation as
       to why this behaviour was first introduced I'm going to conclude that
       it is no longer required for the sake of slightly cleaner code.
    authored July 01, 2010
  7. Dan Carley

    Fix repeated refresh if `-j REJECT` is used without `--with-reject`

    authored July 01, 2010

Jun 30, 2010

  1. Dan Carley

    Support for multiple state values

     - We have support for multiple `state` values as an array but it's
       masked from the Puppet DSL due to `newvalues`. Remove this and
       provide documentation by way of the param description.
    authored June 30, 2010
  2. Dan Carley

    Fix CARP/VRRP support on some platforms

     - Some platforms resolve `getprotobynumber(112)` to "carp" instead of
       "vrrp". This causes rules to be constantly reloaded. Transparently
       rewrite this back to "vrrp".
    authored June 30, 2010
  3. Dan Carley

    Add persist (iptables-save) command for Gentoo

     - Use `/etc/init.d/iptables save` on Gentoo.
     - Match strings rather than regexes which may be partial.
    authored June 30, 2010
  4. Dan Carley

    Logging fixes

     - Strip newline in load_current_rules().
     - Describe what each executed command is doing in terms of
       create/delete/save.
     - Current table rules weren't displayed correctly.
     - Produce err() if there's no iptables-save command specified.
    authored June 30, 2010
  5. Dan Carley

    Replace \t indentation with 2 space characters.

    authored June 30, 2010

Jun 25, 2010

  1. Ken Barber

    Spelling mistake.

    authored June 25, 2010
  2. Ken Barber

    Convert symbolic names to numbers for comparison. Added tests for thi…

    …s, and added Rakefile for running all tests.
    authored June 25, 2010

Jun 23, 2010

  1. Ken Barber

    Added tests; Stop persisting in noop mode; Cleanup docs.

    authored June 23, 2010

Jun 04, 2010

  1. Fix for OS detection case sensitivity - basically I downcase the fact…

    …er return and only look for lowercase responses.
    authored June 04, 2010

Apr 22, 2010

  1. Ken Barber

    Apply check for nil to ensure we don't throw an error on an unknown OS.

    authored April 22, 2010
  2. seph

    better syntax for system calls

    authored April 22, 2010
  3. seph

    multiplatform support for iptables-save

    It's still a little hokey, but now there's a framework
    for multiplatform support.
    authored April 22, 2010

Apr 21, 2010

  1. seph

    readme

    authored April 21, 2010
  2. seph

    /sbin/service is a redhat'ism, converted to a debian thing

    authored April 21, 2010
  3. seph

    needed a .to_s

    authored April 21, 2010
  4. seph

    renamed modules to lib, per current puppet recommendations

    authored April 21, 2010

Apr 20, 2010

  1. Ken Barber

    Added REDIRECT --toports and --tosource. Added --comments support. Pe…

    …rsist changes with iptables save.
    authored April 20, 2010

Oct 10, 2009

  1. Ruben Kerkhof

    Add REDIRECT support

    authored October 10, 2009

Sep 24, 2009

  1. Marc Fournier

    iptables: added -j MASQUERADE option

    authored September 24, 2009

Sep 12, 2009

  1. Marc Fournier

    improves parameter validation of "state" option

    authored September 12, 2009
Something went wrong with that request. Please try again.