Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Several fixes for nftables::config #48

Merged
merged 4 commits into from Dec 11, 2020
Merged

Several fixes for nftables::config #48

merged 4 commits into from Dec 11, 2020

Conversation

nbarrientos
Copy link
Collaborator

@nbarrientos nbarrientos commented Dec 10, 2020
edited

A few improvements to nftables::config, derived from #45.

  • Autogenerate the statement to include chains to save templates for the simple cases
  • Actually fail if both content and source are passed (this was a TODO, I believe)
  • Remove duplicate context name
  • Kind of validate the resource title so all tests pass

This patch complements (and might conflict with) #47

@nbarrientos nbarrientos changed the title Several fixes for nftables::config Several fixes for nftables::config Dec 10, 2020
@nbarrientos nbarrientos added the enhancement New feature or request label Dec 10, 2020
@nbarrientos nbarrientos mentioned this pull request Dec 10, 2020
Merged
@duritong duritong mentioned this pull request Dec 10, 2020
Closed
duritong
duritong requested changes Dec 10, 2020
View reviewed changes
Copy link
Collaborator

@duritong duritong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

except for the additional check, all good for me.

manifests/config.pp Show resolved Hide resolved
@nbarrientos nbarrientos merged commit bacf254 into voxpupuli:master Dec 11, 2020
figless pushed a commit to figless/puppet-nftables that referenced this pull request Aug 25, 2021
@nbarrientos
Squashed 'code/' changes from 7db6f79..bc1b0f1
622bebd 
bc1b0f1 Release 1.0.0 (voxpupuli#49)
5d71ec6 Merge pull request voxpupuli#56 from traylenator/ports
94a8062 Use Stdlib::Port everywhere in place of Integer
b1085d8 Merge pull request voxpupuli#55 from traylenator/moredocs
c868cae Update manifests/set.pp
13f4e4c Docs for nftables::set
b3040dd Merge pull request voxpupuli#42 from duritong/terminology
04176b0 switch naming to puppetserver
3820575 Merge pull request voxpupuli#47 from cernops/issue45
948ebc9 Prefix custom tables with custom- so they're loaded
bacf254 Merge pull request voxpupuli#48 from cernops/config_template
c2800a3 Merge pull request voxpupuli#50 from traylenator/moretests
2075a72 Correct NFS udp and tcp port matching
cfcafde test that all classes can be included
d875244 test that bad configuration leaves service running
cba0cb8 Merge pull request voxpupuli#52 from cernops/simplerule_reference
b46c9ce Remove a blank separating the doc string and the code
c7e37bd Merge pull request voxpupuli#51 from bastelfreak/puppet7
e0be819 Enable Puppet 7 support
3fe51d6 Merge pull request voxpupuli#33 from cernops/simplerule
c5418fd Validate table spec
04f5c03 Fix context name (removes dup)
294a38f Implement intended failure
fcb1d35 Auto fill simple table configuration
4d63add Refresh REFERENCE
42e7f3e Relax type validation in template
5527702 Align template parameters
f1ef02c Encapsulate addr-related exprs in Nftables::Addr
09b07e5 Encapsulate port-related exprs in Nftables::Port
6739966 Sort template parameters alphabetically
3a469f2 Implement nftables::simplerule::saddr
abb04c9 Mention nftables::simplerule in the README
5944b9c Allow some other types of verdicts
2f28cce Document nftables::simplerule's parameters
af15de4 Recommend using nftables::rule
77abc10 Implement nftables::simplerule::sport
fb58f7b Remove double spacing
6793d28 Handle dport internally always as an array
467ea4e Lint fixes
2cc5430 Remove optional modifier on $table
2489f93 Correct error message
4ec9461 Re-document and add example
d43ced4 Implement nftables:;simplerule::counter
aaa3717 Implement nftables:;simplerule::daddr
d38aab5 Test passing a port without protocol
316bc3f Allow IPv4 and IPv6 only rules
3a52fb4 Richer dport
fb65734 s/setname/rulename
83382bb Add nftables::simplerule
f0bd879 Merge pull request voxpupuli#34 from traylenator/dedupe_flush
354a3ea Merge pull request voxpupuli#44 from traylenator/formatting
b978500 Correct layout of ignore chain example
ce22630 Remove duplicate flush on reload
03d8e69 Merge pull request voxpupuli#41 from traylenator/rubocop
139ec11 Merge pull request voxpupuli#43 from cernops/doc_typos
1330c27 Add a hint about changing default output configuration
8ded326 Fix typo in class name
4ed97e5 Add a separation between the header and the content
620da9a Add remark about the global chain
0f31ffb Fix grammatical error
1ffab17 Add full stop
7e5b657 rubocop:auto_correct fixes
da8956d Enable rubocop check
492ca83 Disable Disable TrailingCommaInArguments early
c4b1b93 Comment why firewalld_enable parameter is required (voxpupuli#40)
bd5145a Add basic configuration validation acceptance test (voxpupuli#38)

git-subtree-dir: code
git-subtree-split: bc1b0f1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@duritong duritong duritong approved these changes

@traylenator traylenator Awaiting requested review from traylenator

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@nbarrientos @duritong