HCoop / hcoop / domtool2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: efbe5b1) | patch
fwtool: initial ipv6 support and puppet integration
authorClinton Ebadi <clinton@unknownlamer.org>
Thu, 19 Apr 2018 05:27:08 +0000 (01:27 -0400)
committerClinton Ebadi <clinton@unknownlamer.org>
Thu, 19 Apr 2018 05:27:08 +0000 (01:27 -0400)
commit93278775f0877b33c24e18cc9fa837c315d95fcc
treeef2c48cf9ccfb0748fe7b078b60014094db5ff08tree | snapshot (tar.gz zip)
parentefbe5b137d7f15040496b8f3c13969597c5972b3commit | diff
fwtool: initial ipv6 support and puppet integration

Not the prettiest, but it works.

Just duplicates the firewall between ipv4 and ipv6, making sure to
filter out any hostnames that aren't resolvable in each domain.

ProxiedServer doesn't work over IPv6 yet due to nodes not having that
information, will need to be fixed for proxied web services to work.

domtool-publish has a new action, firewallpuppet, that will reload the
firewall for our new setup (and fall back to just reloading ferm on
the current one). Further work is required for puppet; we are purging
unmanaged chains and will need to move all rules into a single chain
instead of jumping to a different chain per user.
configDefault/firewall.cfg diff | blob | blame | history
configDefault/firewall.csg diff | blob | blame | history
scripts/domtool-publish diff | blob | blame | history
src/plugins/firewall.sml diff | blob | blame | history
Unnamed repository; edit this file to name it for gitweb.