Book Image

Learning Puppet Security

Book Image

Learning Puppet Security

Overview of this book

Table of Contents (17 chapters)
Learning Puppet Security
About the Author
About the Reviewers

The firewall type

The primary type provided and used in the firewall module is the firewall type. This type contains a whole slew of parameters that allow you to configure every aspect of the firewall rules. This is necessary because the base iptables software has many options that you can pass to rules. To model rules successfully, the underlying type and provider needs to support all of the features that you can do on the command line. This results in a very large parameter set. A summary of some of the most commonly used parameters as of Version 1.2.0 are described in the following table:




This provides the action to be taken on the packet. This can be one of the accept parameter that allows the packets, the reject parameter that denies the packet and ends an ICMP unreachable code, or the drop parameter that silently drops the packet. These options are lowercase unlike in iptables where they are uppercase.


This is the iptables chain that this...