Howdy, all –
At the recent training/meetup in Austin, it came up that there’s been some
discussion on the need for firewall management. In that light, Tippr is
releasing the cookbook we use for Shorewall-based iptables configuration.
Our repository is available at
Patches, feedback, and the like would be appreciated; there’s some extremely
low-hanging fruit (such as support for operating systems other than CentOS)
available to be plucked. That said, we’ve been using this cookbook in
production for some time, and it works well for us.
The README should give a taste of the capabilities – we provide helpers
which use search to identify systems which should be placed in zones or to
which specific firewall rules should apply. That said, it should be possible
to use this cookbook in a chef-solo environment by avoiding search-related
functionality (some of the defaults, particularly the definition of the
lan zone, may need to be overridden for this purpose).
Thanks, and enjoy!