Hi, i actually try to work with the puppetlabs firewall. I am also working with vagrant, so port 22 has to be opened all the time. But I want to reject any further connection possibilities.
Working with puppetlabs-firewall 1.1.3 and puppet 2.7.23 So the perfekt way for me would be to work with Inversion, like: (https://github.com/puppetlabs/puppetlabs-firewall/blob/master/README.markdown#rule-inversion) firewall { '000 drop all except TCP 22': action => 'drop', iniface => 'eth0', proto => '! TCP' port => ['! 22'], } But this does not work. Always an error that these are no possible arguments. If i work with firewall { '000 drop all': action => 'drop', iniface => 'eth0', proto => 'all' } and firewall { '000 accept TCP 22': action => 'accept', iniface => 'eth0', proto => 'tcp' port => [22], } the connection is lost, and i could not connect via port 22 again. Could somebody help me? Do not know how to handle this situation. Greets, Marco -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/1699ea1e-47c0-4813-bb43-505c2ce0ce73%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
