blob: 6c9d7e60f4a4f006035ced6789f1031df5178dbc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
class profiles::firewall {
ensure_packages ([
'iptables-persistent',
'fail2ban',
], { ensure => installed })
file { '/etc/iptables/rules.v4':
source => 'puppet:///modules/profiles/firewall/rules.v4',
} ~> exec { 'reload firewall':
command => '/usr/share/netfilter-persistent/plugins.d/15-ip4tables restart',
refreshonly => true,
}
service { 'fail2ban':
ensure => running,
enable => true,
}
}
|