[rudder-users] How to check/configure firewall of nodes
Janos Mattyasovszky
mail at matya.eu
Mon Jul 30 08:55:36 UTC 2018
Hi,
I have had a similar problem when it was about ensuring compliance of firewalls.
The problem is, each distro/version has different methods, some have firewalld, some ufw etc.
My approach was to write a wrapper script that can do "check" and "apply", and I used an NCF Technique that executed "check" and then "apply" if check returned a problem.
Note: I wrote a simliar tooling that manages the FW with plain iptables, that can add/flush the rules and compare them to the supposed setting (using iptables -S to display all rules and I am comparing them line-by-line to an exported config file)
Regards
--
Janos Mattyasovszky
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On July 30, 2018 10:14 AM, Didier Stadelmann <dstadelmann at outlook.com> wrote:
> Hello,
>
> I am trying to manage the firewall on the nodes with Rudder, but cannot succeed. I have ufw installed on all and I only succeeded to output "ufw status" to a text file and verify that it matches with a file with a valid result.
>
> I guess there are better solution to control the open/closed port through Rudder, but how ?
>
> Thank for sharing your experience.
>
> Best regards,
>
> Meilleures salutations.
>
> Didier Stadelmann
>
> Creux-de-la-Quere 9
>
> CH-2830 Courrendlin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.rudder-project.org/pipermail/rudder-users/attachments/20180730/51c55373/attachment.html>
More information about the rudder-users
mailing list