From 582968d8f7eac67a37de9983c55381e3e2f7ed5a Mon Sep 17 00:00:00 2001 From: "Benjamin M. Hughes" Date: Sun, 7 Mar 2021 20:43:00 +0000 Subject: [PATCH] Documentation update Signed-off-by: Ben Hughes --- documentation/iptables_chain.md | 21 +++++++++++--------- documentation/iptables_packages.md | 11 +++++++---- documentation/iptables_rule.md | 19 ++++++++++-------- documentation/iptables_service.md | 31 ++++++++++++++++++++---------- 4 files changed, 51 insertions(+), 31 deletions(-) diff --git a/documentation/iptables_chain.md b/documentation/iptables_chain.md index df6af6d..817e43c 100644 --- a/documentation/iptables_chain.md +++ b/documentation/iptables_chain.md @@ -1,4 +1,4 @@ -[back to resource list](https://github.com/chef-cookbooks/iptables#resources) +[Back to resource list](https://github.com/chef-cookbooks/iptables/tree/master/README.md#resources) --- @@ -12,21 +12,24 @@ As this is an accumalator pattern resource not declaring a chain will have it re ## Actions -`:create` +- `:create` +- `:delete` ## Properties | Name | Type | Default | Description | Allowed Values | --------------------------------- | ----------- | -------- | ----------- | -------------- | +| `config_file` | `String` | The default location on disk of the config file, see resource for details | The full path to find the rules on disk | | +| `owner` | `String` | `root` | Owner of the saved output file | | +| `group` | `String` | `root` | Group of the saved output file | | +| `mode` | `String` | `0644` | Permissions on the saved output file | | +| `template` | `source_template` | `iptables.erb` | Source template to use to create the rules | | +| `cookbook` | `String` | `iptables` | Source cookbook to find the template in | | +| `sensitive` | `true, false` | `false` | mark the resource as senstive | | +| `ip_version` | `Symbol`, `String` | `:ipv4` | The IP version | `:ipv4`, `:ipv6` | | `table` | `Symbol` | `:filter` | The table the chain should exist on | `:filter`, `:mangle`, `:nat`, `:raw`, `:security` | | `chain` | `Symbol` | `nil` | The name of the Chain | | | `value` | `String` | `ACCEPT [0:0]` | The default action and the Packets : Bytes count | | -| `ip_version` | `Symbol` | `:ipv4` | The IP version | `:ipv4`, `:ipv6` | -| `file_mode` | `String` | `0644` | Permissions on the saved output file | | -| `source_template` | `source_template` | `iptables.erb` | Source template to use to create the rules | | -| `cookbook` | `String` | `iptables` | Source cookbook to find the template in | | -| `sensitive` | `true, false` | `false` | mark the resource as senstive | | -| `config_file` | `String` | The default location on disk of the config file, see resource for details | The full path to find the rules on disk | | ## Examples @@ -43,7 +46,7 @@ Create a custom chain ```ruby iptables_chain 'filter' do table :filter - chain :LOGGIMG + chain :LOGGING value '- [0:0]' end ``` diff --git a/documentation/iptables_packages.md b/documentation/iptables_packages.md index f2bc6c4..eb1a89f 100644 --- a/documentation/iptables_packages.md +++ b/documentation/iptables_packages.md @@ -1,4 +1,4 @@ -[back to resource list](https://github.com/chef-cookbooks/iptables#resources) +[Back to resource list](https://github.com/chef-cookbooks/iptables/tree/master/README.md#resources) --- @@ -8,14 +8,17 @@ The `iptables_packages` resource can be used to install the required packages fo ## Actions -`:install` -`:remove` +- `:install` +- `:purge` +- `:reconfig` +- `:remove` +- `:upgrade` ## Properties | Name | Type | Default | Description | Allowed Values | --------------------------------- | ----------- | -------- | ----------- | -------------- | -| `package_names` | `Array` | Correct packages for platfrom | List of packages required for this cookbook to work | | +| `package_names` | `Array` | Correct packages for platfrom | List of packages required for this cookbook to work | | ## Examples diff --git a/documentation/iptables_rule.md b/documentation/iptables_rule.md index 966077f..4f62d19 100644 --- a/documentation/iptables_rule.md +++ b/documentation/iptables_rule.md @@ -1,4 +1,4 @@ -[back to resource list](https://github.com/chef-cookbooks/iptables#resources) +[Back to resource list](https://github.com/chef-cookbooks/iptables/tree/master/README.md#resources) --- @@ -14,15 +14,23 @@ If the property `line` is used all other properties around configuring the iptab ## Actions -`:create` +- `:create` +- `:delete` ## Properties | Name | Type | Default | Description | Allowed Values | --------------------------------- | ----------- | -------- | ----------- | -------------- | +| `config_file` | `String` | The default location on disk of the config file, see resource for details | The full path to find the rules on disk | | +| `owner` | `String` | `root` | Owner of the saved output file | | +| `group` | `String` | `root` | Group of the saved output file | | +| `mode` | `String` | `0644` | Permissions on the saved output file | | +| `template` | `source_template` | `iptables.erb` | Source template to use to create the rules | | +| `cookbook` | `String` | `iptables` | Source cookbook to find the template in | | +| `sensitive` | `true, false` | `false` | mark the resource as senstive | | | `table` | `Symbol` | `:filter` | The table the chain exists on for the rule | `:filter`, `:mangle`, `:nat`, `:raw`, `:security` | | `chain` | `Symbol` | `nil` | The name of the Chain to put this rule on | | -| `ip_version` | `Symbol`, `String` | `:ipv4` | The IP version | `:ipv4`, `:ipv6`, `ipv4`, `ipv6` | +| `ip_version` | `Symbol`, `String` | `:ipv4` | The IP version | `:ipv4`, `:ipv6`, `ipv4`, `ipv6` | | `protocol` | `Symbol`, `String`, `Integer` | | The protocol to look for | | | `match` | `String` | | extended packet matching module to use | | | `source` | `String` | | Source specification. Address can be either a network name, a hostname (please note that specifying any name to be resolved with a remote query such as DNS is a really bad idea), a network IP address (with /mask), or a plain IP address. The mask can be either a network mask or a plain number, specifying the number of 1's at the left side of the network mask. Thus, a mask of 24 is equivalent to 255.255.255.0. A "!" argument before the address specification inverts the sense of the address. | | @@ -36,11 +44,6 @@ If the property `line` is used all other properties around configuring the iptab | `line` | `String` | | Specify the entire line yourself, overrides all other options | | | `extra_options` | `String` | | Pass in extra arguments which are not available directly, useful with modules | | | `comment` | `String` | | A comment to put on the rule | | -| `file_mode` | `String` | `0644` | Permissions on the saved output file | | -| `source_template` | `source_template` | `iptables.erb` | Source template to use to create the rules | | -| `cookbook` | `String` | `iptables` | Source cookbook to find the template in | | -| `sensitive` | `true, false` | `false` | mark the resource as senstive | | -| `config_file` | `String` | The default location on disk of the config file, see resource for details | The full path to find the rules on disk | | ## Examples diff --git a/documentation/iptables_service.md b/documentation/iptables_service.md index d80f1cd..9c3d2ba 100644 --- a/documentation/iptables_service.md +++ b/documentation/iptables_service.md @@ -1,4 +1,4 @@ -[back to resource list](https://github.com/chef-cookbooks/iptables#resources) +[Back to resource list](https://github.com/chef-cookbooks/iptables/tree/master/README.md#resources) --- @@ -8,23 +8,34 @@ The `iptables_service` resource can be used to configure the required service fo ## Actions -`:enable` -`:disable` +- `:start` +- `:stop` +- `:restart` +- `:reload` +- `:enable` +- `:disable` ## Properties | Name | Type | Default | Description | Allowed Values | --------------------------------- | ----------- | -------- | ----------- | -------------- | -| `ip_version` | `Symbol` | `:ipv4` | The IP version | `:ipv4`, `:ipv6` | -| `sysconfig` | `Hash` | Correct default settings | A hash of the config settings for sysconfig, see library for more details | | +| `config_file` | `String` | The default location on disk of the config file, see resource for details | The full path to find the rules on disk | | +| `owner` | `String` | `root` | Owner of the saved output file | | +| `group` | `String` | `root` | Group of the saved output file | | +| `mode` | `String` | `0644` | Permissions on the saved output file | | +| `template` | `source_template` | `iptables.erb` | Source template to use to create the rules | | +| `cookbook` | `String` | `iptables` | Source cookbook to find the template in | | +| `sensitive` | `true, false` | `false` | mark the resource as senstive | | +| `ip_version` | `Symbol`, `String` | `:ipv4` | The IP version | `:ipv4`, `:ipv6` | | `service_name` | `String` | Correct service name | Name of the iptables services | | -| `sysconfig_file_mode` | `String` | `0600` | Permissions on the saved sysconfig file | | - -| `file_mode` | `String` | `0644` | Permissions on the saved rules file | | -| `source_template` | `source_template` | `iptables.erb` | Source template to use to create the rules | | +| `owner` | `String` | `root` | Owner of the saved output file | | +| `group` | `String` | `root` | Group of the saved output file | | +| `mode` | `String` | `0644` | Permissions on the saved rules file | | +| `template` | `source_template` | `iptables.erb` | Source template to use to create the rules | | | `cookbook` | `cookbook` | `iptables` | Source cookbook to find the template in | | | `sysconfig_file` | `String` | The default location on disk of the sysconfig file, see resource for details | The full path to find the sysconfig file on disk | | -| `config_file` | `String` | The default location on disk of the config file, see resource for details | The full path to find the rules on disk | | +| `sysconfig_template` | `source_template` | `iptables-config.erb` | Source template to use to create the rules | | +| `sysconfig` | `Hash` | Correct default settings | A hash of the config settings for sysconfig, see library for more details | | ## Examples