Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

netsh_firewall (8) Versions 1.0.0

Configures Windows Firewall using netsh

Policyfile
Berkshelf
Knife
cookbook 'netsh_firewall', '~> 1.0.0', :supermarket
cookbook 'netsh_firewall', '~> 1.0.0'
knife supermarket install netsh_firewall
knife supermarket download netsh_firewall
README
Dependencies
Changelog
Quality 17%

netsh_firewall

This cookbook provides resources for managing Windows Firewall using the netsh utility. See https://technet.microsoft.com/en-us/library/Dd734783.aspx for details on configuring Windows Firewall using netsh.

Platforms

  • Windows 7
  • Windows 8, 8.1
  • Windows Server 2008, 2008 R2
  • Windows Server 2012, 2012 R2

Recipes

default

If the ['netsh_firewall']['disable_unmanaged_rules'] attribute is set to true this recipe will disable firewall rules that are not managed with Chef or whitelisted using attributes. Use at your own risk.

Attributes

  • ['netsh_firewall']['disable_unmanaged_rules'] - disable unmanaged firewall rules; defaults to false
  • ['netsh_firewall']['group_whitelist'] - an array of firewall groups to leave enabled, e.g. 'Core Networking'
  • ['netsh_firewall']['rule_whitelist'] - an array of firewall names to leave enabled, e.g. 'Remote Desktop (TCP-In)'

Resources

netsh_firewall_profile

Actions

  • :disable: disable a firewall profile
  • :enable: enable a firewall profile and set inbound/outbound policy; this is the default action

Parameters

  • name: name attribute; specify all, domain, private, or public
  • inbound: :allow or :block (default)
  • outbound: :allow (default) or :block

Example

netsh_firewall_profile 'all' do
  inbound :block
  outbound :allow
end

netsh_firewall_rule

Actions

  • :allow: create a rule to allow traffic through the firewall; this is the default action
  • :block: create a rule to block traffic
  • :disable: disable an existing rule (useful for built-in rules)
  • :enable: enable an existing rule

Parameters

  • name: name attribute; the name of the rule to create
  • description: an optional description for the rule
  • direction: :in (default) or :out; the direction of the rule
  • localip: an array or comma separated list of IP addresses or subnets in CIDR notation; defaults to 'any'
  • localport: an array or comma separated list of local port numbers; defaults to 'any'
  • profile: :any (default), :domain, :private, or :public
  • program: a path to a program; traffic generated by the program will match this rule
  • protocol: :tcp (default), :udp, :icmpv4, :icmpv6, or :any
  • remoteip: an array or comma separated list of IP addresses or subnets in CIDR notation; defaults to 'any'
  • remoteport: an array or comma separated list of remote port numbers; defaults to 'any'

Examples

netsh_firewall_rule 'Windows Remote Management (HTTPS-In)' do
  description 'Allow remote management over SSL'
  localport '5986'
  action :allow
end

netsh_firewall_rule 'Windows Remote Management (HTTP-In)' do
  action :disable
end

netsh_firewall_rule 'Web server' do
  localport ['80', '443']
  remoteip ['192.168.1.0/24', '172.16.0.0/16']
  action :allow
end

License

Copyright 2018 Biola University

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

netsh_firewall Cookbook CHANGELOG

This file is used to list changes made in each version of the netsh_firewall cookbook.

v1.0.0 (2018-01-19)

  • Refactored code to use Chef custom resources. Chef Client 12.5 or higher is now required to use this cookbook.
  • Local/remote IP and port properties for the netsh_firewall_rule resource now accept arrays as well as strings and will automatically sort values for stable ordering

v0.3.2 (2016-01-19)

  • Fixed ICMP rules not working due to default values for localport and remoteport

Collaborator Number Metric
            

1.0.0 failed this metric

Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

1.0.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

1.0.0 failed this metric

FC085: Resource using new_resource.updated_by_last_action to converge resource: netsh_firewall/resources/profile.rb:26
FC085: Resource using new_resource.updated_by_last_action to converge resource: netsh_firewall/resources/profile.rb:31
FC085: Resource using new_resource.updated_by_last_action to converge resource: netsh_firewall/resources/profile.rb:38
FC085: Resource using new_resource.updated_by_last_action to converge resource: netsh_firewall/resources/rule.rb:55
FC085: Resource using new_resource.updated_by_last_action to converge resource: netsh_firewall/resources/rule.rb:62
FC085: Resource using new_resource.updated_by_last_action to converge resource: netsh_firewall/resources/rule.rb:72
FC085: Resource using new_resource.updated_by_last_action to converge resource: netsh_firewall/resources/rule.rb:82
FC108: Resource should not define a property named 'name': netsh_firewall/resources/profile.rb:19
FC108: Resource should not define a property named 'name': netsh_firewall/resources/rule.rb:19
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

No Binaries Metric
            

1.0.0 passed this metric

Testing File Metric
            

1.0.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

1.0.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number