diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/server/plugins/generators/packages.txt | 8 | ||||
-rw-r--r-- | doc/server/plugins/generators/rules.txt | 4 | ||||
-rw-r--r-- | doc/server/plugins/generators/tgenshi/iptables.txt | 21 |
3 files changed, 18 insertions, 15 deletions
diff --git a/doc/server/plugins/generators/packages.txt b/doc/server/plugins/generators/packages.txt index 93b5308be..276b73093 100644 --- a/doc/server/plugins/generators/packages.txt +++ b/doc/server/plugins/generators/packages.txt @@ -158,9 +158,11 @@ Handling GPG Keys .. versionadded:: 1.2.0 -Packages can automatically handle GPG signing keys for Yum and Pulp -repositories. Simply specify the URL to the GPG key(s) for a -repository in ``sources.xml``:: +If you have yum libraries installed, Packages can automatically handle +GPG signing keys for Yum and Pulp repositories. (You do not need to +use the native yum resolver; if yum libraries are available, GPG +signing keys can be handled automatically.) Simply specify the URL to +the GPG key(s) for a repository in ``sources.xml``:: <Source type="yum" rawurl="http://mirror.example.com/centos6-x86_64/RPMS.os"> diff --git a/doc/server/plugins/generators/rules.txt b/doc/server/plugins/generators/rules.txt index 439bc0281..c084c5681 100644 --- a/doc/server/plugins/generators/rules.txt +++ b/doc/server/plugins/generators/rules.txt @@ -68,7 +68,7 @@ The Rules Group Tag may have the following attributes: +========+=========================+==============+ | name | Group Name | String | +--------+-------------------------+--------------+ -| negate | Negate group membership | (True|False) | +| negate | Negate group membership | (true|false) | | | (is not a member of) | | +--------+-------------------------+--------------+ @@ -195,7 +195,7 @@ The Client Tag may have the following attributes: +========+=========================+==============+ | name | Client Name | String | +--------+-------------------------+--------------+ -| negate | Negate client selection | (True|False) | +| negate | Negate client selection | (true|false) | | | (if not client name) | | +--------+-------------------------+--------------+ diff --git a/doc/server/plugins/generators/tgenshi/iptables.txt b/doc/server/plugins/generators/tgenshi/iptables.txt index 2655e7b2d..310f9ffab 100644 --- a/doc/server/plugins/generators/tgenshi/iptables.txt +++ b/doc/server/plugins/generators/tgenshi/iptables.txt @@ -83,13 +83,14 @@ iptables -A NO-SMTP -j DROP # Allow SSH Access - -A INPUT -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH - -A SSH -s 192.0.0.0/255.0.0.0 -j ACCEPT + :SSH - [0:0] + -A INPUT -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH + -A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT # Allow Ganglia Access -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT # Gmetad access to gmond - -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT + -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT # Gmond UDP multicast -A INPUT -m state --state NEW -m udp -p udp --dport 8649 -j ACCEPT @@ -205,8 +206,8 @@ iptables :: :MYSQL - [0:0] - -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 --tcp-flags FIN,SYN,RST,ACK SYN -j MYSQL - -A MYSQL -s 192.168.0.0/255.0.0.0 -j ACCEPT + -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 --tcp-flags FIN,SYN,RST,ACK SYN -j MYSQL + -A MYSQL -s 192.168.0.0/255.255.0.0 -j ACCEPT For a host that is in the mysql-server group you get an iptables file that looks like the following:: @@ -244,20 +245,20 @@ that looks like the following:: # Allow SSH Access :SSH - [0:0] - -A INPUT -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH - -A SSH -s 192.168.0.0/255.0.0.0 -j ACCEPT + -A INPUT -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH + -A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT # Allow Ganglia Access -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT #Gmetad access to gmond - -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT + -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT #Gmond UDP multicast -A INPUT -m state --state NEW -m udp -p udp --dport 8649 -j ACCEPT # group custom FILTER rules: :MYSQL - [0:0] - -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 --tcp-flags FIN,SYN,RST,ACK SYN -j MYSQL - -A MYSQL -s 192.168.0.0/255.0.0.0 -j ACCEPT + -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 --tcp-flags FIN,SYN,RST,ACK SYN -j MYSQL + -A MYSQL -s 192.168.0.0/255.255.0.0 -j ACCEPT # host-specific FILTER rules: |