Resource Type: windows_firewall_rule

Defined in:
lib/puppet/type/windows_firewall_rule.rb
Providers:
windows_firewall_rule

Overview

Manage Windows Firewall with Puppet

Properties

  • action

    What to do when this rule matches (Accept/Reject)

    Supported values:
    • block
    • allow
  • authentication (defaults to: notrequired)

    Specifies that authentication or encryption is required on firewall rules (authentication, encryption)

    Supported values:
    • notrequired
    • required
    • noencap
  • description (defaults to: '')

    Description of this rule

  • direction

    Direction the rule applies to (‘inbound`/`outbound`)

    Supported values:
    • inbound
    • outbound
  • display_group

    group that the rule belongs to (read-only)

  • display_name

    Display name for this rule

  • edge_traversal_policy (defaults to: block)

    Apply rule to encapsulated traffic (?) - see: serverfault.com/questions/89824/windows-advanced-firewall-what-does-edge-traversal-mean#89846

    Supported values:
    • block
    • allow
    • defer_to_user
    • defer_to_app
  • enabled (defaults to: true)

    Whether the rule is enabled (‘true` or `false`)

    Supported values:
    • true
    • false
  • encryption (defaults to: notrequired)

    Specifies that authentication or encryption is required on firewall rules (authentication, encryption)

    Supported values:
    • notrequired
    • required
    • dynamic
  • ensure (defaults to: present)

    How to ensure this firewall rule (‘present` or `absent`)

    Supported values:
    • present
    • absent
  • icmp_type

    Protocol type to use (with ICMPv4/ICMPv6)“

    Values should be:

    * Just the type (3)                                                                                                                                                                    ICMP type code: 0 through 255.
* ICMP type code pairs: 3:4 (type 3, code 4)
* `any`
  • interface_type (defaults to: any)

    Interface types this rule applies to

    Supported values:
    • any
    • wired
    • wireless
    • remote_access
  • local_address (defaults to: any)

    the local IP the rule targets (hostname not allowed), use an array to pass more then one

  • local_port

    the local port the rule targets, use an array to pass more then one

  • local_user (defaults to: any)

    Specifies that matching IPsec rules of the indicated user accounts are created

  • profile (defaults to: any)

    Which profile(s) this rule belongs to, use an array to pass more then one

    Supported values:
    • domain
    • private
    • public
    • any
  • program (defaults to: any)

    Path to program this rule applies to

  • protocol (defaults to: any)

    the protocol the rule targets

    Supported values:
    • any
    • tcp
    • udp
    • icmpv4
    • icmpv6
    • %r{^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$}
  • remote_address (defaults to: any)

    the remote IP the rule targets (hostname not allowed), use an array to pass more then one

  • remote_machine (defaults to: any)

    Specifies that matching IPsec rules of the indicated computer accounts are created

  • remote_port (defaults to: any)

    the remote port the rule targets, use an array to pass more then one

  • remote_user (defaults to: any)

    Specifies that matching IPsec rules of the indicated user accounts are created

  • service (defaults to: any)

    service names this rule applies to

Parameters

  • name (namevar)

    Name of this rule

  • provider

    The specific backend to use for this ‘windows_firewall_rule` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.