Hi, the Debian Project currently runs about 100 machines[1] all over the world with different services. Those are mainly managed by the Debian System Administration team[2]. For central configuration management we use Puppet[3]. The Puppet config we use is publicly available at [4]. Our next goal is to have a more or less central configuration of our iptables rules on all those machines. Some of the machines have home-brewed firewall scripts, some use ferm. Your mission, if you choose to accept it, is to provide us with a new dsa-puppet git branch with a module "ferm" that we can roll out to all our hosts. It might want to use information from the other puppet modules like "apache2_security_mirror" or "buildd" to decide which incoming traffic should be allowed. DSA will of course provide you with all necessary further information. Cheers, Martin [1] http://db.debian.org/machines.cgi [2] http://wiki.debian.org/Teams/DSA [3] http://reductivelabs.com/products/puppet/ [4] http://git.debian.org/?p=mirror/dsa-puppet.git -- Martin Zobel-Helas <zobel@debian.org> | Debian System Administrator Debian & GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870
Attachment:
signature.asc
Description: Digital signature