Merge "Revert "Add firewall chain configuration""

2018-03-02 19:30:33 +00:00 · 2018-03-02 19:30:33 +00:00 · 1c00b6ecae
parent 2f37f93c6e b5f29853ff
commit 1c00b6ecae
2 changed files with 0 additions and 22 deletions
--- a/puppet/services/tripleo-firewall.yaml
+++ b/puppet/services/tripleo-firewall.yaml
@ -38,17 +38,6 @@ parameters:
    default: false
    description: Whether IPtables rules should be purged before setting up the new ones.
    type: boolean
-  FirewallChains:
-    default: {}
-    description: >
-      Firewall chains definitions to manage. The keys of the dictionary must be
-      in the format "<chain>:<table>:<protocol>". When specified, these rules
-      are merged with { 'FORWARD:filter:IPv4': { 'policy': 'accept' },
-      'FORWARD:filter:IPv6': { 'policy': 'accept' } }. The current available
-      features 'ensure' Adds or removes a chain (present|absent), 'policy'
-      Action the packet will performa at the end of the chain (accept|drop|queue|return),
-      and 'purge' Remove all rules for this change (true|false).
-    type: json

 outputs:
  role_data:
@ -58,11 +47,6 @@ outputs:
      config_settings:
        tripleo::firewall::manage_firewall: {get_param: ManageFirewall}
        tripleo::firewall::purge_firewall_rules: {get_param: PurgeFirewallRules}
-        tripleo::firewall::firewall_chains:
-          map_merge:
-            - { 'FORWARD:filter:IPv4': { 'policy': 'accept' },
-                'FORWARD:filter:IPv6': { 'policy': 'accept' } }
-            - {get_param: FirewallChains}
      step_config: |
        include ::tripleo::firewall
      upgrade_tasks:
--- a/releasenotes/notes/firewall-chain-management-cf0b38d533646a08.yaml
+++ b/releasenotes/notes/firewall-chain-management-cf0b38d533646a08.yaml
@ -1,6 +0,0 @@
---
-features:
-  - |
-    Adds `FirewallChains` parameter that can be used to manage the defined
-    firewall chains. By default the FORWARD chain configured to be present
-    and set to ACCEPT.