Forge Home


A Puppet module to replace firewalld with iptables


8,460 latest version

3.6 quality score

Version information

  • 0.2.0 (latest)
  • 0.1.2
  • 0.1.0
released Feb 24th 2017
This version is compatible with:
  • Puppet Enterprise 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 2.7.0 < 5.0.0
  • ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'genebean-firewalld2iptables', '0.2.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add genebean-firewalld2iptables
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install genebean-firewalld2iptables --version 0.2.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



genebean/firewalld2iptables — version 0.2.0 Feb 24th 2017

Puppet Forge GitHub tag


Table of Contents

  1. Overview
  2. Parameters
  3. Usage
  4. Limitations
  5. License
  6. Contributing


This module takes care of performing the conversion described at



Installs the iptables-services package when true, which is the default value.
type: boolean


This value is passed to the ensure key of the resource. This should be 'present' or 'latest'. The default value is 'present'.


Determines if iptables is enabled. Defaults to true.
type: boolean


Determines if ip6tables is enabled. Defaults to true.
type: boolean


Simple usage:

include ::firewalld2iptables

In manifests that also utilize puppetlabs-firewall or other methdods of configuring iptables you need to ensure that this is run first. To do that, just change the include line to require like so:

require ::firewalld2iptables

Manage the iptables-services package elsewhere

class { '::firewalld2iptables': $manage_package => false, }


This module is targeted at systems that are known to include firewalld. Right now, that is solely the Red Hat 7 family of OS's. Contributions to expand coverage to other OS's are welcome.


This is released under the New BSD / BSD-3-Clause license. A copy of the license can be found in the root of the module.


Pull requests are welcome!