root / manifests / rule.pp @ 09cba182
Historique | Voir | Annoter | Télécharger (1,21 ko)
| 1 | 8efbdf9a | tr | # manage a chain rule |
|---|---|---|---|
| 2 | 0ba57c66 | mh | # Name should be: |
| 3 | a534e044 | mh | # CHAIN_NAME-rulename |
| 4 | 11bf7237 | Steve Traylen | define nftables::rule ( |
| 5 | 09cba182 | Steve Traylen | # lint:ignore:parameter_documentation |
| 6 | 31b17627 | Steve Traylen | Enum['present','absent'] $ensure = 'present', |
| 7 | 8c00b818 | Nacho Barrientos | Nftables::RuleName $rulename = $title, |
| 8 | 31b17627 | Steve Traylen | Pattern[/^\d\d$/] $order = '50', |
| 9 | Optional[String] $table = 'inet-filter', |
||
| 10 | Optional[String] $content = undef, |
||
| 11 | Optional[Variant[String,Array[String,1]]] $source = undef, |
||
| 12 | 09cba182 | Steve Traylen | # lint:endignore |
| 13 | 11bf7237 | Steve Traylen | ) {
|
| 14 | 0ba57c66 | mh | if $ensure == 'present' {
|
| 15 | 8efbdf9a | tr | $data = split($rulename, '-') |
| 16 | |||
| 17 | 18ec6f48 | tr | if $data[2] {
|
| 18 | $fragment = "nftables-${table}-chain-${data[0]}-rule-${data[1]}-${data[2]}"
|
||
| 19 | } else {
|
||
| 20 | $fragment = "nftables-${table}-chain-${data[0]}-rule-${data[1]}"
|
||
| 21 | } |
||
| 22 | |||
| 23 | 11bf7237 | Steve Traylen | concat::fragment { "${fragment}_header":
|
| 24 | e53053ce | Steve Traylen | content => "# Start of fragment order:${order} rulename:${rulename}",
|
| 25 | 61f03b47 | Steve Traylen | order => "${order}-${fragment}-a",
|
| 26 | e53053ce | Steve Traylen | target => "nftables-${table}-chain-${data[0]}",
|
| 27 | } |
||
| 28 | |||
| 29 | 11bf7237 | Steve Traylen | concat::fragment {
|
| 30 | 18ec6f48 | tr | $fragment: |
| 31 | 61f03b47 | Steve Traylen | order => "${order}-${fragment}-b",
|
| 32 | 8efbdf9a | tr | target => "nftables-${table}-chain-${data[0]}",
|
| 33 | 0ba57c66 | mh | } |
| 34 | |||
| 35 | if $content {
|
||
| 36 | 11bf7237 | Steve Traylen | Concat::Fragment[$fragment] {
|
| 37 | 0ba57c66 | mh | content => " ${content}",
|
| 38 | } |
||
| 39 | } else {
|
||
| 40 | 11bf7237 | Steve Traylen | Concat::Fragment[$fragment] {
|
| 41 | 0ba57c66 | mh | source => $source, |
| 42 | } |
||
| 43 | } |
||
| 44 | } |
||
| 45 | } |