Révision 25b3f3f4
simplerule: Add support for incoming interface filtering
| manifests/simplerule.pp | ||
|---|---|---|
| 52 | 52 |
# |
| 53 | 53 |
# @param counter |
| 54 | 54 |
# Enable traffic counters for the matched traffic. |
| 55 |
# |
|
| 56 |
# @param iifname |
|
| 57 |
# Optional filter for the incoming interface |
|
| 55 | 58 |
define nftables::simplerule ( |
| 56 | 59 |
Enum['present','absent'] $ensure = 'present', |
| 57 | 60 |
Nftables::SimpleRuleName $rulename = $title, |
| ... | ... | |
| 67 | 70 |
Optional[Nftables::Port] $sport = undef, |
| 68 | 71 |
Optional[Nftables::Addr] $saddr = undef, |
| 69 | 72 |
Boolean $counter = false, |
| 73 |
Optional[String[1]] $iifname = undef, |
|
| 70 | 74 |
) {
|
| 71 | 75 |
if $dport and !$proto {
|
| 72 | 76 |
fail('Specifying a transport protocol via $proto is mandatory when passing a $dport')
|
| ... | ... | |
| 89 | 93 |
'saddr' => $saddr, |
| 90 | 94 |
'set_type' => $set_type, |
| 91 | 95 |
'sport' => $sport, |
| 96 |
'iifname' => $iifname, |
|
| 92 | 97 |
} |
| 93 | 98 |
), |
| 94 | 99 |
order => $order, |
Formats disponibles : Unified diff