Révision 3e2b5119
rules::ospf3: Allow filtering on incoming interfaces
| manifests/rules/ospf3.pp | ||
|---|---|---|
| 1 |
# manage in ospf3 |
|
| 2 |
class nftables::rules::ospf3 {
|
|
| 3 |
nftables::rule {
|
|
| 4 |
'default_in-ospf3': |
|
| 5 |
content => 'ip6 saddr fe80::/64 ip6 daddr { ff02::5, ff02::6 } meta l4proto 89 accept',
|
|
| 1 |
# |
|
| 2 |
# @summary manage in ospf3 |
|
| 3 |
# |
|
| 4 |
# @param iifname optional list of incoming interfaces to allow traffic |
|
| 5 |
# |
|
| 6 |
class nftables::rules::ospf3 ( |
|
| 7 |
Array[String[1]] $iifname = [], |
|
| 8 |
) {
|
|
| 9 |
if empty($iifname) {
|
|
| 10 |
$_iifname = '' |
|
| 11 |
} else {
|
|
| 12 |
$iifdata = $iifname.map |String[1] $interface| { "\"${interface}\"" }.join(', ')
|
|
| 13 |
$_iifname = "iifname { ${iifdata} } "
|
|
| 14 |
} |
|
| 15 |
nftables::rule { 'default_in-ospf3':
|
|
| 16 |
content => "${_iifname}ip6 saddr fe80::/64 ip6 daddr { ff02::5, ff02::6 } meta l4proto 89 accept",
|
|
| 6 | 17 |
} |
| 7 | 18 |
} |
Formats disponibles : Unified diff