Révision 467ea4e2
Lint fixes
| manifests/simplerule.pp | ||
|---|---|---|
| 10 | 10 |
# daddr => '2001:1458::/32', |
| 11 | 11 |
# } |
| 12 | 12 |
|
| 13 |
define nftables::simplerule( |
|
| 14 |
Enum['present','absent'] |
|
| 15 |
$ensure = 'present', |
|
| 16 |
Pattern[/^[-a-zA-Z0-9_]+$/] |
|
| 17 |
$rulename = $title, |
|
| 18 |
Pattern[/^\d\d$/] |
|
| 19 |
$order = '50', |
|
| 20 |
String |
|
| 21 |
$chain = 'default_in', |
|
| 22 |
String |
|
| 23 |
$table = 'inet-filter', |
|
| 24 |
Enum['accept', 'drop'] |
|
| 25 |
$action = 'accept', |
|
| 26 |
Optional[String] |
|
| 27 |
$comment = undef, |
|
| 28 |
Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, Pattern[/\d+-\d+/]]] |
|
| 29 |
$dport = undef, |
|
| 30 |
Optional[Enum['tcp', 'tcp4', 'tcp6', 'udp', 'udp4', 'udp6']] |
|
| 31 |
$proto = undef, |
|
| 32 |
Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] |
|
| 33 |
$daddr = undef, |
|
| 34 |
Enum['ip', 'ip6'] |
|
| 35 |
$set_type = 'ip6', |
|
| 36 |
Boolean |
|
| 37 |
$counter = false, |
|
| 38 |
){
|
|
| 39 |
|
|
| 13 |
define nftables::simplerule ( |
|
| 14 |
Enum['present','absent'] $ensure = 'present', |
|
| 15 |
Pattern[/^[-a-zA-Z0-9_]+$/] $rulename = $title, |
|
| 16 |
Pattern[/^\d\d$/] $order = '50', |
|
| 17 |
String $chain = 'default_in', |
|
| 18 |
String $table = 'inet-filter', |
|
| 19 |
Enum['accept', 'drop'] $action = 'accept', |
|
| 20 |
Optional[String] $comment = undef, |
|
| 21 |
Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, Pattern[/\d+-\d+/]]] $dport = undef, |
|
| 22 |
Optional[Enum['tcp', 'tcp4', 'tcp6', 'udp', 'udp4', 'udp6']] $proto = undef, |
|
| 23 |
Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $daddr = undef, |
|
| 24 |
Enum['ip', 'ip6'] $set_type = 'ip6', |
|
| 25 |
Boolean $counter = false, |
|
| 26 |
) {
|
|
| 40 | 27 |
if $dport and !$proto {
|
| 41 | 28 |
fail('Specifying a transport protocol via $proto is mandatory when passing a $dport')
|
| 42 | 29 |
} |
| 43 | 30 |
|
| 44 | 31 |
if $ensure == 'present' {
|
| 45 |
nftables::rule{"${chain}-${rulename}":
|
|
| 32 |
nftables::rule { "${chain}-${rulename}":
|
|
| 46 | 33 |
content => epp('nftables/simplerule.epp',
|
| 47 | 34 |
{
|
| 48 | 35 |
'action' => $action, |
Formats disponibles : Unified diff