Révision 51850192
rules::out::mdns: Allow interface filtering
| manifests/rules/out/mdns.pp | ||
|---|---|---|
| 3 | 3 |
# |
| 4 | 4 |
# @param ipv4 Allow mdns over IPv4 |
| 5 | 5 |
# @param ipv6 Allow mdns over IPv6 |
| 6 |
# @param oifname optional name for outgoing interfaces |
|
| 6 | 7 |
# |
| 7 | 8 |
class nftables::rules::out::mdns ( |
| 8 | 9 |
Boolean $ipv4 = true, |
| 9 | 10 |
Boolean $ipv6 = true, |
| 11 |
Array[String[1]] $oifname = [], |
|
| 10 | 12 |
) {
|
| 13 |
if empty($oifname) {
|
|
| 14 |
$_oifname = '' |
|
| 15 |
} else {
|
|
| 16 |
$oifdata = $oifname.map |String[1] $interface| { "\"${interface}\"" }.join(', ')
|
|
| 17 |
$_oifname = "oifname { ${oifdata} } "
|
|
| 18 |
} |
|
| 11 | 19 |
if $ipv4 {
|
| 12 | 20 |
nftables::rule { 'default_out-mdns_v4':
|
| 13 |
content => 'ip daddr 224.0.0.251 udp dport 5353 accept',
|
|
| 21 |
content => "${_oifname}ip daddr 224.0.0.251 udp dport 5353 accept",
|
|
| 14 | 22 |
} |
| 15 | 23 |
} |
| 16 | 24 |
if $ipv6 {
|
| 17 | 25 |
nftables::rule { 'default_out-mdns_v6':
|
| 18 |
content => 'ip6 daddr ff02::fb udp dport 5353 accept',
|
|
| 26 |
content => "${_oifname}ip6 daddr ff02::fb udp dport 5353 accept",
|
|
| 19 | 27 |
} |
| 20 | 28 |
} |
| 21 | 29 |
} |
Formats disponibles : Unified diff