Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / manifests / rules / out / pxp_agent.pp @ 53aa1fa8

Historique | Voir | Annoter | Télécharger (814 octets)

1 194e05d5 Tim Meusel 
# @summary manage outgoing pxp-agent
2 
#
3 
# @param broker PXP broker IP(s)
4 
# @param broker_port PXP broker port
5 
#
6 
# @see also take a look at nftables::rules::out::puppet, because the PXP agent also connects to a Puppetserver
7 
#
8 
class nftables::rules::out::pxp_agent (
9 
  Variant[Stdlib::IP::Address,Array[Stdlib::IP::Address,1]] $broker,
10 
  Stdlib::Port $broker_port = 8142,
11 
) {
12 
  Array($broker, true).each |$index,$ps| {
13 
    nftables::rule {
14 
      "default_out-pxpagent-${index}":
15 
    }
16 
    if $ps =~ Stdlib::IP::Address::V6 {
17 
      Nftables::Rule["default_out-pxpagent-${index}"] {
18 
        content => "ip6 daddr ${ps} tcp dport ${broker_port} accept",
19 
      }
20 
    } else {
21 
      Nftables::Rule["default_out-pxpagent-${index}"] {
22 
        content => "ip daddr ${ps} tcp dport ${broker_port} accept",
23 
      }
24 
    }
25 
  }
26 
}