root / manifests / rules / out / ldap.pp @ 5d554e75
Historique | Voir | Annoter | Télécharger (769 octets)
| 1 | ea29e235 | Simon Hoenscheid | # @summary manage outgoing ldap |
|---|---|---|---|
| 2 | # @param ldapserver ldapserver IPs |
||
| 3 | # @param ldapserver_ports ldapserver ports |
||
| 4 | # |
||
| 5 | class nftables::rules::out::ldap ( |
||
| 6 | Variant[Stdlib::IP::Address,Array[Stdlib::IP::Address,1]] $ldapserver, |
||
| 7 | Array[Stdlib::Port,1] $ldapserver_ports = [389, 636], |
||
| 8 | ) {
|
||
| 9 | Array($ldapserver, true).each |$index,$ls| {
|
||
| 10 | nftables::rule {
|
||
| 11 | "default_out-ldapserver-${index}":
|
||
| 12 | } |
||
| 13 | if $ls =~ Stdlib::IP::Address::V6 {
|
||
| 14 | Nftables::Rule["default_out-ldapserver-${index}"] {
|
||
| 15 | content => "ip6 daddr ${ls} tcp dport {${join($ldapserver_ports,', ')}} accept",
|
||
| 16 | } |
||
| 17 | } else {
|
||
| 18 | Nftables::Rule["default_out-ldapserver-${index}"] {
|
||
| 19 | content => "ip daddr ${ls} tcp dport {${join($ldapserver_ports,', ')}} accept",
|
||
| 20 | } |
||
| 21 | } |
||
| 22 | } |
||
| 23 | } |