Projet

Général

Profil

Révision 64404839

ID644048391d682f7ba1790b52cd6b93a5db20ceae
Parent ffc8b86f
Enfant ec5b5f0c

Ajouté par Tim Meusel il y a plus d'un an

samba: Add option to drop traffic

Voir les différences:

manifests/rules/samba.pp
1 1 
# @summary manage Samba, the suite to allow Windows file sharing on Linux resources.
2 
# @param ctdb Enable ctdb-driven clustered Samba setups.
2 
#
3 
# @param ctdb Enable ctdb-driven clustered Samba setups
4 
# @param action if the traffic should be allowed or dropped
5 
#
3 6 
class nftables::rules::samba (
4 7 
  Boolean $ctdb = false,
8 
  Enum['accept', 'drop'] $action = 'accept',
5 9 
) {
6 10 
  nftables::rule {
7 11 
    'default_in-netbios_tcp':
8 
      content => 'tcp dport {139,445} accept',
12 
      content => "tcp dport {139,445} ${action}",
9 13 
  }
10 14 

  		




  11
  15
  
    
  nftables::rule {


  		




  12
  16
  
    
    'default_in-netbios_udp':


  		




  13
  
  
    
      content => 'udp dport {137,138} accept',


  		




  
  17
  
    
      content => "udp dport {137,138} ${action}",


  		




  14
  18
  
    
  }


  		




  15
  19
  
    

  		




  16
  20
  
    
  if $ctdb {


  		




  17
  21
  
    
    nftables::rule {


  		




  18
  22
  
    
      'default_in-ctdb':


  		




  19
  
  
    
        content => 'tcp dport 4379 accept',


  		




  
  23
  
    
        content => "tcp dport 4379 ${action}",


  		




  20
  24
  
    
    }


  		




  21
  25
  
    
  }


  		




  22
  26
  
    
}


  		












Formats disponibles :  Unified diff