/manifests/rule.pp - Annoter - puppet nftables - Koumbit's Redmine

Télécharger au format

root / manifests / rule.pp @ 8efbdf9a

Historique | Voir | Annoter | Télécharger (908 octets)

1	8efbdf9a	tr	# manage a chain rule
2	0ba57c66	mh	# Name should be:
3	a534e044	mh	# CHAIN_NAME-rulename
4	8efbdf9a	tr	define nftables::rule(
5	0ba57c66	mh	Enum['present','absent']
6			$ensure = 'present',
7	8efbdf9a	tr	Pattern[/^[a-zA-Z0-9_]+-[a-zA-Z0-9_]+$/]
8	0ba57c66	mh	$rulename = $title,
9			Pattern[/^\d\d$/]
10			$order = '50',
11			Optional[String]
12	8efbdf9a	tr	$table = 'filter',
13			Optional[String]
14	0ba57c66	mh	$content = undef,
15			Optional[Variant[String,Array[String,1]]]
16			$source = undef,
17			){
18	8efbdf9a	tr
19	0ba57c66	mh	if $ensure == 'present' {
20	8efbdf9a	tr	$data = split($rulename, '-')
21
22	0ba57c66	mh	concat::fragment{
23	8efbdf9a	tr	"nftables-${table}-chain-${data[0]}-rule-${data[1]}":
24	e140adff	tr	order => $order,
25	8efbdf9a	tr	target => "nftables-${table}-chain-${data[0]}",
26	0ba57c66	mh	}
27
28			if $content {
29	8efbdf9a	tr	Concat::Fragment["nftables-${table}-chain-${data[0]}-rule-${data[1]}"]{
30	0ba57c66	mh	content => " ${content}",
31			}
32			} else {
33	8efbdf9a	tr	Concat::Fragment["nftables-${table}-chain-${data[0]}-rule-${data[1]}"]{
34	0ba57c66	mh	source => $source,
35			}
36			}
37			}
38			}