root / manifests / rules / ssdp.pp @ 9d1ee648
Historique | Voir | Annoter | Télécharger (573 octets)
| 1 |
# |
|---|---|
| 2 |
# @summary allow incoming SSDP |
| 3 |
# |
| 4 |
# @param ipv4 Allow SSDP over IPv4 |
| 5 |
# @param ipv6 Allow SSDP over IPv6 |
| 6 |
# |
| 7 |
# @see https://datatracker.ietf.org/doc/html/draft-cai-ssdp-v1-03 |
| 8 |
# |
| 9 |
class nftables::rules::ssdp ( |
| 10 |
Boolean $ipv4 = true, |
| 11 |
Boolean $ipv6 = true, |
| 12 |
) {
|
| 13 |
if $ipv4 {
|
| 14 |
nftables::rule { 'default_in-ssdp_v4':
|
| 15 |
content => 'ip daddr 239.255.255.250 udp dport 1900 accept comment "accept SSDP"', |
| 16 |
} |
| 17 |
} |
| 18 |
if $ipv6 {
|
| 19 |
nftables::rule { 'default_in-ssdp_v6':
|
| 20 |
content => 'ip6 daddr {ff02::c, ff05::c} udp dport 1900 accept comment "accept SSDP"',
|
| 21 |
} |
| 22 |
} |
| 23 |
} |