root / manifests / bridges.pp @ 9ef3491b
Historique | Voir | Annoter | Télécharger (771 octets)
| 1 | fd0eaeca | tr | # allow forwarding traffic on bridges |
|---|---|---|---|
| 2 | 11bf7237 | Steve Traylen | class nftables::bridges ( |
| 3 | 09cba182 | Steve Traylen | # lint:ignore:parameter_documentation |
| 4 | 31b17627 | Steve Traylen | Enum['present','absent'] $ensure = 'present', |
| 5 | Regexp $bridgenames = /^br.+/ |
||
| 6 | 09cba182 | Steve Traylen | # lint:endignore |
| 7 | fd0eaeca | tr | ) {
|
| 8 | if $ensure == 'present' {
|
||
| 9 | 26cdcbbd | Kienan Stewart | if $facts['networking'] {
|
| 10 | $interfaces = keys($facts['networking']['interfaces']) |
||
| 11 | } |
||
| 12 | else {
|
||
| 13 | $interfaces = split($facts['interfaces'], ',') |
||
| 14 | } |
||
| 15 | fd0eaeca | tr | $bridges = $interfaces.filter |$items| { $items =~ $bridgenames }
|
| 16 | |||
| 17 | $bridges.each |String $bridge| {
|
||
| 18 | b6b5925f | mh | $bridge_rulename = regsubst($bridge, '-|:', '_', 'G') |
| 19 | 2c00d766 | tr | nftables::rule { "default_fwd-bridge_${bridge_rulename}_${bridge_rulename}":
|
| 20 | fd0eaeca | tr | order => '08', |
| 21 | 9ef3491b | grepfruit | content => "iifname \"${bridge}\" oifname \"${bridge}\" accept",
|
| 22 | fd0eaeca | tr | } |
| 23 | } |
||
| 24 | } |
||
| 25 | } |