/templates/simplerule.epp - Diff - puppet nftables - Koumbit's Redmine

Révision bd8baa0f

Ajouté par Nacho Barrientos il y a environ 4 ans

Fix IPv4 source address type detection

Before this patch, a rule like this:

```
nftables::simplerule { 'foo':
action => 'accept',
dport => 443,
proto => 'tcp4',
saddr => '192.168.1.10',
}
```

would incorrectly generate this rule:

```
ip version 4 tcp dport {443} ip6 saddr 192.168.1.10 accept
```

Note the 'ip6 saddr'.

     <%- if $saddr {
       if $saddr =~ Stdlib::IP::Address::V6 {
         $_src_hosts = "ip6 saddr ${saddr}"
       } elsif $daddr =~ Stdlib::IP::Address::V4 {
       } elsif $saddr =~ Stdlib::IP::Address::V4 {
         $_src_hosts = "ip saddr ${saddr}"
       } else {
         $_src_hosts = $set_type ? {

Formats disponibles : Unified diff