Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / templates / simplerule.epp @ d43ced4d

Historique | Voir | Annoter | Télécharger (1,48 ko)

1 83382bb5 Nacho Barrientos 
<%- | String                  $action,
2 
      Optional[String]        $comment,
3 3a52fb41 Nacho Barrientos 
      Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, String]] $dport,
4 83382bb5 Nacho Barrientos 
      Optional[String]        $proto,
5 aaa37172 Nacho Barrientos 
      Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $daddr,
6 
      Enum['ip', 'ip6']       $set_type,
7 d43ced4d Nacho Barrientos 
      Boolean                 $counter,
8 83382bb5 Nacho Barrientos 
| -%>
9 316bc3f8 Nacho Barrientos 
<%- if $proto {
10 
  $_proto = $proto ? {
11 
    /tcp(4|6)?/ => 'tcp',
12 
    /udp(4|6)?/ => 'udp',
13 
  }
14 
  $_ip_version_filter = $proto ? {
15 
    /(tcp4|udp4)/ => 'ip version 4',
16 
    /(tcp6|udp6)/ => 'ip version 6',
17 
    default       => undef,
18 
  }
19 
} else {
20 
  $_ip_version_filter = undef
21 
} -%>
22 aaa37172 Nacho Barrientos 
<%- if $daddr {
23 
  if $daddr =~ Stdlib::IP::Address::V6 {
24 
    $_dst_hosts = "ip6 daddr ${daddr}"
25 
  } elsif $daddr =~ Stdlib::IP::Address::V4 {
26 
    $_dst_hosts = "ip daddr ${daddr}"
27 
  } else {
28 
    $_dst_hosts = $set_type ? {
29 
      'ip'  => "ip daddr ${daddr}",
30 
      'ip6' => "ip6 daddr ${daddr}",
31 
    }
32 
  }
33 
} else {
34 
  $_dst_hosts = undef
35 
} -%>
36 3a52fb41 Nacho Barrientos 
<%- if $proto and $dport {
37 
  if $dport =~ Array {
38 aaa37172 Nacho Barrientos 
    $_dst_port = "${_proto} dport {${dport.join(', ')}}"
39 3a52fb41 Nacho Barrientos 
  } else {
40 aaa37172 Nacho Barrientos 
    $_dst_port = "${_proto} dport $dport"
41 3a52fb41 Nacho Barrientos 
  }
42 83382bb5 Nacho Barrientos 
} else {
43 aaa37172 Nacho Barrientos 
  $_dst_port = undef
44 83382bb5 Nacho Barrientos 
} -%>
45 
<%- if $comment {
46 
  $_comment = "comment \"${comment}\""
47 
} else {
48 
  $_comment = undef
49 
} -%>
50 d43ced4d Nacho Barrientos 
<%- if $counter {
51 
  $_counter = "counter"
52 
} else {
53 
  $_counter = undef
54 
} -%>
55 
<%= regsubst(strip([$_ip_version_filter, $_dst_port, $_dst_hosts, $_counter, $action, $_comment].join(' ')), '\s+', ' ', 'G') -%>