/ - Diff - puppet nftables - Koumbit's Redmine

Révision e846c98b

Ajouté par Tim Meusel il y a plus d'un an

simplerule: Allow multiple oifname/iifname

     ##### <a name="-nftables--simplerule--iifname"></a>`iifname`
     Data type: `Optional[String[1]]`
     Data type: `Variant[Array[String[1]],String[1]]`
     Optional filter for the incoming interface
     Default value: `undef`
     Default value: `[]`
     ##### <a name="-nftables--simplerule--oifname"></a>`oifname`
     Data type: `Optional[String[1]]`
     Data type: `Variant[Array[String[1]],String[1]]`
     Optional filter for the outgoing interface
     Default value: `undef`
     Default value: `[]`
     ## Data types

       Optional[Nftables::Port] $sport = undef,
       Optional[Nftables::Addr] $saddr = undef,
       Boolean $counter = false,
       Optional[String[1]] $iifname = undef,
       Optional[String[1]] $oifname = undef,
       Variant[Array[String[1]],String[1]] $iifname = [],
       Variant[Array[String[1]],String[1]] $oifname = [],
     ) {
       if $dport and !$proto {
         fail('Specifying a transport protocol via $proto is mandatory when passing a $dport')
-...
               'saddr'    => $saddr,
               'set_type' => $set_type,
               'sport'    => $sport,
               'iifname'  => $iifname,
               'oifname'  => $oifname,
               'iifname'  => [$iifname].flatten,
               'oifname'  => [$oifname].flatten,
+            }
           ),
           order   => $order,

           Optional[Nftables::Addr] $saddr,
           String                   $set_type,
           Optional[Nftables::Port] $sport,
           Optional[String[1]]      $iifname,
           Optional[String[1]]      $oifname,
           Array[String[1]]         $iifname,
           Array[String[1]]         $oifname,
     | -%>
     <%- if $proto {
       $_proto = $proto ? {
-...
     } else {
       $_counter = undef
     } -%>
     <%- if $iifname {
       $_iifname = "iifname \"${iifname}\""
     } else {
     <%- if empty($iifname) {
       $_iifname = undef
     } -%>
     <%- if $oifname {
       $_oifname = "oifname \"${oifname}\""
     } else {
       $iifdata = $iifname.map |String[1] $interface| { "\"${interface}\"" }.join(', ')
       $_iifname = "iifname { ${iifdata} }"
     } -%>
     <%- if empty($oifname) {
       $_oifname = undef
     } else {
       $oifdata = $oifname.map |String[1] $interface| { "\"${interface}\"" }.join(', ')
       $_oifname = "oifname { ${oifdata} }"
     } -%>
     <%= regsubst(strip([$_ip_version_filter, $_iifname, $_oifname, $_src_port, $_dst_port, $_src_hosts, $_dst_hosts, $_counter, $action, $_comment].join(' ')), '\s+', ' ', 'G') -%>

Formats disponibles : Unified diff