Projet

Général

Profil

Révision f1ef02c5

IDf1ef02c555f09187f9a1877d8198b5c582687fe0
Parent 09b07e56
Enfant 55277023

Ajouté par Nacho Barrientos il y a plus de 4 ans

Encapsulate addr-related exprs in Nftables::Addr

Voir les différences:

manifests/simplerule.pp
63 63 
  Optional[String] $comment = undef,
64 64 
  Optional[Nftables::Port] $dport = undef,
65 65 
  Optional[Enum['tcp', 'tcp4', 'tcp6', 'udp', 'udp4', 'udp6']] $proto = undef,
66 
  Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $daddr = undef,
66 
  Optional[Nftables::Addr] $daddr = undef,
67 67 
  Enum['ip', 'ip6'] $set_type = 'ip6',
68 68 
  Optional[Nftables::Port] $sport = undef,
69 
  Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $saddr = undef,
69 
  Optional[Nftables::Addr] $saddr = undef,
70 70 
  Boolean $counter = false,
71 71 
) {
72 72 
  if $dport and !$proto {
spec/type_aliases/nftables_addr_spec.rb
1 
require 'spec_helper'
2 

  		




  
  3
  
    
describe 'Nftables::Addr' do


  		




  
  4
  
    
  it { is_expected.to allow_value('127.0.0.1') }


  		




  
  5
  
    
  it { is_expected.to allow_value('172.16.1.0/24') }


  		




  
  6
  
    
  it { is_expected.to allow_value('2001:1458::/32') }


  		




  
  7
  
    
  it { is_expected.to allow_value('2001:1458::3') }


  		




  
  8
  
    
  it { is_expected.to allow_value('@set_name') }


  		




  
  9
  
    
  it { is_expected.not_to allow_value('anything') }


  		




  
  10
  
    
  it { is_expected.not_to allow_value(43) }


  		




  
  11
  
    
  it { is_expected.not_to allow_value(['127.0.0.1']) }


  		




  
  12
  
    
end


  		












  

    
      templates/simplerule.epp
    
  





  1
  1
  
    
<%- | String                  $action,


  		




  2
  2
  
    
      Optional[String]        $comment,


  		




  3
  3
  
    
      Boolean                 $counter,


  		




  4
  
  
    
      Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $daddr,


  		




  
  4
  
    
      Optional[Nftables::Addr] $daddr,


  		




  5
  5
  
    
      Optional[Nftables::Port] $dport,


  		




  6
  6
  
    
      Optional[String]        $proto,


  		




  7
  
  
    
      Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $saddr,


  		




  
  7
  
    
      Optional[Nftables::Addr] $saddr,


  		




  8
  8
  
    
      Enum['ip', 'ip6']       $set_type,


  		




  9
  9
  
    
      Optional[Nftables::Port] $sport,


  		




  10
  10
  
    
| -%>


  		












  

    
      types/addr.pp
    
  





  
  1
  
    
# @summary


  		




  
  2
  
    
#   Represents an address expression to be used within a rule.


  		




  
  3
  
    
type Nftables::Addr = Variant[


  		




  
  4
  
    
  Stdlib::IP::Address::V6,


  		




  
  5
  
    
  Stdlib::IP::Address::V4, 


  		




  
  6
  
    
  Nftables::Addr::Set


  		




  
  7
  
    
]


  		












  

    
      types/addr/set.pp
    
  





  
  1
  
    
# @summary


  		




  
  2
  
    
#   Represents a set expression to be used within a rule.


  		




  
  3
  
    
type Nftables::Addr::Set = Pattern[/^@[-a-zA-Z0-9_]+$/]


  		












Formats disponibles :  Unified diff