root / manifests / bridges.pp @ fd0eaeca
Historique | Voir | Annoter | Télécharger (523 octets)
| 1 | fd0eaeca | tr | # allow forwarding traffic on bridges |
|---|---|---|---|
| 2 | class nftables::bridges( |
||
| 3 | Enum['present','absent'] |
||
| 4 | $ensure = 'present', |
||
| 5 | Regexp |
||
| 6 | $bridgenames = /br+/ |
||
| 7 | ) {
|
||
| 8 | if $ensure == 'present' {
|
||
| 9 | $interfaces = keys($facts['networking']['interfaces']) |
||
| 10 | $bridges = $interfaces.filter |$items| { $items =~ $bridgenames }
|
||
| 11 | |||
| 12 | $bridges.each |String $bridge| {
|
||
| 13 | nftables::rule { "default_fwd-bridge_${bridge}_${bridge}":
|
||
| 14 | order => '08', |
||
| 15 | content => "iifname ${bridge} oifname ${bridge} accept",
|
||
| 16 | } |
||
| 17 | } |
||
| 18 | } |
||
| 19 | } |