root / manifests / rules / out / pxp_agent.pp @ master
Historique | Voir | Annoter | Télécharger (814 octets)
| 1 |
# @summary manage outgoing pxp-agent |
|---|---|
| 2 |
# |
| 3 |
# @param broker PXP broker IP(s) |
| 4 |
# @param broker_port PXP broker port |
| 5 |
# |
| 6 |
# @see also take a look at nftables::rules::out::puppet, because the PXP agent also connects to a Puppetserver |
| 7 |
# |
| 8 |
class nftables::rules::out::pxp_agent ( |
| 9 |
Variant[Stdlib::IP::Address,Array[Stdlib::IP::Address,1]] $broker, |
| 10 |
Stdlib::Port $broker_port = 8142, |
| 11 |
) {
|
| 12 |
Array($broker, true).each |$index,$ps| {
|
| 13 |
nftables::rule {
|
| 14 |
"default_out-pxpagent-${index}":
|
| 15 |
} |
| 16 |
if $ps =~ Stdlib::IP::Address::V6 {
|
| 17 |
Nftables::Rule["default_out-pxpagent-${index}"] {
|
| 18 |
content => "ip6 daddr ${ps} tcp dport ${broker_port} accept",
|
| 19 |
} |
| 20 |
} else {
|
| 21 |
Nftables::Rule["default_out-pxpagent-${index}"] {
|
| 22 |
content => "ip daddr ${ps} tcp dport ${broker_port} accept",
|
| 23 |
} |
| 24 |
} |
| 25 |
} |
| 26 |
} |