diff options
| author | Thore Bödecker <me@foxxx0.de> | 2019-09-11 16:07:44 +0200 |
|---|---|---|
| committer | Thore Bödecker <me@foxxx0.de> | 2019-09-11 16:54:19 +0200 |
| commit | 8e4920c3ceef338432fa01f1f8d2f6597f9fff05 (patch) | |
| tree | 9679fe9c45dd0741325c179aedaf5cc91dfd3225 /manifests | |
| parent | 6d96e030be0db4a916dd6a9bd0b25570d359e634 (diff) | |
| download | puppet-ferm-8e4920c3ceef338432fa01f1f8d2f6597f9fff05.tar.gz puppet-ferm-8e4920c3ceef338432fa01f1f8d2f6597f9fff05.tar.bz2 | |
expose parameter to initialize custom chains
Previously it was not possible to define custom chains with parameter,
e.g. in order to collect them from hiera.
This commit adds this functionality, just like it was already in place for
ferm::rules.
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/init.pp | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index d2251c9..2f5e1ef 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -55,6 +55,9 @@ # @param rules A hash that holds all data for ferm::rule # Default value: Empty Hash # Allowed value: Any Hash +# @param chains A hash that holds all data for ferm::chain +# Default value: Empty Hash +# Allowed value: Any Hash # @param forward_log_dropped_packets Enable/Disable logging in the FORWARD chain of packets to the kernel log, if no explicit chain matched # Default value: false # Allowed values: (true|false) @@ -84,6 +87,7 @@ class ferm ( Boolean $output_log_dropped_packets, Boolean $input_log_dropped_packets, Hash $rules, + Hash $chains, Array[Enum['ip','ip6']] $ip_versions, Hash[String[1],Array[String[1]]] $preserve_chains_in_tables, ) { @@ -98,6 +102,12 @@ class ferm ( Ferm::Chain <| |> ~> Class['ferm::service'] + $chains.each |$chainname, $attributes| { + ferm::chain{$chainname: + * => $attributes, + } + } + $rules.each |$rulename, $attributes| { ferm::rule{$rulename: * => $attributes, |