From c8f0e0424490cb5d06785266ac9b4214200a7070 Mon Sep 17 00:00:00 2001
From: Kilian Engelhardt <kilian.engelhardt@godaddy.com>
Date: Wed, 3 Feb 2021 21:32:57 +0100
Subject: add 'Integer' to 'Ferm::Protocols' to allow numberic values

> The specified protocol can be one of tcp, udp, udplite, icmp, icmpv6,esp,
> ah, sctp, mh or the special keyword "all", or it can be a numeric value,
> representing one of these protocols or a different one.
source: https://ipset.netfilter.org/iptables.man.html

Also see [0] for Assigned Internet Protocol Numbers.

--
[0] https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
---
 types/protocols.pp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/types/protocols.pp b/types/protocols.pp
index cdd76b2..1c11159 100644
--- a/types/protocols.pp
+++ b/types/protocols.pp
@@ -1,5 +1,7 @@
 # @summary a list of allowed protocolls to match
 type Ferm::Protocols = Variant[
+  Integer[0, 255],
+  Array[Integer[0, 255]],
   Enum['icmp', 'tcp', 'udp', 'udplite', 'icmpv6', 'esp', 'ah', 'sctp', 'mh', 'all'],
   Array[Enum['icmp', 'tcp', 'udp', 'udplite', 'icmpv6', 'esp', 'ah', 'sctp', 'mh', 'all']],
 ]
-- 
cgit v1.2.3


From 21596ec62169b130c756c3198cd08a7d625d1167 Mon Sep 17 00:00:00 2001
From: Kilian Engelhardt <kilian.engelhardt@godaddy.com>
Date: Wed, 3 Feb 2021 21:38:27 +0100
Subject: add test for numeric value protocols

---
 spec/type_aliases/protocols_spec.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/spec/type_aliases/protocols_spec.rb b/spec/type_aliases/protocols_spec.rb
index a067b69..b13b7b2 100644
--- a/spec/type_aliases/protocols_spec.rb
+++ b/spec/type_aliases/protocols_spec.rb
@@ -15,6 +15,8 @@ describe 'Ferm::Protocols' do
       'mh',
       'all',
       ['icmp', 'tcp', 'udp'],
+      0,
+      [0, 4],
     ].each do |value|
       describe value.inspect do
         it { is_expected.to allow_value(value) }
@@ -36,6 +38,8 @@ describe 'Ferm::Protocols' do
         [95_000, 67_000],
         {},
         { 'foo' => 'bar' },
+        256,
+        ['icmp', 256],
       ].each do |value|
         describe value.inspect do
           it { is_expected.not_to allow_value(value) }
-- 
cgit v1.2.3


From 78f059837a97186bf6843b44fdc74abff48f7ad4 Mon Sep 17 00:00:00 2001
From: Kilian Engelhardt <kilian.engelhardt@godaddy.com>
Date: Thu, 4 Feb 2021 19:00:44 +0100
Subject: add Integer as data type to rule.pp's selector statement

---
 manifests/rule.pp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/manifests/rule.pp b/manifests/rule.pp
index 611e604..49d5292 100644
--- a/manifests/rule.pp
+++ b/manifests/rule.pp
@@ -89,8 +89,9 @@ define ferm::rule (
   }
 
   $proto_real = $proto ? {
-    Array  => "proto (${join($proto, ' ')})",
-    String => "proto ${proto}",
+    Array   => "proto (${join($proto, ' ')})",
+    String  => "proto ${proto}",
+    Integer => "proto ${proto}",
   }
 
   if $dport =~ Array {
-- 
cgit v1.2.3