From 2d355a4c1baadc761d6b12645d0274da8866f722 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Mon, 18 Sep 2017 15:23:36 +0200 Subject: initial commit --- docs/puppet_defined_types/ferm_3A_3Achain.html | 175 +++++++++++++++ docs/puppet_defined_types/ferm_3A_3Arule.html | 297 +++++++++++++++++++++++++ 2 files changed, 472 insertions(+) create mode 100644 docs/puppet_defined_types/ferm_3A_3Achain.html create mode 100644 docs/puppet_defined_types/ferm_3A_3Arule.html (limited to 'docs/puppet_defined_types') diff --git a/docs/puppet_defined_types/ferm_3A_3Achain.html b/docs/puppet_defined_types/ferm_3A_3Achain.html new file mode 100644 index 0000000..a3576c1 --- /dev/null +++ b/docs/puppet_defined_types/ferm_3A_3Achain.html @@ -0,0 +1,175 @@ + + + + + + + Defined Type: ferm::chain + + — Documentation by YARD 0.9.12 + + + + + + + + + + + + + + + + + +
+ +
+
+ +
+ + +

Defined Type: ferm::chain

+
+
+
Defined in:
+
+ manifests/chain.pp +
+
+
+ +

Overview

+
+
+

defined resource which creates all rules for one chain

+ +
+
+
+

Parameters:

+
    + +
  • + + policy + + + (Ferm::Policies) + + + + — +

    Set the default policy for a CHAIN

    +
    + +
    • + +
  • + + chain + + + (Ferm::Chains) + + + (defaults to: $name) + + + — +

    name of the chain that should be managed

    +
    + +
    • + +
+ + +
+ + + + + +
+ 
+
+
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+ 		+ 
# File 'manifests/chain.pp', line 4
+
+define ferm::chain (
+  Ferm::Policies $policy,
+  Ferm::Chains $chain = $name,
+) {
+
+  # concat resource for the chain
+  $filename = downcase($chain)
+  concat{"/etc/ferm.d/chains/${chain}.conf":
+    ensure  => 'present',
+  }
+
+  concat::fragment{"${chain}-policy":
+    target  => "/etc/ferm.d/chains/${chain}.conf",
+    content => epp("${module_name}/ferm_chain_header.conf.epp", {'policy' => $policy }),
+    order   => '01',
+  }
+}
+
+
+
+ + + +
+ + \ No newline at end of file diff --git a/docs/puppet_defined_types/ferm_3A_3Arule.html b/docs/puppet_defined_types/ferm_3A_3Arule.html new file mode 100644 index 0000000..cad82f6 --- /dev/null +++ b/docs/puppet_defined_types/ferm_3A_3Arule.html @@ -0,0 +1,297 @@ + + + + + + + Defined Type: ferm::rule + + — Documentation by YARD 0.9.12 + + + + + + + + + + + + + + + + + +
+ +
+
+ +
+ + +

Defined Type: ferm::rule

+
+
+
Defined in:
+
+ manifests/rule.pp +
+
+
+ +

Overview

+
+
+ +
+
+
+

Parameters:

+
    + +
  • + + chain + + + (Ferm::Chains) + + + +
    • + +
  • + + policy + + + (Ferm::Policies) + + + +
    • + +
  • + + proto + + + (Ferm::Protocols) + + + +
    • + +
  • + + comment + + + (String) + + + (defaults to: $name) + + +
    • + +
  • + + dport + + + (Optional[Variant[Integer,String]]) + + + (defaults to: undef) + + +
    • + +
  • + + sport + + + (Optional[Variant[Integer,String]]) + + + (defaults to: undef) + + +
    • + +
  • + + saddr + + + (Optional[String]) + + + (defaults to: undef) + + +
    • + +
  • + + daddr + + + (Optional[String]) + + + (defaults to: undef) + + +
    • + +
  • + + ensure + + + (Enum['absent','present']) + + + (defaults to: 'present') + + +
    • + +
+ + +
+ + + + + +
+ 
+
+
+1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+ 		+ 
# File 'manifests/rule.pp', line 1
+
+define ferm::rule (
+  Ferm::Chains $chain,
+  Ferm::Policies $policy,
+  Ferm::Protocols $proto,
+  String $comment = $name,
+  Optional[Variant[Integer,String]] $dport = undef,
+  Optional[Variant[Integer,String]] $sport = undef,
+  Optional[String] $saddr = undef,
+  Optional[String] $daddr = undef,
+  Enum['absent','present'] $ensure = 'present',
+){
+  $proto_real = "proto ${proto}"
+
+  $dport_real = $dport ? {
+    undef   => '',
+    default => "dport ${dport}",
+  }
+  $sport_real = $sport ? {
+    undef   => '',
+    default => "sport ${sport}",
+  }
+  $saddr_real = $saddr ? {
+    undef   => '',
+    default => "saddr @ipfilter(${saddr})",
+  }
+  $daddr_real = $daddr ? {
+    undef =>  '',
+    default => "daddr @ipfilter(${daddr})"
+  }
+  $comment_real = "mod comment comment '${comment}'"
+
+  $rule = squeeze("${comment_real} ${proto_real} ${dport_real} ${sport_real} ${daddr_real} ${saddr_real} ${policy};", ' ')
+  if $ensure == 'present' {
+    concat::fragment{"${chain}-${name}":
+      target  => "/etc/ferm.d/chains/${chain}.conf",
+      content => "${rule}\n",
+    }
+  }
+}
+
+
+
+ + + +
+ + \ No newline at end of file -- cgit v1.2.3