Puppet Class: r_profile::linux::iptables

Defined in:
manifests/linux/iptables.pp

Overview

R_profile::Linux::Iptables

Management of the IPtables Linux firewall

Parameters:

  • ensuretakecontroloftheIPtablesfirewall,turn ('managed''disabled')

    IPtables off, ‘unmanaged’ do not change firewall settings

  • ensure (Enum['managed', 'disabled', 'unmanaged']) (defaults to: hiera('r_profile::linux::iptables::ensure', 'unmanaged')) 


7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'manifests/linux/iptables.pp', line 7

class r_profile::linux::iptables(
    Enum['managed', 'disabled', 'unmanaged'] $ensure = hiera('r_profile::linux::iptables::ensure', 'unmanaged'),
) {
  # Suggested global firewall defaults declared in r10k-control/manifests/site.pp
  #Firewall {
  #  before  => Class['profile::fw::post'],
  #  require => Class['profile::fw::pre'],
  #}

  if $ensure == 'managed' {
    include firewall
    include r_profile::fw::pre
    include r_profile::fw::post
  } elsif $ensure == 'disabled' {
    class { 'firewall':
      ensure => stopped,
    }
  } # else unmanaged, so do nothing
}