Puppet Class: nftables::rules::out::ldap

Defined in:
manifests/rules/out/ldap.pp

Summary

manage outgoing ldap

Overview

Parameters:

  • ldapserver (Variant[Stdlib::IP::Address,Array[Stdlib::IP::Address,1]])

    ldapserver IPs

  • ldapserver_ports (Array[Stdlib::Port,1]) (defaults to: [389, 636])

    ldapserver ports



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
# File 'manifests/rules/out/ldap.pp', line 5

class nftables::rules::out::ldap (
  Variant[Stdlib::IP::Address,Array[Stdlib::IP::Address,1]] $ldapserver,
  Array[Stdlib::Port,1] $ldapserver_ports = [389, 636],
) {
  Array($ldapserver, true).each |$index,$ls| {
    nftables::rule {
      "default_out-ldapserver-${index}":
    }
    if $ls =~ Stdlib::IP::Address::V6 {
      Nftables::Rule["default_out-ldapserver-${index}"] {
        content => "ip6 daddr ${ls} tcp dport {${join($ldapserver_ports,', ')}} accept",
      }
    } else {
      Nftables::Rule["default_out-ldapserver-${index}"] {
        content => "ip daddr ${ls} tcp dport {${join($ldapserver_ports,', ')}} accept",
      }
    }
  }
}