5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
# File 'manifests/params.pp', line 5
class firewall::params {
$package_ensure = 'present'
case $::osfamily {
'RedHat': {
case $::operatingsystem {
'Amazon': {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
$package_name = undef
$iptables_name = 'iptables'
$sysconfig_manage = true
$firewalld_manage = true
}
'Fedora': {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
if versioncmp($::operatingsystemrelease, '34') >= 0 {
$package_name = 'iptables-services'
$iptables_name = 'iptables-compat'
} elsif versioncmp($::operatingsystemrelease, '15') >= 0 {
$package_name = 'iptables-services'
$iptables_name = 'iptables'
} else {
$iptables_name = 'iptables'
$package_name = undef
}
$sysconfig_manage = true
$firewalld_manage = true
}
default: {
if versioncmp($::operatingsystemrelease, '9') >= 0 {
$service_name = 'nftables'
$service_name_v6 = 'ip6tables'
$package_name = ['iptables-services', 'nftables', 'iptables-nft-services']
$iptables_name = 'iptables'
$sysconfig_manage = false
$firewalld_manage = false
} elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 {
$service_name = ['iptables', 'nftables']
$service_name_v6 = 'ip6tables'
$package_name = ['iptables-services', 'nftables']
$iptables_name = 'iptables'
$sysconfig_manage = false
$firewalld_manage = true
} elsif versioncmp($::operatingsystemrelease, '7.0') >= 0 {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
$package_name = 'iptables-services'
$iptables_name = 'iptables'
$sysconfig_manage = true
$firewalld_manage = true
} else {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
$package_name = 'iptables-ipv6'
$iptables_name = 'iptables'
$sysconfig_manage = true
$firewalld_manage = true
}
}
}
}
'Debian': {
$service_name_v6 = undef
$iptables_name = 'iptables'
case $::operatingsystem {
'Debian': {
if versioncmp($::operatingsystemrelease, 'unstable') >= 0 {
$service_name = 'netfilter-persistent'
$package_name = 'netfilter-persistent'
} elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 {
$service_name = 'netfilter-persistent'
$package_name = 'iptables-persistent'
} else {
$service_name = 'iptables-persistent'
$package_name = 'iptables-persistent'
}
}
'Ubuntu': {
if versioncmp($::operatingsystemrelease, '14.10') >= 0 {
$service_name = 'netfilter-persistent'
$package_name = 'iptables-persistent'
} else {
$service_name = 'iptables-persistent'
$package_name = 'iptables-persistent'
}
}
default: {
$service_name = 'iptables-persistent'
$package_name = 'iptables-persistent'
}
}
}
'Gentoo': {
$service_name = ['iptables','ip6tables']
$service_name_v6 = undef
$package_name = 'net-firewall/iptables'
}
default: {
$iptables_name = 'iptables'
$service_name_v6 = undef
case $::operatingsystem {
'Archlinux': {
$service_name = ['iptables','ip6tables']
$package_name = undef
}
default: {
$service_name = 'iptables'
$package_name = undef
}
}
}
}
}
|