Puppet Class: rsyslog::server::firewall

Defined in:
manifests/server/firewall.pp

Summary

Sets up the firewall rules for RSyslog with IPTables

Overview

**NOTE: THIS IS A [PRIVATE](github.com/puppetlabs/puppetlabs-stdlib#assert_private) CLASS**

In ports will be openened for all systems inside of the “$rsyslog::trusted_nets“ Array.



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'manifests/server/firewall.pp', line 8

class rsyslog::server::firewall {
  assert_private()

  simplib::assert_optional_dependency($module_name, 'simp/iptables')

  if $rsyslog::tls_tcp_server {
    iptables::listen::tcp_stateful { 'syslog_tls_tcp':
      trusted_nets => $rsyslog::trusted_nets,
      dports       => $rsyslog::tls_tcp_listen_port
    }
  }

  if $rsyslog::tcp_server {
    iptables::listen::tcp_stateful { 'syslog_tcp':
      trusted_nets => $rsyslog::trusted_nets,
      dports       => $rsyslog::tcp_listen_port
    }
  }

  if $rsyslog::udp_server {
    iptables::listen::udp { 'syslog_udp':
      trusted_nets => $rsyslog::trusted_nets,
      dports       => $rsyslog::udp_listen_port
    }
  }
}