Commit 8edd4105 authored by mh's avatar mh
Browse files

make it easy to dispatch simple incoming rules

parent bd477b17
# manage incoming rule
define firewall::rule (
Nftables::RuleName $rule_name = $title,
Nftables::Port $port,
Enum['tcp','udp'] $proto,
) {
include firewall
if $firewall::use_nftables {
nftables::rule {
"default_in-${rule_name}":
content => "${proto} dport ${port} accept",
}
} else {
shorewall::rule { "net-me-${rule_name}-${proto}":
source => 'net',
destination => '$FW',
proto => $proto,
destinationport => String($port),
order => 240,
action => 'ACCEPT';
}
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment