diff options
author | James Slagle <jslagle@redhat.com> | 2016-04-20 09:03:03 -0400 |
---|---|---|
committer | James Slagle <jslagle@redhat.com> | 2016-04-20 10:17:24 -0400 |
commit | a005e3e052a4e41397e7060ad3bc8f45860e5336 (patch) | |
tree | 7308f8793e00618a27238fba783a2b6e0cc23d49 /manifests/firewall | |
parent | 33c6afe89ade18f3017158bddf60c1e51937583e (diff) |
Add destination parameter to firewall rule
Specifying a destination cidr is already supported by
puppetlabs-firewall, we just need to pass through the parameter in
rule.pp in puppet-tripleo.
This will allow creating iptables rules that forward network traffic for
a given cidr via puppet-tripleo.
Change-Id: I23582a55cd97248be52f45e14de7e813ff499ff7
Diffstat (limited to 'manifests/firewall')
-rw-r--r-- | manifests/firewall/rule.pp | 38 |
1 files changed, 22 insertions, 16 deletions
diff --git a/manifests/firewall/rule.pp b/manifests/firewall/rule.pp index 02afbc2..ca9c6d0 100644 --- a/manifests/firewall/rule.pp +++ b/manifests/firewall/rule.pp @@ -47,29 +47,35 @@ # (optional) The chain associated to the rule. # Defaults to 'INPUT' # -# [*extras*] +# [*destination*] +# (optional) The destination cidr associated to the rule. +# Defaults to undef +# +# [*extras*] # (optional) Hash of any puppetlabs-firewall supported parameters. # Defaults to {} # define tripleo::firewall::rule ( - $port = undef, - $proto = 'tcp', - $action = 'accept', - $state = ['NEW'], - $source = '0.0.0.0/0', - $iniface = undef, - $chain = 'INPUT', - $extras = {}, + $port = undef, + $proto = 'tcp', + $action = 'accept', + $state = ['NEW'], + $source = '0.0.0.0/0', + $iniface = undef, + $chain = 'INPUT', + $destination = undef, + $extras = {}, ) { $basic = { - 'port' => $port, - 'proto' => $proto, - 'action' => $action, - 'state' => $state, - 'source' => $source, - 'iniface' => $iniface, - 'chain' => $chain, + 'port' => $port, + 'proto' => $proto, + 'action' => $action, + 'state' => $state, + 'source' => $source, + 'iniface' => $iniface, + 'chain' => $chain, + 'destination' => $destination, } $rule = merge($basic, $extras) |