From 0bf0f72defc5260346717cf7c9d836342b34ebd6 Mon Sep 17 00:00:00 2001
From: James Slagle <jslagle@redhat.com>
Date: Wed, 20 Apr 2016 10:11:36 -0400
Subject: Add dport/sport parameter to firewall rule

The port parameter to puppetlabs-firewall is actually deprecated[1].
This adds support for using the new parameter names dport and sport. The
port parameter is still retained in puppet-tripleo for backwards
compatibily for anyone using that interface. It is marked deprecated in
the documentation, however no deprecation warning is needed because
there is already a warning from from puppetlabs-firewall.

blueprint undercloud-elements
Change-Id: I0598007f90018f80a3266193bb24dbf112de49b7
---
 manifests/firewall/pre.pp  |  2 +-
 manifests/firewall/rule.pp | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

(limited to 'manifests')

diff --git a/manifests/firewall/pre.pp b/manifests/firewall/pre.pp
index 2d7203a..7af7fbc 100644
--- a/manifests/firewall/pre.pp
+++ b/manifests/firewall/pre.pp
@@ -50,7 +50,7 @@ class tripleo::firewall::pre(
   }
 
   tripleo::firewall::rule{ '003 accept ssh':
-    port   => '22',
+    dport  => '22',
     extras => $firewall_settings,
   }
 
diff --git a/manifests/firewall/rule.pp b/manifests/firewall/rule.pp
index ca9c6d0..c63162b 100644
--- a/manifests/firewall/rule.pp
+++ b/manifests/firewall/rule.pp
@@ -23,6 +23,14 @@
 #  (optional) The port associated to the rule.
 #  Defaults to undef
 #
+# [*dport*]
+#  (optional) The destination port associated to the rule.
+#  Defaults to undef
+#
+# [*sport*]
+#  (optional) The source port associated to the rule.
+#  Defaults to undef
+#
 # [*proto*]
 #  (optional) The protocol associated to the rule.
 #  Defaults to 'tcp'
@@ -57,6 +65,8 @@
 #
 define tripleo::firewall::rule (
   $port        = undef,
+  $dport       = undef,
+  $sport       = undef,
   $proto       = 'tcp',
   $action      = 'accept',
   $state       = ['NEW'],
@@ -69,6 +79,8 @@ define tripleo::firewall::rule (
 
   $basic = {
     'port'        => $port,
+    'dport'       => $dport,
+    'sport'       => $sport,
     'proto'       => $proto,
     'action'      => $action,
     'state'       => $state,
-- 
cgit 1.2.3-korg