Puppet Class: firewall

Defined in:
modules/firewall/manifests/init.pp

Summary

wrapper class to provide common interface to ferm and nftables

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • provider (Firewall::Provider) (defaults to: 'none')

    which firewall provider to use



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
# File 'modules/firewall/manifests/init.pp', line 4

class firewall (
    Firewall::Provider $provider = 'none',
) {
    unless $provider == 'none' {
        class { 'ferm': # lint:ignore:wmf_styleguide
            ensure => stdlib::ensure($provider == 'ferm'),
        }

        # There is currently no Puppet-driven migration path ferm->nft,
        # so always pass ensure=>present if the nftables provider is selected
        if $provider == 'nftables' {
            class { '::nftables': # lint:ignore:wmf_styleguide
                ensure => 'present',
            }
        }
    }
}