Defined Type: ferm::service

Defined in:
modules/ferm/manifests/service.pp

Overview

Define ferm::service

Uses ferm def &SERVICE or &R_SERVICE to allow incoming connections on the specific protocol and port.

If $srange is not provided, all source addresses will be allowed. otherwise only traffic coming from $srange will be allowed.

If $drange is not provided, all dest addresses will be allowed. otherwise only traffic incoming to $drange will be allowed.

Parameters:

  • proto (Any)
  • port (Any)
  • ensure (Any) (defaults to: present)
  • desc (Any) (defaults to: '')
  • prio (Any) (defaults to: '10')
  • srange (Any) (defaults to: undef)
  • drange (Any) (defaults to: undef)
  • notrack (Any) (defaults to: false) 


11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'modules/ferm/manifests/service.pp', line 11

define ferm::service(
    $proto,
    $port,
    $ensure  = present,
    $desc    = '',
    $prio    = '10',
    $srange  = undef,
    $drange  = undef,
    $notrack = false,
) {
    @file { "/etc/ferm/conf.d/${prio}_${name}":
        ensure  => $ensure,
        owner   => 'root',
        group   => 'root',
        mode    => '0400',
        content => template('ferm/service.erb'),
        require => File['/etc/ferm/conf.d'],
        notify  => Service['ferm'],
        tag     => 'ferm',
    }
}