Mercurial > repos > other > Puppet
comparison modules/firewall/manifests/params.pp @ 478:adf6fe9bbc17
Update Puppet modules to latest versions
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Thu, 29 Aug 2024 18:47:29 +0100 |
| parents | 66c406eec60d |
| children |
comparison
equal
deleted
inserted
replaced
| 477:21f6add30502 | 478:adf6fe9bbc17 |
|---|---|
| 1 # @summary Provides defaults for the Apt module parameters. | 1 # @summary Provides defaults for the Apt module parameters |
| 2 # | 2 # |
| 3 # @api private | 3 # @api private |
| 4 # | 4 # |
| 5 class firewall::params { | 5 class firewall::params { |
| 6 $package_ensure = 'present' | 6 $package_ensure = 'present' |
| 7 case $::osfamily { | 7 case $facts['os']['family'] { |
| 8 'RedHat': { | 8 'RedHat': { |
| 9 case $::operatingsystem { | 9 case $facts['os']['name'] { |
| 10 'Amazon': { | 10 'Amazon': { |
| 11 $service_name = 'iptables' | 11 $service_name = 'iptables' |
| 12 $service_name_v6 = 'ip6tables' | 12 $service_name_v6 = 'ip6tables' |
| 13 $package_name = undef | 13 $package_name = undef |
| 14 $iptables_name = 'iptables' | |
| 14 $sysconfig_manage = true | 15 $sysconfig_manage = true |
| 16 $firewalld_manage = true | |
| 15 } | 17 } |
| 16 'Fedora': { | 18 'Fedora': { |
| 17 $service_name = 'iptables' | 19 $service_name = 'iptables' |
| 18 $service_name_v6 = 'ip6tables' | 20 $service_name_v6 = 'ip6tables' |
| 19 if versioncmp($::operatingsystemrelease, '15') >= 0 { | 21 if versioncmp($facts['os']['release']['full'], '34') >= 0 { |
| 20 $package_name = 'iptables-services' | 22 $package_name = 'iptables-services' |
| 23 $iptables_name = 'iptables-compat' | |
| 21 } else { | 24 } else { |
| 25 $iptables_name = 'iptables' | |
| 22 $package_name = undef | 26 $package_name = undef |
| 23 } | 27 } |
| 24 $sysconfig_manage = true | 28 $sysconfig_manage = true |
| 29 $firewalld_manage = true | |
| 25 } | 30 } |
| 26 default: { | 31 default: { |
| 27 if versioncmp($::operatingsystemrelease, '8.0') >= 0 { | 32 if versioncmp($facts['os']['release']['full'], '9') >= 0 { |
| 33 $service_name = ['nftables','iptables'] | |
| 34 $service_name_v6 = 'ip6tables' | |
| 35 $package_name = ['iptables-services', 'nftables', 'iptables-nft-services'] | |
| 36 $iptables_name = 'iptables-nft' | |
| 37 $sysconfig_manage = false | |
| 38 $firewalld_manage = true | |
| 39 } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 { | |
| 28 $service_name = ['iptables', 'nftables'] | 40 $service_name = ['iptables', 'nftables'] |
| 29 $service_name_v6 = 'ip6tables' | 41 $service_name_v6 = 'ip6tables' |
| 30 $package_name = ['iptables-services', 'nftables'] | 42 $package_name = ['iptables-services', 'nftables'] |
| 43 $iptables_name = 'iptables' | |
| 31 $sysconfig_manage = false | 44 $sysconfig_manage = false |
| 32 } elsif versioncmp($::operatingsystemrelease, '7.0') >= 0 { | 45 $firewalld_manage = true |
| 46 } elsif versioncmp($facts['os']['release']['full'], '7.0') >= 0 { | |
| 33 $service_name = 'iptables' | 47 $service_name = 'iptables' |
| 34 $service_name_v6 = 'ip6tables' | 48 $service_name_v6 = 'ip6tables' |
| 35 $package_name = 'iptables-services' | 49 $package_name = 'iptables-services' |
| 50 $iptables_name = 'iptables' | |
| 36 $sysconfig_manage = true | 51 $sysconfig_manage = true |
| 52 $firewalld_manage = true | |
| 37 } else { | 53 } else { |
| 38 $service_name = 'iptables' | 54 $service_name = 'iptables' |
| 39 $service_name_v6 = 'ip6tables' | 55 $service_name_v6 = 'ip6tables' |
| 40 $package_name = 'iptables-ipv6' | 56 $package_name = 'iptables-ipv6' |
| 57 $iptables_name = 'iptables' | |
| 41 $sysconfig_manage = true | 58 $sysconfig_manage = true |
| 59 $firewalld_manage = true | |
| 42 } | 60 } |
| 43 } | 61 } |
| 44 } | 62 } |
| 45 } | 63 } |
| 46 'Debian': { | 64 'Debian': { |
| 47 $service_name_v6 = undef | 65 $service_name_v6 = undef |
| 48 case $::operatingsystem { | 66 $iptables_name = 'iptables' |
| 67 case $facts['os']['name'] { | |
| 49 'Debian': { | 68 'Debian': { |
| 50 if versioncmp($::operatingsystemrelease, 'unstable') >= 0 { | 69 if versioncmp($facts['os']['release']['full'], 'unstable') >= 0 { |
| 51 $service_name = 'netfilter-persistent' | 70 $service_name = 'netfilter-persistent' |
| 52 $package_name = 'netfilter-persistent' | 71 $package_name = 'netfilter-persistent' |
| 53 } elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 { | 72 } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 { |
| 54 $service_name = 'netfilter-persistent' | 73 $service_name = 'netfilter-persistent' |
| 55 $package_name = 'iptables-persistent' | 74 $package_name = 'iptables-persistent' |
| 56 } else { | 75 } else { |
| 57 $service_name = 'iptables-persistent' | 76 $service_name = 'iptables-persistent' |
| 58 $package_name = 'iptables-persistent' | 77 $package_name = 'iptables-persistent' |
| 59 } | 78 } |
| 60 } | 79 } |
| 61 'Ubuntu': { | 80 'Ubuntu': { |
| 62 if versioncmp($::operatingsystemrelease, '14.10') >= 0 { | 81 if versioncmp($facts['os']['release']['full'], '14.10') >= 0 { |
| 63 $service_name = 'netfilter-persistent' | 82 $service_name = 'netfilter-persistent' |
| 64 $package_name = 'iptables-persistent' | 83 $package_name = 'iptables-persistent' |
| 65 } else { | 84 } else { |
| 66 $service_name = 'iptables-persistent' | 85 $service_name = 'iptables-persistent' |
| 67 $package_name = 'iptables-persistent' | 86 $package_name = 'iptables-persistent' |
| 77 $service_name = ['iptables','ip6tables'] | 96 $service_name = ['iptables','ip6tables'] |
| 78 $service_name_v6 = undef | 97 $service_name_v6 = undef |
| 79 $package_name = 'net-firewall/iptables' | 98 $package_name = 'net-firewall/iptables' |
| 80 } | 99 } |
| 81 default: { | 100 default: { |
| 101 $iptables_name = 'iptables' | |
| 82 $service_name_v6 = undef | 102 $service_name_v6 = undef |
| 83 case $::operatingsystem { | 103 case $facts['os']['name'] { |
| 84 'Archlinux': { | 104 'Archlinux': { |
| 85 $service_name = ['iptables','ip6tables'] | 105 $service_name = ['iptables','ip6tables'] |
| 86 $package_name = undef | 106 $package_name = undef |
| 87 } | 107 } |
| 88 default: { | 108 default: { |