Mercurial > repos > other > Puppet
comparison modules/firewall/manifests/params.pp @ 478:adf6fe9bbc17
Update Puppet modules to latest versions
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Thu, 29 Aug 2024 18:47:29 +0100 |
parents | 66c406eec60d |
children |
comparison
equal
deleted
inserted
replaced
477:21f6add30502 | 478:adf6fe9bbc17 |
---|---|
1 # @summary Provides defaults for the Apt module parameters. | 1 # @summary Provides defaults for the Apt module parameters |
2 # | 2 # |
3 # @api private | 3 # @api private |
4 # | 4 # |
5 class firewall::params { | 5 class firewall::params { |
6 $package_ensure = 'present' | 6 $package_ensure = 'present' |
7 case $::osfamily { | 7 case $facts['os']['family'] { |
8 'RedHat': { | 8 'RedHat': { |
9 case $::operatingsystem { | 9 case $facts['os']['name'] { |
10 'Amazon': { | 10 'Amazon': { |
11 $service_name = 'iptables' | 11 $service_name = 'iptables' |
12 $service_name_v6 = 'ip6tables' | 12 $service_name_v6 = 'ip6tables' |
13 $package_name = undef | 13 $package_name = undef |
14 $iptables_name = 'iptables' | |
14 $sysconfig_manage = true | 15 $sysconfig_manage = true |
16 $firewalld_manage = true | |
15 } | 17 } |
16 'Fedora': { | 18 'Fedora': { |
17 $service_name = 'iptables' | 19 $service_name = 'iptables' |
18 $service_name_v6 = 'ip6tables' | 20 $service_name_v6 = 'ip6tables' |
19 if versioncmp($::operatingsystemrelease, '15') >= 0 { | 21 if versioncmp($facts['os']['release']['full'], '34') >= 0 { |
20 $package_name = 'iptables-services' | 22 $package_name = 'iptables-services' |
23 $iptables_name = 'iptables-compat' | |
21 } else { | 24 } else { |
25 $iptables_name = 'iptables' | |
22 $package_name = undef | 26 $package_name = undef |
23 } | 27 } |
24 $sysconfig_manage = true | 28 $sysconfig_manage = true |
29 $firewalld_manage = true | |
25 } | 30 } |
26 default: { | 31 default: { |
27 if versioncmp($::operatingsystemrelease, '8.0') >= 0 { | 32 if versioncmp($facts['os']['release']['full'], '9') >= 0 { |
33 $service_name = ['nftables','iptables'] | |
34 $service_name_v6 = 'ip6tables' | |
35 $package_name = ['iptables-services', 'nftables', 'iptables-nft-services'] | |
36 $iptables_name = 'iptables-nft' | |
37 $sysconfig_manage = false | |
38 $firewalld_manage = true | |
39 } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 { | |
28 $service_name = ['iptables', 'nftables'] | 40 $service_name = ['iptables', 'nftables'] |
29 $service_name_v6 = 'ip6tables' | 41 $service_name_v6 = 'ip6tables' |
30 $package_name = ['iptables-services', 'nftables'] | 42 $package_name = ['iptables-services', 'nftables'] |
43 $iptables_name = 'iptables' | |
31 $sysconfig_manage = false | 44 $sysconfig_manage = false |
32 } elsif versioncmp($::operatingsystemrelease, '7.0') >= 0 { | 45 $firewalld_manage = true |
46 } elsif versioncmp($facts['os']['release']['full'], '7.0') >= 0 { | |
33 $service_name = 'iptables' | 47 $service_name = 'iptables' |
34 $service_name_v6 = 'ip6tables' | 48 $service_name_v6 = 'ip6tables' |
35 $package_name = 'iptables-services' | 49 $package_name = 'iptables-services' |
50 $iptables_name = 'iptables' | |
36 $sysconfig_manage = true | 51 $sysconfig_manage = true |
52 $firewalld_manage = true | |
37 } else { | 53 } else { |
38 $service_name = 'iptables' | 54 $service_name = 'iptables' |
39 $service_name_v6 = 'ip6tables' | 55 $service_name_v6 = 'ip6tables' |
40 $package_name = 'iptables-ipv6' | 56 $package_name = 'iptables-ipv6' |
57 $iptables_name = 'iptables' | |
41 $sysconfig_manage = true | 58 $sysconfig_manage = true |
59 $firewalld_manage = true | |
42 } | 60 } |
43 } | 61 } |
44 } | 62 } |
45 } | 63 } |
46 'Debian': { | 64 'Debian': { |
47 $service_name_v6 = undef | 65 $service_name_v6 = undef |
48 case $::operatingsystem { | 66 $iptables_name = 'iptables' |
67 case $facts['os']['name'] { | |
49 'Debian': { | 68 'Debian': { |
50 if versioncmp($::operatingsystemrelease, 'unstable') >= 0 { | 69 if versioncmp($facts['os']['release']['full'], 'unstable') >= 0 { |
51 $service_name = 'netfilter-persistent' | 70 $service_name = 'netfilter-persistent' |
52 $package_name = 'netfilter-persistent' | 71 $package_name = 'netfilter-persistent' |
53 } elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 { | 72 } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 { |
54 $service_name = 'netfilter-persistent' | 73 $service_name = 'netfilter-persistent' |
55 $package_name = 'iptables-persistent' | 74 $package_name = 'iptables-persistent' |
56 } else { | 75 } else { |
57 $service_name = 'iptables-persistent' | 76 $service_name = 'iptables-persistent' |
58 $package_name = 'iptables-persistent' | 77 $package_name = 'iptables-persistent' |
59 } | 78 } |
60 } | 79 } |
61 'Ubuntu': { | 80 'Ubuntu': { |
62 if versioncmp($::operatingsystemrelease, '14.10') >= 0 { | 81 if versioncmp($facts['os']['release']['full'], '14.10') >= 0 { |
63 $service_name = 'netfilter-persistent' | 82 $service_name = 'netfilter-persistent' |
64 $package_name = 'iptables-persistent' | 83 $package_name = 'iptables-persistent' |
65 } else { | 84 } else { |
66 $service_name = 'iptables-persistent' | 85 $service_name = 'iptables-persistent' |
67 $package_name = 'iptables-persistent' | 86 $package_name = 'iptables-persistent' |
77 $service_name = ['iptables','ip6tables'] | 96 $service_name = ['iptables','ip6tables'] |
78 $service_name_v6 = undef | 97 $service_name_v6 = undef |
79 $package_name = 'net-firewall/iptables' | 98 $package_name = 'net-firewall/iptables' |
80 } | 99 } |
81 default: { | 100 default: { |
101 $iptables_name = 'iptables' | |
82 $service_name_v6 = undef | 102 $service_name_v6 = undef |
83 case $::operatingsystem { | 103 case $facts['os']['name'] { |
84 'Archlinux': { | 104 'Archlinux': { |
85 $service_name = ['iptables','ip6tables'] | 105 $service_name = ['iptables','ip6tables'] |
86 $package_name = undef | 106 $package_name = undef |
87 } | 107 } |
88 default: { | 108 default: { |