control-repo/site-modules/profile/manifests/firewall.pp
Henry Wang e9e058fb2b ststs
2019-10-21 12:14:31 +08:00

37 lines
865 B
Puppet

# == Class: profile::firewall
#
# Class to configure the firewall on various platforms
#
class profile::firewall (
# Class parameters are populated from External(hiera)/Defaults/Fail
Boolean $enable = false,
String $module = 'firewall',
){
if $facts['os']['family'] == 'RedHat' {
# firewalld - do not use this for new config
if $module == 'firewalld' {
if $enable {
class { 'firewalld': }
}
else {
class { 'firewalld':
service_ensure => 'stopped',
service_enable => false,
}
}
}
else {
# Use this for new config
if $enable {
class { 'profile::firewall::start': }
-> class { 'profile::firewall::app_rules': }
-> class { 'profile::firewall::finish': }
}
else {
class { 'profile::firewall::stop': }
}
}
}
}