37 lines
865 B
Puppet
37 lines
865 B
Puppet
# == Class: profile::firewall
|
|
#
|
|
# Class to configure the firewall on various platforms
|
|
#
|
|
class profile::firewall (
|
|
# Class parameters are populated from External(hiera)/Defaults/Fail
|
|
Boolean $enable = false,
|
|
String $module = 'firewall',
|
|
){
|
|
if $facts['os']['family'] == 'RedHat' {
|
|
# firewalld - do not use this for new config
|
|
if $module == 'firewalld' {
|
|
if $enable {
|
|
class { 'firewalld': }
|
|
}
|
|
else {
|
|
class { 'firewalld':
|
|
service_ensure => 'stopped',
|
|
service_enable => false,
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
# Use this for new config
|
|
if $enable {
|
|
class { 'profile::firewall::start': }
|
|
-> class { 'profile::firewall::app_rules': }
|
|
-> class { 'profile::firewall::finish': }
|
|
}
|
|
else {
|
|
class { 'profile::firewall::stop': }
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|