unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
ce12303576
puppet-prod/modules/firewall/manifests/rules/in/ssh.pp
Ben Vincent ce12303576 feat: add firewall module 
- add nftables/ipset modules
- add custom firewall module
2024-11-03 03:32:20 +11:00

17 lines
364 B
Puppet
Raw Blame History

class firewall::rules::in::ssh (
Array[Stdlib::Port] $ports = [22],
Optional[String] $ipset = undef,
) {
$ports.each |$port| {
if $ipset != '' {
$rule = "tcp dport ${port} ip saddr @${ipset} accept"
}else{
$rule = "tcp dport ${port} accept"
}
nftables::rule { "default_in-ssh_tcp_${port}":
content => $rule,
}
}
}
Reference in New Issue View Git Blame Copy Permalink