## cd_apache::firewall::iptables.pp
# Module name: cd_apache
# Author: Arne Teuke (arne_teuke@ConfDroid.com)
# License:
#    This file is part of cd_apache.
#
#    cd_apache is used for providing automatic configuration of
#    log analyzer.
#    Copyright (C) 2017  ConfDroid (copyright@ConfDroid.com)
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
# @summary manage firewall settings through cd_firewall or puppetlabs-firewall
###############################################################################
class cd_apache::firewall::iptables (

) inherits cd_apache::params {

  if $ae_manage_fw == true {

    firewall { "${ae_order_no}${ae_http_port} tcp http port ${ae_http_port}":
      proto   => ['tcp','udp'],
      dport   => $ae_http_port,
      action  => 'accept',
    }

    firewall { "${ae_order_no}${ae_https_port} tcp http port ${ae_https_port}":
      proto   => ['tcp','udp'],
      dport   => $ae_https_port,
      action  => 'accept',
    }
  }
}