## cd_nagios::firewall::iptables.pp
# Module name: cd_nagios
# Author: Arne Teuke (arne_teuke@ConfDroid.com)
# License:
#    This file is part of cd_nagios.
#
#    cd_nagios is used for providing automatic configuration of
#    <service / purpose>
#    Copyright (C) 2017  ConfDroid (copyright@ConfDroid.com)
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
# @summary manage firewall settings through cd_firewall or puppetlabs-firewall
###############################################################################
class cd_nagios::firewall::iptables (

) inherits cd_nagios::params {

  if $::fqdn == $ng_nagios_server {

    if $ng_use_https != true {

      firewall { "${ng_fw_order}${ng_http_port} port ${ng_http_port}":
        proto   => ['tcp','udp'],
        dport   => $ng_http_port,
        action  => 'accept',
      }
    }

    if $ng_use_https == true {

      firewall { "${ng_fw_order}${ng_https_port} port ${ng_https_port}":
        proto   => ['tcp','udp'],
        dport   => $ng_https_port,
        action  => 'accept',
      }

      if $ng_http_https_fw == true {

        firewall { "${ng_fw_order}${ng_http_port} port ${ng_http_port}":
          proto   => ['tcp','udp'],
          dport   => $ng_http_port,
          action  => 'accept',
        }
      }
    }
  }
}