Puppet Class: confdroid_ssh::firewall::iptables

Inherits:

confdroid_ssh::params

Defined in:

manifests/firewall/iptables.pp

Summary

Class manages firewall rules for SSH

Overview

confdroid_ssh::firewall::iptables.pp Module name: confdroid_ssh Author: 12ww1160 (12ww1160@confdroid.com)

# File 'manifests/firewall/iptables.pp', line 6

class confdroid_ssh::firewall::iptables (

) inherits confdroid_ssh::params {
  if $ssh_use_firewall == true {
    firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
      ensure => 'present',
      proto  => 'tcp',
      source => $ssh_source_range,
      dport  => $ssh_fw_port,
      jump   => 'accept',
    }
  }
  else {
    firewall { "${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}":
      ensure => 'absent',
      proto  => 'tcp',
      source => $ssh_source_range,
      dport  => $ssh_fw_port,
      jump   => 'accept',
    }
  }
}