OP#561 add firewall

2026-04-05 15:16:48 +02:00
parent 256cf6ad08
commit 1d2e0097ba
6 changed files with 61 additions and 4 deletions
--- a/manifests/firewall/iptables.pp
+++ b/manifests/firewall/iptables.pp
@@ -0,0 +1,17 @@
+## confdroid_ssh::firewall::iptables.pp
+# Module name: confdroid_ssh
+# Author: 12ww1160 (12ww1160@confdroid.com)
+# @summary Class manages firewall rules for SSH
+##############################################################################
+class confdroid_ssh::firewall::iptables (
+
+) inherits confdroid_ssh::params {
+  if $ssh_use_firewall {
+    firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
+      ensure => 'present',
+      jump   => 'accept',
+      proto  => 'tcp',
+      dport  => $ssh_fw_port,
+    }
+  }
+}