From cf1415ceac6449877ae7af53bc5394339bb7ae49 Mon Sep 17 00:00:00 2001 From: 12ww1160 <12ww1160@confdroid.com> Date: Thu, 9 Apr 2026 14:56:37 +0200 Subject: [PATCH 1/2] OP#561 try new fw settings --- manifests/firewall/iptables.pp | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/manifests/firewall/iptables.pp b/manifests/firewall/iptables.pp index 42da410..4e67d60 100644 --- a/manifests/firewall/iptables.pp +++ b/manifests/firewall/iptables.pp @@ -6,22 +6,20 @@ class confdroid_ssh::firewall::iptables ( ) inherits confdroid_ssh::params { - if $ssh_use_firewall == true { - firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}": - ensure => 'present', - proto => 'tcp', - source => $ssh_source_range, - dport => $ssh_fw_port, - jump => 'accept', + case $ssh_use_firewall { + true, 'true', 'yes', '1': { + $ssh_fw_ensure = 'present' + } + default: { + $ssh_fw_ensure = 'absent' } } - if $ssh_use_firewall == false { - firewall { "${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}": - ensure => 'absent', - proto => 'tcp', - source => $ssh_source_range, - dport => $ssh_fw_port, - jump => 'accept', - } + + firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}": + ensure => $ssh_fw_ensure, + proto => 'tcp', + source => $ssh_source_range, + dport => $ssh_fw_port, + jump => 'accept', } } From fbdc21d72f083dfe18a1f8e636f5176e57d1400b Mon Sep 17 00:00:00 2001 From: Jenkins Server Date: Thu, 9 Apr 2026 14:57:52 +0200 Subject: [PATCH 2/2] Recommit for updates in build 14 --- ...droid_ssh_3A_3Afirewall_3A_3Aiptables.html | 32 ++++++++----------- 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/doc/puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html b/doc/puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html index 72537f1..935ccb0 100644 --- a/doc/puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html +++ b/doc/puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html @@ -120,9 +120,7 @@ 22 23 24 -25 -26 -27 +25 
# File 'manifests/firewall/iptables.pp', line 6
@@ -130,23 +128,21 @@
 class confdroid_ssh::firewall::iptables (
 
 ) inherits confdroid_ssh::params {
-  if $ssh_use_firewall == true {
-    firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
-      ensure => 'present',
-      proto  => 'tcp',
-      source => $ssh_source_range,
-      dport  => $ssh_fw_port,
-      jump   => 'accept',
+  case $ssh_use_firewall {
+    true, 'true', 'yes', '1': {
+      $ssh_fw_ensure = 'present'
+    }
+    default: {
+      $ssh_fw_ensure = 'absent'
     }
   }
-  if $ssh_use_firewall == false {
-    firewall { "${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}":
-      ensure => 'absent',
-      proto  => 'tcp',
-      source => $ssh_source_range,
-      dport  => $ssh_fw_port,
-      jump   => 'accept',
-    }
+
+  firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
+    ensure => $ssh_fw_ensure,
+    proto  => 'tcp',
+    source => $ssh_source_range,
+    dport  => $ssh_fw_port,
+    jump   => 'accept',
   }
 }