search

example42 / puppet-firewall

Example42 Firewall abstraction meta-module
http://www.example42.com
Other
3 stars 11 forks source link

Adding firewall_dns_info() and the ability to set a hostname as source/destination #13

Closed Freeaqingme closed 9 years ago

Freeaqingme commented 11 years ago

The following two scenarios are now possible: Implicit resolving:

  firewall::rule { "name":
    source          => "$::fqdn",
    destination     => 'example42.com',
    destination_v6  => [ 'example42.com', 'he.net' ],
    protocol        => $proto,
    port            => $port,
    action          => 'allow',
    direction       => 'output',
  }

Explicit Resolving:

   $dns_info = firewall_dns_info('www.gmail.com')

  firewall { "name":
    destination       => $dns_info['ip_v4'],
    destination_v6    => $dns_info['ip_v6'],
    protocol          => $proto,
    port              => $port,
    action            => 'allow',
    direction         => 'output',
    resolve_locations => false,
    enable            => $dns_info['enable_v4'],
    enable_v6         => $dns_info['enable_v6'],
  }