Defined Type: psick::network::rule

Defined in:
manifests/network/rule.pp

Overview

Parameters:

$iprule - required

Actions:

On RHEL Deploys /etc/sysconfig/networking-scripts/rule-$name and /etc/sysconfig/networking-scripts/rule6-$name

On Debian Deploys 2 files, 1 under /etc/network/if-up.d and 1 in /etc/network/if-down.d

Sample Usage:

psick::network::rule { 'eth0':
  iprule => ['from 192.168.22.0/24 lookup vlan22', ],
}

Authors:

Marcus Furlong <furlongm@gmail.com>

Parameters:

  • iprule (Array)
  • interface (String) (defaults to: $name)
  • family (Optional[Array]) (defaults to: undef)
  • ensure (Enum['present','absent']) (defaults to: 'present') 


23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
# File 'manifests/network/rule.pp', line 23

define psick::network::rule (
  Array $iprule,
  String $interface                = $name,
  Optional[Array] $family          = undef,
  Enum['present','absent'] $ensure = 'present',
) {
  include psick::network

  case $facts['os']['family'] {
    'RedHat': {
      file { "rule-${interface}":
        ensure  => file,
        owner   => root,
        group   => root,
        mode    => '0644',
        path    => "/etc/sysconfig/network-scripts/rule-${interface}",
        content => template('psick/network/rule-RedHat.erb'),
        notify  => $psick::network::manage_config_file_notify,
      }
      file { "rule6-${interface}":
        ensure  => file,
        owner   => root,
        group   => root,
        mode    => '0644',
        path    => "/etc/sysconfig/network-scripts/rule6-${interface}",
        content => template('psick/network/rule6-RedHat.erb'),
        notify  => $psick::network::manage_config_file_notify,
      }
    }
    'Suse': {
      file { "ifrule-${interface}":
        ensure  => file,
        owner   => root,
        group   => root,
        mode    => '0644',
        path    => "/etc/sysconfig/network/ifrule-${interface}",
        content => template('psick/network/rule-RedHat.erb'),
        notify  => $psick::network::manage_config_file_notify,
      }
    }
    'Debian': {
      file { "ruleup-${name}":
        ensure  => $ensure,
        mode    => '0755',
        owner   => 'root',
        group   => 'root',
        path    => "/etc/network/if-up.d/z90-rule-${name}",
        content => template('psick/network/rule_up-Debian.erb'),
        notify  => $psick::network::manage_config_file_notify,
      }
      file { "ruledown-${name}":
        ensure  => $ensure,
        mode    => '0755',
        owner   => 'root',
        group   => 'root',
        path    => "/etc/network/if-down.d/z90-rule-${name}",
        content => template('psick/network/rule_down-Debian.erb'),
        notify  => $psick::network::manage_config_file_notify,
      }
    }
    default: { fail('Operating system not supported') }
  }
}