Puppet Class: pulsevtm::appliance_nat

Defined in:
manifests/appliance_nat.pp

Overview

class: pulsevtm::appliance_nat

NAT Configuration The NAT configuration file stores rules controlling NAT on an appliance.

Parameters

basic__many_to_one_all_ports

This is table ‘many_to_one_all_ports’ Type:array Properties:unique rule identifier”, “type”=>“string”, “pool”=>of a "many to one overload" type NAT rule.”, “type”=>“string”, “tip”=>Group of a "many to one overload" type NAT rule.”, “type”=>“string”}

basic__many_to_one_port_locked

This is table ‘many_to_one_port_locked’ Type:array Properties:unique rule identifier”, “type”=>“string”, “pool”=>of a "many to one port locked" type NAT rule.”, “type”=>“string”, “port”=>number of a "many to one port locked" type NAT rule.”, “type”=>“integer”, “minimum”=>1, “maximum”=>65535, “protocol”=>of a "many to one port locked" type NAT rule.”, “type”=>“string”, “enum”=>[“icmp”, “sctp”, “tcp”, “udp”, “udplite”], “tip”=>Group of a "many to one port locked" type NAT rule.”, “type”=>“string”}

basic__one_to_one

This is table ‘one_to_one’ Type:array Properties:unique rule identifier”, “type”=>“string”, “enable_inbound”=>the inbound part of a "one to one" type NAT rule.”, “type”=>“boolean”, “ip”=>Address of a "one to one" type NAT rule.”, “type”=>“string”, “tip”=>group of a "one to one" type NAT rule.”, “type”=>“string”}

basic__port_mapping

This is table ‘port_mapping’ Type:array Properties:unique rule identifier”, “type”=>“string”, “dport_first”=>port of the dest. port range of a "port mapping" rule.”, “type”=>“integer”, “minimum”=>1, “maximum”=>65535, “dport_last”=>port of the dest. port range of a "port mapping" rule.”, “type”=>“integer”, “minimum”=>1, “maximum”=>65535, “virtual_server”=>Virtual Server of a "port mapping" rule.”, “type”=>“string”}

Examples

class 

ensure => present,

Authors

Pulse Secure <puppet-vadc@pulsesecure.net>

Copyright 2018 Pulse Secure

Parameters:

  • ensure (Any) (defaults to: present)
  • basic__many_to_one_all_ports (Any) (defaults to: '[]')
  • basic__many_to_one_port_locked (Any) (defaults to: '[]')
  • basic__one_to_one (Any) (defaults to: '[]')
  • basic__port_mapping (Any) (defaults to: '[]') 


65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
# File 'manifests/appliance_nat.pp', line 65

class pulsevtm::appliance_nat (
  $ensure                         = present,
  $basic__many_to_one_all_ports   = '[]',
  $basic__many_to_one_port_locked = '[]',
  $basic__one_to_one              = '[]',
  $basic__port_mapping            = '[]',
){
  include pulsevtm
  $ip              = $pulsevtm::rest_ip
  $port            = $pulsevtm::rest_port
  $user            = $pulsevtm::rest_user
  $pass            = $pulsevtm::rest_pass
  $purge           = $pulsevtm::purge
  $purge_state_dir = $pulsevtm::purge_state_dir

  info ("Configuring appliance_nat ${name}")
  vtmrest { 'appliance/nat':
    ensure   => $ensure,
    before   => Class[pulsevtm::purge],
    endpoint => "https://${ip}:${port}/api/tm/6.0/config/active",
    username => $user,
    password => $pass,
    content  => template('pulsevtm/appliance_nat.erb'),
    type     => 'application/json',
    internal => 'appliance_nat',
    failfast => $pulsevtm::failfast,
    debug    => $pulsevtm::debug,
  }

  if ( $purge ) {
    ensure_resource('file', "${purge_state_dir}/appliance", {ensure => present})
    file_line { 'appliance/nat':
      line => 'appliance/nat',
      path => "${purge_state_dir}/appliance",
    }
  }
}