Resource Type: firewalld_direct_rule

Defined in:

lib/puppet/type/firewalld_direct_rule.rb

Providers:

firewall_cmd

Overview

Allow to pass rules directly to iptables/ip6tables/ebtables using firewalld direct interface.

Example:

firewalld_direct_rule {'Allow outgoing SSH connection':
    ensure         => 'present',
    inet_protocol  => 'ipv4',
    table          => 'filter',
    chain          => 'OUTPUT',
    priority       => 1,
    args           => '-p tcp --dport=22 -j ACCEPT',
}

Properties

• ensure (defaults to: present)

  Manage the state of this type.

  Supported values:

  • present
  • absent

Parameters

• args

  <args> can be all iptables, ip6tables and ebtables command line arguments

• chain

  Name of the chain type to add (e.g: INPUT, OUTPUT, FORWARD)

• inet_protocol (defaults to: ipv4)

  Name of the TCP/IP protocol to use (e.g: ipv4, ipv6, eb)

  Supported values:

  • ipv4
  • ipv6
  • eb
• name (namevar)

  Name of the rule resource in Puppet

• priority

  The priority number of the rule (e.g: 0, 1, 2, … 99)

• provider

  The specific backend to use for this ‘firewalld_direct_rule` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.

• table

  Name of the table type to add (e.g: filter, nat, mangle, raw)