Class: Puppet::Provider::PanosNatPolicy::PanosNatPolicy

Inherits:
Puppet::Provider::PanosProvider
  • Object
show all
Defined in:
lib/puppet/provider/panos_nat_policy/panos_nat_policy.rb

Overview

Implementation for the panos_NAT_policy type using the Resource API.

Instance Method Summary collapse

Instance Method Details

#munge(entry) ⇒ Object 



5
6
7
8
9
10
11
 
# File 'lib/puppet/provider/panos_nat_policy/panos_nat_policy.rb', line 5

def munge(entry)
  entry[:bi_directional] = string_to_bool(entry[:bi_directional]) unless entry[:bi_directional].nil?
  if entry.key?(:source_translation_type) && entry[:source_translation_type].nil?
    entry[:source_translation_type] = 'none'
  end
  entry
end

#validate_should(should) ⇒ Object 



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
# File 'lib/puppet/provider/panos_nat_policy/panos_nat_policy.rb', line 13

def validate_should(should)
  if should[:fallback_address_type] == 'translated-address' && !should[:fallback_interface].nil?
    raise Puppet::ResourceError, 'Please do not supply a fallback interface when the fallback address type is `translated-address`'
  end
  if should[:fallback_address_type] == 'interface-address' && !should[:fallback_address].nil?
    raise Puppet::ResourceError, 'Please do not supply a fallback address when the fallback address type is `interface-address`'
  end
  if should[:bi_directional] == true && !should[:destination_translated_address].nil?
    raise Puppet::ResourceError, 'Bi-directional option not applicable to a rule with both source and destination translation'
  end
  if should[:nat_type] == 'nptv6' && should[:source_translation_type] != 'static-ip'
    raise Puppet::ResourceError, 'Static Ip Source Address Translation must be used with `nptv6` NAT types'
  end
  if should[:source_translation_type] == 'static-ip' && should[:source_translated_static_address].nil? # rubocop:disable Style/GuardClause # line too long
    raise Puppet::ResourceError, 'You must specify the translated addresses when using Static Ip Source Address Translation'
  end
end

#xml_from_should(name, should) ⇒ Object 



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
 
# File 'lib/puppet/provider/panos_nat_policy/panos_nat_policy.rb', line 31

def xml_from_should(name, should)
  builder = Builder::XmlMarkup.new
  builder.entry('name' => name) do
    if should[:source_translation_type] && should[:source_translation_type] != 'none'
      builder.__send__('source-translation') do
        builder.__send__(should[:source_translation_type]) do
          if should[:fallback_address_type]
            builder.__send__('fallback') do
              builder.__send__(should[:fallback_address_type]) do
                if should[:fallback_address_type] == 'interface-address'
                  builder.interface(should[:fallback_interface])
                  builder.__send__(should[:fallback_interface_ip_type], should[:fallback_interface_ip])
                elsif should[:fallback_address_type] == 'translated-address'
                  should[:fallback_address].each do |addr|
                    builder.member(addr)
                  end
                end
              end
            end
          end
          if should[:source_translation_type] == 'static-ip'
            builder.__send__('bi-directional', 'yes') if should[:bi_directional]
            builder.__send__('translated-address', should[:source_translated_static_address]) if should[:source_translated_static_address]
          elsif should[:source_translated_address]
            builder.__send__('translated-address') do
              should[:source_translated_address].each do |addr|
                builder.member(addr)
              end
            end
          elsif should[:SAT_interface]
            builder.__send__('interface-address') do
              builder.ip(should[:SAT_interface_ip])
              builder.interface(should[:SAT_interface])
            end
          end
        end
      end
    end
    builder.to do
      should[:to].each do |zone|
        builder.member(zone)
      end
    end
    unless should[:destination_translated_address].nil?
      builder.__send__('destination-translation') do
        builder.__send__('translated-port', should[:destination_translated_port]) if should[:destination_translated_port]
        builder.__send__('translated-address', should[:destination_translated_address]) if should[:destination_translated_address]
      end
    end
    builder.from do
      should[:from].each do |zone|
        builder.member(zone)
      end
    end
    builder.source do
      should[:source].each do |addr|
        builder.member(addr)
      end
    end
    builder.destination do
      should[:destination].each do |addr|
        builder.member(addr)
      end
    end
    build_tags(builder, should) if should[:tags]
    builder.service(should[:service])
    builder.description(should[:description]) if should[:description]
    builder.__send__('to-interface', should[:destination_interface]) if should[:destination_interface]
    builder.__send__('nat-type', should[:nat_type]) if should[:nat_type]
    builder.__send__('disabled', 'yes') if should[:disabled]
  end
end