2 define rule($domain="ip", $table="filter", $chain="INPUT", $rule, $description="", $prio="00", $notarule=false) {
4 "/etc/ferm/dsa.d/${prio}_${name}":
9 content => template("ferm/ferm-rule.erb"),
10 notify => Exec["ferm restart"],
14 # realize (i.e. enable) all @ferm::rule virtual resources
18 ferm: ensure => installed;
19 ulogd: ensure => installed;
28 source => "puppet:///files/empty/",
29 notify => Exec["ferm restart"],
30 require => Package["ferm"];
36 require => Package["ferm"];
38 source => "puppet:///modules/ferm/ferm.default",
39 require => Package["ferm"],
40 notify => Exec["ferm restart"];
41 "/etc/ferm/ferm.conf":
42 source => "puppet:///modules/ferm/ferm.conf",
43 require => Package["ferm"],
45 notify => Exec["ferm restart"];
46 "/etc/ferm/conf.d/me.conf":
47 content => template("ferm/me.conf.erb"),
48 require => Package["ferm"],
50 notify => Exec["ferm restart"];
51 "/etc/ferm/conf.d/defs.conf":
52 content => template("ferm/defs.conf.erb"),
53 require => Package["ferm"],
55 notify => Exec["ferm restart"];
56 "/etc/ferm/conf.d/interfaces.conf":
57 content => template("ferm/interfaces.conf.erb"),
58 require => Package["ferm"],
60 notify => Exec["ferm restart"];
61 "/etc/logrotate.d/ulogd":
62 source => "puppet:///modules/ferm/logrotate-ulogd",
63 require => Package["debian.org"],
67 $munin_ips = split(regsubst($v4ips, '([^,]+)', 'ip_\1', 'G'), ',')
69 activate_munin_check {
70 $munin_ips: script => "ip_";
73 define munin_ipv6_plugin() {
75 "/etc/munin/plugins/$name":
76 content => "#!/bin/bash\n# This file is under puppet control\n. /usr/share/munin/plugins/ip_\n",
78 notify => Exec["munin-node restart"],
85 $munin6_ips = split(regsubst($v6ips, '([^,]+)', 'ip_\1', 'G'), ',')
89 # get rid of old stuff
90 $munin6_ip6s = split(regsubst($v6ips, '([^,]+)', 'ip6_\1', 'G'), ',')
91 activate_munin_check {
92 $munin6_ip6s: ensure => absent;
98 case getfromhash($nodeinfo, 'buildd') {
101 "/etc/ferm/conf.d/load_ftp_conntrack.conf":
102 source => "puppet:///modules/ferm/conntrack_ftp.conf",
103 require => Package["ferm"],
104 notify => Exec["ferm restart"];
111 command => "/etc/init.d/ferm restart",
116 # vim:set sts=4 ts=4:
117 # vim:set shiftwidth=4: