2 define rule($domain="ip", $table="filter", $chain="INPUT", $rule, $description="", $prio="00") {
4 "/etc/ferm/dsa.d/${prio}_${name}":
9 content => template("ferm/ferm-rule.erb"),
10 notify => Exec["ferm restart"],
14 # realize (i.e. enable) all @ferm::rule virtual resources
18 ferm: ensure => installed;
19 ulogd: ensure => installed;
28 source => "puppet:///files/empty/",
29 notify => Exec["ferm restart"],
30 require => Package["ferm"];
36 require => Package["ferm"];
38 source => "puppet:///modules/ferm/ferm.default",
39 require => Package["ferm"],
40 notify => Exec["ferm restart"];
41 "/etc/ferm/ferm.conf":
42 source => "puppet:///modules/ferm/ferm.conf",
43 require => Package["ferm"],
45 notify => Exec["ferm restart"];
46 "/etc/ferm/conf.d/me.conf":
47 content => template("ferm/me.conf.erb"),
48 require => Package["ferm"],
50 notify => Exec["ferm restart"];
51 "/etc/ferm/conf.d/defs.conf":
52 content => template("ferm/defs.conf.erb"),
53 require => Package["ferm"],
55 notify => Exec["ferm restart"];
56 "/etc/ferm/conf.d/interfaces.conf":
57 content => template("ferm/interfaces.conf.erb"),
58 require => Package["ferm"],
60 notify => Exec["ferm restart"];
61 "/etc/logrotate.d/ulogd":
62 source => "puppet:///modules/ferm/logrotate-ulogd",
63 require => Package["logrotate"],
67 $munin_ips = split(regsubst($v4ips, '([^,]+)', 'ip_\1', 'G'), ',')
69 activate_munin_check {
70 $munin_ips: script => "ip_";
73 case extractnodeinfo($nodeinfo, 'buildd') {
76 "/etc/ferm/conf.d/load_ftp_conntrack.conf":
77 source => "puppet:///modules/ferm/conntrack_ftp.conf",
78 require => Package["ferm"],
79 notify => Exec["ferm restart"];
87 $munin6_ips = split(regsubst($v6ips, '([^,]+)', 'ip6_\1', 'G'), ',')
88 activate_munin_check {
89 $munin6_ips: script => "ip6_";
96 command => "/etc/init.d/ferm restart",
101 # vim:set sts=4 ts=4:
102 # vim:set shiftwidth=4: