projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
denis to named::auth
[mirror/dsa-puppet.git]
/
modules
/
ferm
/
templates
/
interfaces.conf.erb
diff --git
a/modules/ferm/templates/interfaces.conf.erb
b/modules/ferm/templates/interfaces.conf.erb
index
1bebce3
..
496054c
100644
(file)
--- a/
modules/ferm/templates/interfaces.conf.erb
+++ b/
modules/ferm/templates/interfaces.conf.erb
@@
-1,13
+1,38
@@
-def $MUNIN_IPS = (<%= v4ips.split(',').join(' ') %>);
+def $MUNIN_IPS = (<%=
+begin
+ scope.lookupvar('::v4ips').split(',').join(' ')
+rescue
+ ''
+end
+%>);
+def $MUNIN6_IPS = (<%=
+begin
+ scope.lookupvar('::v6ips') == '' ? '' : scope.lookupvar('::v6ips').split(',').join(' ')
+rescue
+ ''
+end
+%>);
domain ip {
chain INPUT {
domain ip {
chain INPUT {
- daddr ($MUNIN_IP) NOP;
+ daddr ($MUNIN_IP
S
) NOP;
}
}
domain ip {
chain OUTPUT {
}
}
domain ip {
chain OUTPUT {
- saddr ($MUNIN_IP) NOP;
+ saddr ($MUNIN_IPS) NOP;
+ }
+}
+
+domain ip6 {
+ chain INPUT {
+ daddr ($MUNIN6_IPS) NOP;
+ }
+}
+
+domain ip6 {
+ chain OUTPUT {
+ saddr ($MUNIN6_IPS) NOP;
}
}
}
}