X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Ftemplates%2Finterfaces.conf.erb;h=496054c42de201af4857a70e1bf031adb56711e4;hb=0c6f34ec54ca6b4ae390547b7b423e23545511ca;hp=8092282fc1fa2477e795cada0dbebee5ab1ea496;hpb=fe5c5a3adcbd8921dd4cf1f1e7430b4a5618e0b7;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/templates/interfaces.conf.erb b/modules/ferm/templates/interfaces.conf.erb
index 8092282fc..496054c42 100644
--- a/modules/ferm/templates/interfaces.conf.erb
+++ b/modules/ferm/templates/interfaces.conf.erb
@@ -1,9 +1,38 @@
-$MUNIN_IFS = (<%=
-ifs = []
-interfaces.split(',').each do |iface|
-  next unless Kernel.local_variables.include?("ipaddress_" + iface)
-  ifs << iface
+def $MUNIN_IPS = (<%=
+begin
+	scope.lookupvar('::v4ips').split(',').join(' ')
+rescue
+	''
 end
-ifs.join(' ')
 %>);
+def $MUNIN6_IPS = (<%=
+begin
+	scope.lookupvar('::v6ips') == '' ? '' : scope.lookupvar('::v6ips').split(',').join(' ')
+rescue
+	''
+end
+%>);
+
+domain ip {
+        chain INPUT {
+               daddr ($MUNIN_IPS) NOP;
+        }
+}
+
+domain ip {
+        chain OUTPUT {
+               saddr ($MUNIN_IPS) NOP;
+        }
+}
+
+domain ip6 {
+        chain INPUT {
+               daddr ($MUNIN6_IPS) NOP;
+        }
+}
 
+domain ip6 {
+        chain OUTPUT {
+               saddr ($MUNIN6_IPS) NOP;
+        }
+}