X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Ftemplates%2Finterfaces.conf.erb;h=af6585a5c7de963b67876e0e75a2307e95b37dbd;hb=17f88dc46046557b5a2c1152e3b58d26b46d5cf6;hp=17c0c6674ce884ffacd94f8d65d0eecfbafb9351;hpb=b518be1306dde4a620e067aa85904ec0e99eb705;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/templates/interfaces.conf.erb b/modules/ferm/templates/interfaces.conf.erb
index 17c0c6674..af6585a5c 100644
--- a/modules/ferm/templates/interfaces.conf.erb
+++ b/modules/ferm/templates/interfaces.conf.erb
@@ -1,8 +1,38 @@
-$MUNIN_IFS = (<%=
-ifs = []
-interfaces.split(',').each do |iface|
-  next unless Kernel.local_variables.include?("ipaddress_" + iface)
-  ifs << iface
-ifs.join(' ')
+def $MUNIN_IPS = (<%=
+begin
+	v4ips.split(',').join(' ')
+rescue
+	''
+end
 %>);
+def $MUNIN6_IPS = (<%=
+begin
+	v6ips == 'no' ? '' : v6ips.split(',').join(' ')
+rescue
+	''
+end
+%>);
+
+domain ip {
+        chain INPUT {
+               daddr ($MUNIN_IPS) NOP;
+        }
+}
+
+domain ip {
+        chain OUTPUT {
+               saddr ($MUNIN_IPS) NOP;
+        }
+}
+
+domain ip6 {
+        chain INPUT {
+               daddr ($MUNIN6_IPS) NOP;
+        }
+}
 
+domain ip6 {
+        chain OUTPUT {
+               saddr ($MUNIN6_IPS) NOP;
+        }
+}