$package_name = $firewall::params::package_name,
$package_ensure = $firewall::params::package_ensure,
$sysconfig_manage = $firewall::params::sysconfig_manage,
- $firewalld_manage = true,
+ $firewalld_manage = $firewall::params::firewalld_manage,
) inherits ::firewall::params {
$_ensure_v6 = pick($ensure_v6, $ensure)
$_enable_v6 = pick($enable_v6, $enable)
$package_name = undef
$iptables_name = 'iptables'
$sysconfig_manage = true
+ $firewalld_manage = true
}
'Fedora': {
$service_name = 'iptables'
$package_name = undef
}
$sysconfig_manage = true
+ $firewalld_manage = true
}
default: {
if versioncmp($::operatingsystemrelease, '9') >= 0 {
$service_name = 'nftables'
- $service_name_v6 = undef
+ $service_name_v6 = 'ip6tables'
$package_name = ['iptables-services', 'nftables', 'iptables-nft-services']
$iptables_name = 'iptables'
$sysconfig_manage = false
+ $firewalld_manage = false
} elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 {
$service_name = ['iptables', 'nftables']
$service_name_v6 = 'ip6tables'
$package_name = ['iptables-services', 'nftables']
$iptables_name = 'iptables'
$sysconfig_manage = false
+ $firewalld_manage = true
} elsif versioncmp($::operatingsystemrelease, '7.0') >= 0 {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
$package_name = 'iptables-services'
$iptables_name = 'iptables'
$sysconfig_manage = true
+ $firewalld_manage = true
} else {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
$package_name = 'iptables-ipv6'
$iptables_name = 'iptables'
$sysconfig_manage = true
+ $firewalld_manage = true
}
}
}
describe 'mac_source' do
context 'when 0A:1B:3C:4D:5E:6F' do
+ # On RHEL 9 this must be lower case, on all others it must be upper case
+ mac_source = if os[:family] == 'redhat' && os[:release].start_with?('9')
+ '0a:1b:3c:4d:5e:6f'
+ else
+ '0A:1B:3C:4D:5E:6F'
+ end
pp88 = <<-PUPPETCODE
class { '::firewall': }
firewall { '610 - test':
ensure => present,
source => '10.1.5.28/32',
- mac_source => '0A:1B:3C:4D:5E:6F',
+ mac_source => '#{mac_source}',
chain => 'INPUT',
}
PUPPETCODE
end
end
- unless (os[:family] == 'redhat' && os[:release].start_with?('5', '6', '8')) || (os[:family] == 'sles')
+ unless (os[:family] == 'redhat' && os[:release].start_with?('5', '6', '8', '9')) || (os[:family] == 'sles')
describe 'time tests' do
context 'when set all time parameters' do
pp1 = <<-PUPPETCODE
describe 'attributes test' do
before(:all) do
+ # On RHEL 9 this must be lower case, on all others it must be upper case
+ mac_source = if os[:family] == 'redhat' && os[:release].start_with?('9')
+ '0a:1b:3c:4d:5e:6f'
+ else
+ '0A:1B:3C:4D:5E:6F'
+ end
+
pp = <<-PUPPETCODE
class { '::firewall': }
firewall { '571 - hop_limit':
firewall { '604 - mac_source':
ensure => present,
source => '2001:db8::1/128',
- mac_source => '0A:1B:3C:4D:5E:6F',
+ mac_source => '#{mac_source}',
chain => 'INPUT',
provider => 'ip6tables',
}
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff