[MODULES-4249] Introduce class parameter ebtables_manage

If set to true, it ensures that firewallchain resources work for the
ethernet protocol (default: false)

diff --git a/manifests/init.pp b/manifests/init.pp
index 53697b5c8821c76b8435d927ec4ba9f9701ff3cc..ba7902153b893ac2b28dc40b282de0a3b1bdb32d 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -17,6 +17,7 @@ class firewall (
   $service_name    = $::firewall::params::service_name,
   $service_name_v6 = $::firewall::params::service_name_v6,
   $package_name    = $::firewall::params::package_name,
+  $ebtables_manage = false,
 ) inherits ::firewall::params {
   case $ensure {
     /^(running|stopped)$/: {
@@ -35,6 +36,7 @@ class firewall (
         service_name    => $service_name,
         service_name_v6 => $service_name_v6,
         package_name    => $package_name,
+        ebtables_manage => $ebtables_manage,
       }
       contain "${title}::linux"
     }

diff --git a/manifests/linux.pp b/manifests/linux.pp
index 0fd758aa3de1f1153f466e3b3bb6f0278a4a4f10..22cf7a076f3080bd979e02320e7f1c673acb8e1a 100644 (file)
--- a/manifests/linux.pp
+++ b/manifests/linux.pp
@@ -17,6 +17,7 @@ class firewall::linux (
   $service_name    = $::firewall::params::service_name,
   $service_name_v6 = $::firewall::params::service_name_v6,
   $package_name    = $::firewall::params::package_name,
+  $ebtables_manage = false,
 ) inherits ::firewall::params {
   $enable = $ensure ? {
     running => true,
@@ -27,6 +28,12 @@ class firewall::linux (
     ensure => $pkg_ensure,
   }
 
+  if $ebtables_manage {
+    package { 'ebtables':
+      ensure => $pkg_ensure,
+    }
+  }
+
   case $::operatingsystem {
     'RedHat', 'CentOS', 'Fedora', 'Scientific', 'SL', 'SLC', 'Ascendos',
     'CloudLinux', 'PSBM', 'OracleLinux', 'OVS', 'OEL', 'Amazon', 'XenServer',