]> review.fuel-infra Code Review - puppet-modules/puppetlabs-firewall.git/commitdiff
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 68f13c0)
(#10025) Make tcp_flags support a feature.
authorKen Barber <ken@bob.sh>
Sat, 9 Jun 2012 23:18:04 +0000 (00:18 +0100)
committerKen Barber <ken@bob.sh>
Sat, 9 Jun 2012 23:18:04 +0000 (00:18 +0100)
lib/puppet/provider/firewall/ip6tables.rb patch | blob | history
lib/puppet/provider/firewall/iptables.rb patch | blob | history
lib/puppet/type/firewall.rb patch | blob | history

diff --git a/lib/puppet/provider/firewall/ip6tables.rb b/lib/puppet/provider/firewall/ip6tables.rb
index 29e705200dbcc99c0fce8c06525c27ff2473f85f..b97f7e7699e56bda1fc8fac0d0375bdce16cd102 100644 (file)
--- a/lib/puppet/provider/firewall/ip6tables.rb
+++ b/lib/puppet/provider/firewall/ip6tables.rb
@@ -12,6 +12,8 @@ Puppet::Type.type(:firewall).provide :ip6tables, :parent => :iptables, :source =
   has_feature :reject_type
   has_feature :log_level
   has_feature :log_prefix
+  has_feature :mark
+  has_feature :tcp_flags
 
   commands :iptables      => '/sbin/ip6tables'
   commands :iptables_save => '/sbin/ip6tables-save'
diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index 5602e1d69dfafa040f8e06fa7a259ef0a861799a..1701a7882deddee621c2d7418481c0e2c7144137 100644 (file)
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -18,6 +18,7 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
   has_feature :log_level
   has_feature :log_prefix
   has_feature :mark
+  has_feature :tcp_flags
 
   commands :iptables => '/sbin/iptables'
   commands :iptables_save => '/sbin/iptables-save'
diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index 11997a0fa4120898d30a196200538f55c97d9337..726546746aefcc6ec1aba8f5cf1ebd9a69e10d2f 100644 (file)
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -32,6 +32,7 @@ Puppet::Type.newtype(:firewall) do
   feature :log_level, "The ability to control the log level"
   feature :log_prefix, "The ability to add prefixes to log messages"
   feature :mark, "Set the netfilter mark value associated with the packet"
+  feature :tcp_flags, "The ability to match on particular TCP flag settings"
 
   # provider specific features
   feature :iptables, "The provider provides iptables features."
@@ -213,7 +214,7 @@ Puppet::Type.newtype(:firewall) do
   end
 
   # tcp-specific
-  newproperty(:tcp_flags) do
+  newproperty(:tcp_flags, :required_features => :tcp_flags) do
     desc <<-EOS
       Match when the TCP flags are as specified.
       Is a string with a list of comma-separated flag names for the mask,