From f3a4eb600860f806a36cc7408c3670913bdca7c5 Mon Sep 17 00:00:00 2001
From: Jonathan Boyett <jonathan@failingservers.com>
Date: Fri, 13 May 2011 13:37:30 -0700
Subject: [PATCH] allow arrays in dport, sport, destination, source, and state

---
 lib/puppet/type/firewall.rb | 37 ++++++++++++++++++++-----------------
 1 file changed, 20 insertions(+), 17 deletions(-)

diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index f131637..1a74280 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -96,14 +96,24 @@ Puppet::Type.newtype(:firewall) do
     defaultto "ACCEPT"
   end
 
-  newproperty(:source) do
+  newproperty(:source, :array_matching => :all) do
     desc "The value for the iptables --source parameter.
       Accepts a single string or array."
+
+    def should_to_s(value)
+      value = [value] unless value.is_a?(Array)
+      value.join(',')
+    end
   end
 
-  newproperty(:destination) do
+  newproperty(:destination, :array_matching => :all) do
     desc "The value for the iptables --destination parameter.
       Accepts a single string or array."
+
+    def should_to_s(value)
+      value = [value] unless value.is_a?(Array)
+      value.join(',')
+    end
   end
 
   newproperty(:sport, :array_matching => :all) do
@@ -120,16 +130,10 @@ Puppet::Type.newtype(:firewall) do
       @resource.string_to_port(value)
     end
 
-    def value_to_s(value)
+    def should_to_s(value)
       value = [value] unless value.is_a?(Array)
       value.join(',')
     end
-
-    def change_to_s(currentvalue, newvalue)
-      currentvalue = value_to_s(currentvalue) if currentvalue != :absent
-      newvalue = value_to_s(newvalue)
-      super(currentvalue, newvalue)
-    end
   end
 
   newproperty(:dport, :array_matching => :all) do
@@ -146,16 +150,10 @@ Puppet::Type.newtype(:firewall) do
       @resource.string_to_port(value)
     end
 
-    def value_to_s(value)
+    def should_to_s(value)
       value = [value] unless value.is_a?(Array)
       value.join(',')
     end
-
-    def change_to_s(currentvalue, newvalue)
-      currentvalue = value_to_s(currentvalue) if currentvalue != :absent
-      newvalue = value_to_s(newvalue)
-      super(currentvalue, newvalue)
-    end
   end
 
   newproperty(:iniface) do
@@ -202,10 +200,15 @@ Puppet::Type.newtype(:firewall) do
     end
   end
 
-  newproperty(:state) do
+  newproperty(:state, :array_matching => :all) do
     desc "The value for the iptables -m state --state parameter.
       Possible values are: 'INVALID', 'ESTABLISHED', 'NEW', 'RELATED'.
       Accepts a single string or array."
+
+    def should_to_s(value)
+      value = [value] unless value.is_a?(Array)
+      value.join(',')
+    end
   end
 
   newproperty(:limit) do
-- 
2.45.2