Skip to content

Commit

Permalink
Encapsulate port-related exprs in Nftables::Port
Browse files Browse the repository at this point in the history
  • Loading branch information
@nbarrientos
nbarrientos committed Dec 9, 2020
1 parent 6739966 commit 09b07e5
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 4 deletions.
4 changes: 2 additions & 2 deletions manifests/simplerule.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,11 +61,11 @@
String $table = 'inet-filter',
Enum['accept', 'continue', 'drop', 'queue', 'return'] $action = 'accept',
Optional[String] $comment = undef,
Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, Pattern[/\d+-\d+/]]] $dport = undef,
Optional[Nftables::Port] $dport = undef,
Optional[Enum['tcp', 'tcp4', 'tcp6', 'udp', 'udp4', 'udp6']] $proto = undef,
Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $daddr = undef,
Enum['ip', 'ip6'] $set_type = 'ip6',
Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, Pattern[/\d+-\d+/]]] $sport = undef,
Optional[Nftables::Port] $sport = undef,
Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $saddr = undef,
Boolean $counter = false,
) {
Expand Down
9 changes: 9 additions & 0 deletions spec/type_aliases/nftables_port_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
require 'spec_helper'

describe 'Nftables::Port' do
it { is_expected.to allow_value(53) }
it { is_expected.to allow_value([1, 1985, 65_535]) }
it { is_expected.to allow_value('53-55') }
it { is_expected.not_to allow_value('53') }
it { is_expected.not_to allow_value([]) }
end
4 changes: 2 additions & 2 deletions templates/simplerule.epp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@
Optional[String] $comment,
Boolean $counter,
Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $daddr,
Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, String]] $dport,
Optional[Nftables::Port] $dport,
Optional[String] $proto,
Optional[Variant[Stdlib::IP::Address::V6, Stdlib::IP::Address::V4, Pattern[/^@[-a-zA-Z0-9_]+$/]]] $saddr,
Enum['ip', 'ip6'] $set_type,
Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, String]] $sport,
Optional[Nftables::Port] $sport,
| -%>
<%- if $proto {
$_proto = $proto ? {
Expand Down
7 changes: 7 additions & 0 deletions types/port.pp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# @summary
# Represents a port expression to be used within a rule.
type Nftables::Port = Variant[
Array[Stdlib::Port, 1],
Stdlib::Port,
Nftables::Port::Range,
]
3 changes: 3 additions & 0 deletions types/port/range.pp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# @summary
# Represents a port range expression to be used within a rule.
type Nftables::Port::Range = Pattern[/^\d+-\d+$/]

0 comments on commit 09b07e5

Please sign in to comment.