ae3dfe4d95
The install scripts now look for CentOS in release files. Also some instances of facter's operatingsystem are switched to osfamily and capitalization of RedHat is normalized to match what facter uses. Change-Id: I3bbca5481d0d5e6de9e62bfd6e2b0a85264ed6ed Reviewed-on: https://review.openstack.org/27398 Reviewed-by: Clark Boylan <clark.boylan@gmail.com> Reviewed-by: James E. Blair <corvus@inaugust.com> Approved: Jeremy Stanley <fungi@yuggoth.org> Reviewed-by: Jeremy Stanley <fungi@yuggoth.org> Tested-by: Jenkins
39 lines
1.4 KiB
Puppet
39 lines
1.4 KiB
Puppet
# Class: iptables::params
|
|
#
|
|
# This class holds parameters that need to be
|
|
# accessed by other classes.
|
|
class iptables::params {
|
|
case $::osfamily {
|
|
'RedHat': {
|
|
$package_name = 'iptables'
|
|
$service_name = 'iptables'
|
|
$rules_dir = '/etc/sysconfig'
|
|
$ipv4_rules = '/etc/sysconfig/iptables'
|
|
$ipv6_rules = '/etc/sysconfig/ip6tables'
|
|
$service_has_status = true
|
|
$service_status_cmd = undef
|
|
$service_has_restart = false
|
|
}
|
|
'Debian', 'Ubuntu': {
|
|
$package_name = 'iptables-persistent'
|
|
$service_name = 'iptables-persistent'
|
|
$rules_dir = '/etc/iptables'
|
|
$ipv4_rules = '/etc/iptables/rules.v4'
|
|
$ipv6_rules = '/etc/iptables/rules.v6'
|
|
# Because there is no running process for this service, the normal status
|
|
# checks fail. Because puppet then thinks the service has been manually
|
|
# stopped, it won't restart it. This fake status command will trick
|
|
# puppet into thinking the service is *always* running (which in a way
|
|
# it is, as iptables is part of the kernel.)
|
|
$service_has_status = true
|
|
$service_status_cmd = true
|
|
# Under Debian, the "restart" parameter does not reload the rules, so
|
|
# tell Puppet to fall back to stop/start, which does work.
|
|
$service_has_restart = false
|
|
}
|
|
default: {
|
|
fail("Unsupported osfamily: ${::osfamily} The 'iptables' module only supports osfamily Ubuntu or Redhat(slaves only).")
|
|
}
|
|
}
|
|
}
|