Defined Type: tcpwrappers::allow

Defined in:
manifests/allow.pp

Summary

The tcpwrappers::allow class creates a concat fragment for constructing hosts.allow

Overview

Define tcpwrappers::allow

Defined type which specifies and creates concat hosts.allow fragment

Examples:

Creating a tcpwrappers rule in hosts.allow

tcpwrappers::allow { 'allow sshd':
  client_list => 'ALL',
  daemon_list => 'sshd',
  $order      => '22_sshd_allow_all',
  $comment    =>  'Allow all clients to reach sshd daemon',
}

Parameters:

  • client_list (Variant[String,Array[String]])

    A list of hosts affected by the rule. Operators can also be included in the string as appropriate. No validation is done to ensure that the are valid for tcpwrappers.

  • daemon_list (Variant[String,Array[String]])

    A list of daemons affected by the rule. Operators can also be included in the string as appropriate. No validation is done to ensure that they are valid for tcpwrappers.

  • order (String)

    Alphanumeric string that controls the ordering of concat fragments.

  • allow_template (Optional[String]) (defaults to: 'tcpwrappers/allow.erb')

    Template to use for fragment. Allows one to specify a different locally developed template instead of the module provided one.

  • comment (Optional[String]) (defaults to: undef)

    A comment to be included in the concat fragment to allow for readibility of hosts.allow. The module template automatically places a "#" character in front of the comment.

  • optional_actions (Optional[Variant[String,Array[String]]]) (defaults to: 'ALLOW')

    An optional acction or list of actions to be carried out when the rule is hit. This defaults to allow; however, it can be overridden with an empty string to remove completely the options from the rule.



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'manifests/allow.pp', line 23

define tcpwrappers::allow (
  Variant[String,Array[String]]             $client_list,
  Variant[String,Array[String]]             $daemon_list,
  String                                    $order,
  Optional[String]                          $allow_template   = 'tcpwrappers/allow.erb',
  Optional[String]                          $comment          = undef,
  Optional[Variant[String,Array[String]]]   $optional_actions = 'ALLOW',
) {
  include ::tcpwrappers
  concat::fragment { "tcpwrappers_${name}":
    target  => "${tcpwrappers::config_dir}/${tcpwrappers::file_allow}",
    order   => $order,
    content => template($allow_template),
  }
}