Puppet Class: rsyslog::server::firewall

Defined in:
manifests/server/firewall.pp

Overview

NOTE: THIS IS A PRIVATE CLASS

Sets up the firewall rules for RSyslog with IPTables

In ports will be openened for all systems inside of the $::rsyslog::trusted_nets Array.



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# File 'manifests/server/firewall.pp', line 8

class rsyslog::server::firewall {
  assert_private()

  if $::rsyslog::tls_tcp_server {
    iptables::listen::tcp_stateful { 'syslog_tls_tcp':
      trusted_nets => $::rsyslog::trusted_nets,
      dports       => $::rsyslog::tls_tcp_listen_port
    }
  }

  if $::rsyslog::tcp_server {
    iptables::listen::tcp_stateful { 'syslog_tcp':
      trusted_nets => $::rsyslog::trusted_nets,
      dports       => $::rsyslog::tcp_listen_port
    }
  }

  if $::rsyslog::udp_server {
    iptables::listen::udp { 'syslog_udp':
      trusted_nets => $::rsyslog::trusted_nets,
      dports       => $::rsyslog::udp_listen_port
    }
  }
}