Ditutup

Ruby provider for puppet

I'm using the Puppetlabs firewall module to manage iptables rules on my openvpn jump host. I have many local interfaces that I need to setup a MASQUERADE rule for. I can do this manually with puppet, but I want it to be slick and totally automatic.

I want to create a firewall-autonat puppet provider that will automatically create MASQUERADE rules for every interface and interface alias on my system.

Here's the puppet module I'm using to manage my firewall. Your code needs to create another provider (and be compatible with the rest of the code) inside of this module

[url removed, login to view]

Here's an example of how I want the puppet provider to be called:

firewall-autonat { "000 NAT for OpenVPN":

chain => "POSTROUTING",

jump => "MASQUERADE",

table => 'nat',

proto => 'all',

source => '10.2.20.0/255.255.255.0';

}

If my ifconfig looks like this:

[url removed, login to view] Link encap:Ethernet Hwaddr x.x.x.x.x.x

inet addr:10.2.70.5 Bcast:[url removed, login to view] Mask:255.255.255.0

[url removed, login to view] Link encap:Ethernet Hwaddr x.x.x.x.x.x

inet addr:10.2.71.5 Bcast:[url removed, login to view] Mask:255.255.255.0

[url removed, login to view] Link encap:Ethernet Hwaddr x.x.x.x.x.x

inet addr:10.2.72.5 Bcast:[url removed, login to view] Mask:255.255.255.0

[url removed, login to view] Link encap:Ethernet Hwaddr x.x.x.x.x.x

inet addr:10.2.73.5 Bcast:[url removed, login to view] Mask:255.255.255.0

[url removed, login to view] Link encap:Ethernet Hwaddr x.x.x.x.x.x

inet addr:10.2.74.5 Bcast:[url removed, login to view] Mask:255.255.255.0

[url removed, login to view] Link encap:Ethernet Hwaddr x.x.x.x.x.x

inet addr:10.2.75.5 Bcast:[url removed, login to view] Mask:255.255.255.0

It should generate the following rules via the puppet firewall module:

-A POSTROUTING -s 10.2.20.0/255.255.255.0 -d 10.2.70.0/255.255.255.0 -o [url removed, login to view] -j MASQUERADE

-A POSTROUTING -s 10.2.20.0/255.255.255.0 -d 10.2.71.0/255.255.255.0 -o [url removed, login to view] -j MASQUERADE

-A POSTROUTING -s 10.2.20.0/255.255.255.0 -d 10.2.72.0/255.255.255.0 -o [url removed, login to view] -j MASQUERADE

-A POSTROUTING -s 10.2.20.0/255.255.255.0 -d 10.2.73.0/255.255.255.0 -o [url removed, login to view] -j MASQUERADE

-A POSTROUTING -s 10.2.20.0/255.255.255.0 -d 10.2.74.0/255.255.255.0 -o [url removed, login to view] -j MASQUERADE

-A POSTROUTING -s 10.2.20.0/255.255.255.0 -d 10.2.75.0/255.255.255.0 -o [url removed, login to view] -j MASQUERADE

Kemahiran: Linux, Ruby on Rails

Lihat lebih lanjut: ruby provider puppet, ruby on rails linux, ruby on rails host, rest with ruby on rails, host ruby on rails, puppet firewall nat example, openvpn source, iptables openvpn, ruby on rails 5, ruby linux, proto, openvpn linux, linux openvpn, linux firewall, iptables, forge, Ethernet, openvpn linux nat, openvpn nat linux, using ruby rails, openvpn nat, chain openvpn, nat setup firewall, ruby rest, ruby rails linux

Tentang Majikan:
( 1 ulasan ) Bronx, United States

ID Projek: #1534940

1 pekerja bebas membida secara purata $1000 untuk pekerjaan ini

qitsol

we are top ruby team .

$1000 USD dalam 10 hari
(23 Ulasan)
5.1