Firewall: Add missing sport for IPv6 with missing destination_addresses #105
Commits on Jan 1, 2024
-
Ensure catalog compiles when endpoint is missing
Usually we parse the src port for incoming packets / the dst port for outgoing packets from the $endpoint param The param is optional, in case you want to create a passive endpoint for clients with dynamic ip addresses In those cases we still need to create firewall rules, but without src port for incoming packets / the dst port To make this all a bit easier, we also added a new parameter, $endpoint_port, which takes precedence over parsing $endpoint. Previously the catalog compilation failed with: ``` Evaluation Error: Left match operand must result in a String value. Got an Undef Value. ``` Because of: `if $endpoint =~ /:(\d+)$/ {` This test verifies that the current code is broken. -
Make src port for firwalling configureable
Usually we parse the src port for incoming packets / the dst port for outgoing packets from the $endpoint param The param is optional, in case you want to create a passive endpoint for clients with dynamic ip addresses In those cases we still need to create firewall rules, but without src port for incoming packets / the dst port To make this all a bit easier, we also added a new parameter, $endpoint_port, which takes precedence over parsing $endpoint. Previously the catalog compilation failed with: ``` Evaluation Error: Left match operand must result in a String value. Got an Undef Value. ``` Because of: `if $endpoint =~ /:(\d+)$/ {` #103 verifies that the current code is broken. Thew new code adds a safeguard to check if $endpoint is set. we also add a new parameter in case we want to explicitly set the port.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.