From 301bc2206aeb3f2d184ad21f570869c0569f890e Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Wed, 27 Dec 2023 11:40:30 +0100
Subject: [PATCH] simplrule: Allow multiple oifname/iifname

---
 manifests/simplerule.pp  |  8 ++++----
 templates/simplerule.epp | 18 ++++++++++--------
 2 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/manifests/simplerule.pp b/manifests/simplerule.pp
index b19c8b8f..d32bcf7c 100644
--- a/manifests/simplerule.pp
+++ b/manifests/simplerule.pp
@@ -72,8 +72,8 @@
   Optional[Nftables::Port] $sport = undef,
   Optional[Nftables::Addr] $saddr = undef,
   Boolean $counter = false,
-  Optional[String[1]] $iifname = undef,
-  Optional[String[1]] $oifname = undef,
+  Variant[Array[String[1]],String[1]] $iifname = [],
+  Variant[Array[String[1]],String[1]] $oifname = [],
 ) {
   if $dport and !$proto {
     fail('Specifying a transport protocol via $proto is mandatory when passing a $dport')
@@ -96,8 +96,8 @@
           'saddr'    => $saddr,
           'set_type' => $set_type,
           'sport'    => $sport,
-          'iifname'  => $iifname,
-          'oifname'  => $oifname,
+          'iifname'  => [$iifname].flatten,
+          'oifname'  => [$oifname].flatten,
         }
       ),
       order   => $order,
diff --git a/templates/simplerule.epp b/templates/simplerule.epp
index 446fb987..4679e2c1 100644
--- a/templates/simplerule.epp
+++ b/templates/simplerule.epp
@@ -7,8 +7,8 @@
       Optional[Nftables::Addr] $saddr,
       String                   $set_type,
       Optional[Nftables::Port] $sport,
-      Optional[String[1]]      $iifname,
-      Optional[String[1]]      $oifname,
+      Array[String[1]]         $iifname,
+      Array[String[1]]         $oifname,
 | -%>
 <%- if $proto {
   $_proto = $proto ? {
@@ -71,14 +71,16 @@
 } else {
   $_counter = undef
 } -%>
-<%- if $iifname {
-  $_iifname = "iifname \"${iifname}\""
-} else {
+<%- if empty($iifname) {
   $_iifname = undef
-} -%>
-<%- if $oifname {
-  $_oifname = "oifname \"${oifname}\""
 } else {
+  $iifdata = $iifname.map |String[1] $interface| { "\"${interface}\"" }.join(', ')
+  $_iifname = "iifname { ${iifdata} }"
+} -%>
+<%- if empty($oifname) {
   $_oifname = undef
+} else {
+  $oifdata = $oifname.map |String[1] $interface| { "\"${interface}\"" }.join(', ')
+  $_oifname = "oifname { ${oifdata} }"
 } -%>
 <%= regsubst(strip([$_ip_version_filter, $_iifname, $_oifname, $_src_port, $_dst_port, $_src_hosts, $_dst_hosts, $_counter, $action, $_comment].join(' ')), '\s+', ' ', 'G') -%>