From c760a04551cea32a560a0411be123d394ede617b Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Fri, 17 Feb 2023 16:35:57 +0100
Subject: [PATCH] Specify interface name

---
 manifests/app_type.pp | 2 ++
 manifests/proxysql.pp | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index d1fffaf..509a21b 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -337,10 +337,12 @@ define sunetdrive::app_type (
     sunet::misc::ufw_allow { 'https':
       from => '0.0.0.0/0',
       port => 443,
+      iif  => 'ens3',
     }
     sunet::nftables::docker_expose { 'https':
       allow_clients => ['any'],
       port          => 443,
+      iif           => 'ens3',
     }
   }
 
diff --git a/manifests/proxysql.pp b/manifests/proxysql.pp
index f05426f..4fa7e58 100644
--- a/manifests/proxysql.pp
+++ b/manifests/proxysql.pp
@@ -72,10 +72,12 @@ class sunetdrive::proxysql (
   sunet::nftables::docker_expose { 'stats_ports':
     allow_clients => $tug_office,
     port          => 6080,
+    iif           => 'ens3',
   }
   sunet::nftables::docker_expose { 'proxysql':
     allow_clients => ['any'],
     port          => 6032,
+    iif           => 'ens3',
   }
 
   sunet::docker_compose { 'drive_proxysql_docker_compose':