Untitled

define mysqld::firewall::instance (
)

    include iptables

    # Set the defaults for each iptables::filter entry
    Iptables::Filter{
        dport    => '3306',
        state    => 'new',
        protocol => 'tcp'
    }

    $name_lc = inline_template('<%= name.downcase -%>')

    # create an iptables::filter entry for each source chain that requires access
    iptables::filter{ "1300-mysqld-$name_lc" : jump => $name }

}

Called like this:

$sources = ['FOO', 'BAR'], where FOO and BAR are pre-defined iptables "jumps"
mysqld::firewall::instance { $sources: }