diff options
author | varac <varacanero@zeromail.org> | 2013-02-07 00:33:07 +0100 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2013-02-07 00:33:07 +0100 |
commit | c82b7c8a74ea0154ece5686eac43cab90af77b96 (patch) | |
tree | 4b2a060da210a792c5b25ff3c82cfe1bf90c3997 | |
parent | dbdbb33ce52cf04798763d488e63acc5a26980f9 (diff) |
configure exit policies
-rw-r--r-- | puppet/modules/site_tor/manifests/exit_policy.pp | 8 | ||||
-rw-r--r-- | puppet/modules/site_tor/manifests/init.pp | 9 |
2 files changed, 16 insertions, 1 deletions
diff --git a/puppet/modules/site_tor/manifests/exit_policy.pp b/puppet/modules/site_tor/manifests/exit_policy.pp new file mode 100644 index 00000000..f2d2d38f --- /dev/null +++ b/puppet/modules/site_tor/manifests/exit_policy.pp @@ -0,0 +1,8 @@ +class site_tor::exit_policy { + # exaple policy to allow ssh + tor::daemon::exit_policy { 'ssh_exit_policy': + accept => '*:22', + reject => '*:*'; + } +} + diff --git a/puppet/modules/site_tor/manifests/init.pp b/puppet/modules/site_tor/manifests/init.pp index a854a163..7c25b0e9 100644 --- a/puppet/modules/site_tor/manifests/init.pp +++ b/puppet/modules/site_tor/manifests/init.pp @@ -3,6 +3,7 @@ class site_tor { $tor = hiera('tor') $bandwidth_rate = $tor['bandwidth_rate'] + $tor_type = $tor['type'] $contact_email = hiera('contact_email') @@ -13,8 +14,14 @@ class site_tor { contact_info => $contact_email, bandwidth_rate => $bandwidth_rate, } - tor::daemon::directory { $::hostname: port => 80 } + + # we configure the directory later + #tor::daemon::directory { $::hostname: port => 80 } include site_shorewall::tor + if ( $tor_type == 'exit' ) { + include site_tor::exit_policy + } + } |