diff options
| author | Micah Anderson <micah@riseup.net> | 2013-01-29 13:15:38 -0500 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2013-01-29 13:29:10 -0500 |
| commit | e83842af0eff8e7754f79100c786f0dc235eba75 (patch) | |
| tree | 80060003f0becc95c85b3b1a1a91119d83d971ed | |
| parent | 0e1f5ab91e7a613da7ec15495f05386a98626b08 (diff) | |
setup special casing for vagrant/virtualbox
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/eip.pp | 50 |
1 files changed, 32 insertions, 18 deletions
diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp index d5d7ff19..b2d165db 100644 --- a/puppet/modules/site_shorewall/manifests/eip.pp +++ b/puppet/modules/site_shorewall/manifests/eip.pp @@ -8,7 +8,7 @@ class site_shorewall::eip { $ip_address = hiera('ip_address') # a special case for vagrant interfaces $interface = $::virtual ? { - virtualbox => ['eth0', 'eth1'], + virtualbox => [ 'eth0', 'eth1' ], default => getvar("${ip_address}_interface") } $ssh_config = hiera('ssh') @@ -30,28 +30,42 @@ PARAM - - udp 1194 options => 'tcpflags,blacklist,nosmurfs'; } - shorewall::interface {'tun0': - zone => 'eip', - options => 'tcpflags,blacklist,nosmurfs'; } - shorewall::interface {'tun1': - zone => 'eip', - options => 'tcpflags,blacklist,nosmurfs'; } + shorewall::interface { + 'tun0': + zone => 'eip', + options => 'tcpflags,blacklist,nosmurfs'; + 'tun1': + zone => 'eip', + options => 'tcpflags,blacklist,nosmurfs' + } shorewall::zone {'eip': type => 'ipv4'; } - shorewall::routestopped { $interface: - interface => $interface; } - - - shorewall::masq { "${interface}_tcp": - interface => $interface, - source => "${site_openvpn::openvpn_tcp_network_prefix}.0/${site_openvpn::openvpn_tcp_cidr}"; } - - shorewall::masq { "${interface}_udp": - interface => $interface, - source => "${site_openvpn::openvpn_udp_network_prefix}.0/${site_openvpn::openvpn_udp_cidr}"; } + shorewall::routestopped { $interface: } + + case $::virtual { + 'virtualbox': { + shorewall::masq { + 'eth0_tcp': + interface => 'eth0', + source => "${site_openvpn::openvpn_tcp_network_prefix}.0/${site_openvpn::openvpn_tcp_cidr}"; + 'eth0_udp': + interface => 'eth0', + source => "${site_openvpn::openvpn_udp_network_prefix}.0/${site_openvpn::openvpn_udp_cidr}"; } + } + default: { + shorewall::masq { + "${interface}_tcp": + interface => $interface, + source => "${site_openvpn::openvpn_tcp_network_prefix}.0/${site_openvpn::openvpn_tcp_cidr}"; + + "${interface}_udp": + interface => $interface, + source => "${site_openvpn::openvpn_udp_network_prefix}.0/${site_openvpn::openvpn_udp_cidr}"; } + } + } shorewall::policy { 'eip-to-all': |