Merge remote-tracking branch 'origin/release/v0.2.0'0.2.0

author: Micah Anderson <micah@riseup.net> 2013-02-19 15:18:30 -0500
committer: Micah Anderson <micah@riseup.net> 2013-02-19 15:18:30 -0500
commit: 4dcc5f884cd22d0673f6493799ace2f03a9e66fe (patch)
tree: 3f3f5c217c40f3037c1b2a9cd8da3fe91fdd8389 /puppet/modules/site_shorewall/manifests/dnat_rule.pp
parent: 253b765620961bbc9d96e8f3653b0b9693d29811 (diff)
parent: 2e5eec3856b58aaff0a2049599a6455e6ff91122 (diff)
1 files changed, 25 insertions, 0 deletions
diff --git a/puppet/modules/site_shorewall/manifests/dnat_rule.pp b/puppet/modules/site_shorewall/manifests/dnat_rule.pp
new file mode 100644
index 00000000..68f480d8
--- /dev/null
+++ b/puppet/modules/site_shorewall/manifests/dnat_rule.pp
@@ -0,0 +1,25 @@
+define site_shorewall::dnat_rule {
+
+  $port = $name
+  if $port != 1194 {
+    shorewall::rule {
+        "dnat_tcp_port_$port":
+          action          => 'DNAT',
+          source          => 'net',
+          destination     => "\$FW:${site_openvpn::openvpn_gateway_address}:1194",
+          proto           => 'tcp',
+          destinationport => $port,
+          order           => 100;
+    }
+
+    shorewall::rule {
+        "dnat_udp_port_$port":
+          action          => 'DNAT',
+          source          => 'net',
+          destination     => "\$FW:${site_openvpn::openvpn_gateway_address}:1194",
+          proto           => 'udp',
+          destinationport => $port,
+          order           => 100;
+    }
+  }
+}
author	Micah Anderson <micah@riseup.net>	2013-02-19 15:18:30 -0500
committer	Micah Anderson <micah@riseup.net>	2013-02-19 15:18:30 -0500
commit	4dcc5f884cd22d0673f6493799ace2f03a9e66fe (patch)
tree	3f3f5c217c40f3037c1b2a9cd8da3fe91fdd8389 /puppet/modules/site_shorewall/manifests/dnat_rule.pp
parent	253b765620961bbc9d96e8f3653b0b9693d29811 (diff)
parent	2e5eec3856b58aaff0a2049599a6455e6ff91122 (diff)