shorewall: + https, masquerading

author: varac <varacanero@zeromail.org> 2012-10-08 23:12:51 +0200
committer: varac <varacanero@zeromail.org> 2012-10-08 23:12:51 +0200
commit: 492280a9d097fde4c1a9e43d7b0a079d1fe4e10f (patch)
tree: b1c12553a3c415ffe7684eca699d97a0df41bc52 /puppet/modules/site_shorewall/manifests/eip.pp
parent: 949ab1afa57771f44371da6da5e510056ada6d3b (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp
index 1e458b1a..9a4454f9 100644
--- a/puppet/modules/site_shorewall/manifests/eip.pp
+++ b/puppet/modules/site_shorewall/manifests/eip.pp
@@ -20,6 +20,9 @@ class site_shorewall::eip {
   shorewall::routestopped {'eth0':
     interface => 'eth0'; }
 
+  shorewall::masq {'eth0':
+    interface => 'eth0'; }
+
   shorewall::policy {
     'all-to-all':
       sourcezone      => 'all',
@@ -49,10 +52,15 @@ class site_shorewall::eip {
         destination => 'all',
         action      => 'HTTP(ACCEPT)',
         order       => 200;
-     'fw2all-DNS':
+      'fw2all-DNS':
         source      => '$FW',
         destination => 'all',
         action      => 'DNS(ACCEPT)',
         order       => 200;
+      'eip2fw-https':
+        source      => 'eip',
+        destination => '$FW',
+        action      => 'HTTPS(ACCEPT)',
+        order       => 200;
   }
 }
author	varac <varacanero@zeromail.org>	2012-10-08 23:12:51 +0200
committer	varac <varacanero@zeromail.org>	2012-10-08 23:12:51 +0200
commit	492280a9d097fde4c1a9e43d7b0a079d1fe4e10f (patch)
tree	b1c12553a3c415ffe7684eca699d97a0df41bc52 /puppet/modules/site_shorewall/manifests/eip.pp
parent	949ab1afa57771f44371da6da5e510056ada6d3b (diff)