diff options
| author | varac <varacanero@zeromail.org> | 2013-02-07 12:34:51 +0100 |
|---|---|---|
| committer | varac <varacanero@zeromail.org> | 2013-02-07 12:34:51 +0100 |
| commit | 93a514a61ccfd656796d5b5cd143ea4cfacbc15b (patch) | |
| tree | 37bb3f26e23060858336a5f5e38b5aac2fefc280 /puppet/modules/site_shorewall/manifests/sshd.pp | |
| parent | 07cc737f655c9fc0afe50e9850963120114ee18e (diff) | |
| parent | 173b2dc3ecbdab2cacede4e50f6fa3f5daa3c683 (diff) | |
Merge branch 'feature/tor' into develop
Diffstat (limited to 'puppet/modules/site_shorewall/manifests/sshd.pp')
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/sshd.pp | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/puppet/modules/site_shorewall/manifests/sshd.pp b/puppet/modules/site_shorewall/manifests/sshd.pp new file mode 100644 index 00000000..2cf4fd56 --- /dev/null +++ b/puppet/modules/site_shorewall/manifests/sshd.pp @@ -0,0 +1,23 @@ +class site_shorewall::sshd { + + $ssh_config = hiera('ssh') + $ssh_port = $ssh_config['port'] + + include shorewall + + # define macro for incoming sshd + file { '/etc/shorewall/macro.leap_sshd': + content => "PARAM - - tcp $ssh_port", + notify => Service['shorewall'] + } + + + shorewall::rule { + # outside to server + 'net2fw-ssh': + source => 'net', + destination => '$FW', + action => 'leap_sshd(ACCEPT)', + order => 200; + } +} |