summaryrefslogtreecommitdiff
path: root/puppet/modules
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2013-02-06 23:33:51 +0100
committervarac <varacanero@zeromail.org>2013-02-06 23:33:51 +0100
commit07afa7bd4c7dcb941e3984d4fccc1169baf03448 (patch)
tree1ff27bc171f0d4727ab6a1076ce8ab38fbeba23e /puppet/modules
parentab25692d3b8aaf3e71ec3546d1ea9d85f26f7b63 (diff)
allow all outgoing traffic
Diffstat (limited to 'puppet/modules')
-rw-r--r--puppet/modules/site_shorewall/manifests/defaults.pp22
1 files changed, 5 insertions, 17 deletions
diff --git a/puppet/modules/site_shorewall/manifests/defaults.pp b/puppet/modules/site_shorewall/manifests/defaults.pp
index 7992406b..d5639a90 100644
--- a/puppet/modules/site_shorewall/manifests/defaults.pp
+++ b/puppet/modules/site_shorewall/manifests/defaults.pp
@@ -29,6 +29,11 @@ class site_shorewall::defaults {
shorewall::routestopped { $interface: }
shorewall::policy {
+ 'fw-to-all':
+ sourcezone => 'fw',
+ destinationzone => 'all',
+ policy => 'ACCEPT',
+ order => 100;
'all-to-all':
sourcezone => 'all',
destinationzone => 'all',
@@ -43,23 +48,6 @@ class site_shorewall::defaults {
destination => 'all',
action => 'Ping(ACCEPT)',
order => 200;
-
- # server to outside
- 'fw2all-http':
- source => '$FW',
- destination => 'all',
- action => 'HTTP(ACCEPT)',
- order => 200;
- 'fw2all-DNS':
- source => '$FW',
- destination => 'all',
- action => 'DNS(ACCEPT)',
- order => 200;
- 'fw2all-git':
- source => '$FW',
- destination => 'all',
- action => 'Git(ACCEPT)',
- order => 200;
}
include site_shorewall::sshd