shorewall: #2399 blocks uplink (Bug #2866)

2 files changed, 17 insertions, 0 deletions

diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp
index b315044a..83a344a2 100644
--- a/puppet/modules/site_config/manifests/default.pp
+++ b/puppet/modules/site_config/manifests/default.pp
@@ -15,11 +15,18 @@ class site_config::default {
   # configure ssh and include ssh-keys
   include site_config::sshd
 
+  # include classes for special environments
+  # i.e. openstack/aws nodes, vagrant nodes
+
   # fix dhclient from changing resolver information
   if $::ec2_instance_id {
     include site_config::dhclient
   }
 
+  if ( $::virtual == 'virtualbox' ) {
+    include site_config::vagrant
+  }
+
   # configure /etc/resolv.conf
   include site_config::resolvconf
 
diff --git a/puppet/modules/site_config/manifests/vagrant.pp b/puppet/modules/site_config/manifests/vagrant.pp
new file mode 100644
index 00000000..04266735
--- /dev/null
+++ b/puppet/modules/site_config/manifests/vagrant.pp
@@ -0,0 +1,10 @@
+class site_config::vagrant {
+  # class for vagrant nodes
+
+  # eth0 on vagrant nodes is the uplink if
+  shorewall::interface { 'eth0':
+    zone      => 'net',
+    options   => 'tcpflags,blacklist,nosmurfs';
+  }
+
+}