diff options
author | varac <varacanero@zeromail.org> | 2012-10-08 23:12:51 +0200 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2012-10-08 23:12:51 +0200 |
commit | 492280a9d097fde4c1a9e43d7b0a079d1fe4e10f (patch) | |
tree | b1c12553a3c415ffe7684eca699d97a0df41bc52 /puppet | |
parent | 949ab1afa57771f44371da6da5e510056ada6d3b (diff) |
shorewall: + https, masquerading
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/modules/site_shorewall/manifests/eip.pp | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp index 1e458b1a..9a4454f9 100644 --- a/puppet/modules/site_shorewall/manifests/eip.pp +++ b/puppet/modules/site_shorewall/manifests/eip.pp @@ -20,6 +20,9 @@ class site_shorewall::eip { shorewall::routestopped {'eth0': interface => 'eth0'; } + shorewall::masq {'eth0': + interface => 'eth0'; } + shorewall::policy { 'all-to-all': sourcezone => 'all', @@ -49,10 +52,15 @@ class site_shorewall::eip { destination => 'all', action => 'HTTP(ACCEPT)', order => 200; - 'fw2all-DNS': + 'fw2all-DNS': source => '$FW', destination => 'all', action => 'DNS(ACCEPT)', order => 200; + 'eip2fw-https': + source => 'eip', + destination => '$FW', + action => 'HTTPS(ACCEPT)', + order => 200; } } |