diff options
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/defaults.pp | 4 | ||||
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/eip.pp | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/puppet/modules/site_shorewall/manifests/defaults.pp b/puppet/modules/site_shorewall/manifests/defaults.pp index c68b8370..88981e5f 100644 --- a/puppet/modules/site_shorewall/manifests/defaults.pp +++ b/puppet/modules/site_shorewall/manifests/defaults.pp @@ -10,8 +10,4 @@ class site_shorewall::defaults { shorewall::rule_section { 'NEW': order => 10; } - shorewall::interface {'eth0': - zone => 'net', - options => 'tcpflags,blacklist,nosmurfs'; - } } diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp index 54f3ea6e..0c9bfa9c 100644 --- a/puppet/modules/site_shorewall/manifests/eip.pp +++ b/puppet/modules/site_shorewall/manifests/eip.pp @@ -13,6 +13,13 @@ class site_shorewall::eip { PARAM - - udp 53,80,443,1194 ', } + + # define interfaces + shorewall::interface {"$interface": + zone => 'net', + options => 'tcpflags,blacklist,nosmurfs'; + } + shorewall::interface {'tun0': zone => 'eip', options => 'tcpflags,blacklist,nosmurfs'; } @@ -20,6 +27,7 @@ PARAM - - udp 53,80,443,1194 zone => 'eip', options => 'tcpflags,blacklist,nosmurfs'; } + shorewall::zone {'eip': type => 'ipv4'; } |