summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--puppet/modules/site_shorewall/manifests/eip.pp30
1 files changed, 15 insertions, 15 deletions
diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp
index 2f84d45c..8a986d28 100644
--- a/puppet/modules/site_shorewall/manifests/eip.pp
+++ b/puppet/modules/site_shorewall/manifests/eip.pp
@@ -7,8 +7,8 @@ class site_shorewall::eip {
# define macro for incoming services
file { '/etc/shorewall/macro.leap_eip':
content => "PARAM - - tcp 1194
-PARAM - - udp 1194
-",
+ PARAM - - udp 1194
+ ",
notify => Service['shorewall'],
require => Package['shorewall']
}
@@ -37,17 +37,17 @@ PARAM - - udp 1194
shorewall::masq {
"${interface}_unlimited_tcp":
- interface => $interface,
- source => "${site_openvpn::openvpn_unlimited_tcp_network_prefix}.0/${site_openvpn::openvpn_unlimited_tcp_cidr}";
+ interface => $interface,
+ source => "${site_openvpn::openvpn_unlimited_tcp_network_prefix}.0/${site_openvpn::openvpn_unlimited_tcp_cidr}";
"${interface}_unlimited_udp":
- interface => $interface,
- source => "${site_openvpn::openvpn_unlimited_udp_network_prefix}.0/${site_openvpn::openvpn_unlimited_udp_cidr}";
+ interface => $interface,
+ source => "${site_openvpn::openvpn_unlimited_udp_network_prefix}.0/${site_openvpn::openvpn_unlimited_udp_cidr}";
"${interface}_limited_tcp":
- interface => $interface,
- source => "${site_openvpn::openvpn_limited_tcp_network_prefix}.0/${site_openvpn::openvpn_limited_tcp_cidr}";
+ interface => $interface,
+ source => "${site_openvpn::openvpn_limited_tcp_network_prefix}.0/${site_openvpn::openvpn_limited_tcp_cidr}";
"${interface}_limited_udp":
- interface => $interface,
- source => "${site_openvpn::openvpn_limited_udp_network_prefix}.0/${site_openvpn::openvpn_limited_udp_cidr}";
+ interface => $interface,
+ source => "${site_openvpn::openvpn_limited_udp_network_prefix}.0/${site_openvpn::openvpn_limited_udp_cidr}";
}
shorewall::policy {
@@ -59,11 +59,11 @@ PARAM - - udp 1194
}
shorewall::rule {
- 'net2fw-openvpn':
- source => 'net',
- destination => '$FW',
- action => 'leap_eip(ACCEPT)',
- order => 200;
+ 'net2fw-openvpn':
+ source => 'net',
+ destination => '$FW',
+ action => 'leap_eip(ACCEPT)',
+ order => 200;
}
# create dnat rule for each port