diff options
Diffstat (limited to 'puppet/modules')
-rw-r--r-- | puppet/modules/site_shorewall/manifests/eip.pp | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp index 2f84d45c..8a986d28 100644 --- a/puppet/modules/site_shorewall/manifests/eip.pp +++ b/puppet/modules/site_shorewall/manifests/eip.pp @@ -7,8 +7,8 @@ class site_shorewall::eip { # define macro for incoming services file { '/etc/shorewall/macro.leap_eip': content => "PARAM - - tcp 1194 -PARAM - - udp 1194 -", + PARAM - - udp 1194 + ", notify => Service['shorewall'], require => Package['shorewall'] } @@ -37,17 +37,17 @@ PARAM - - udp 1194 shorewall::masq { "${interface}_unlimited_tcp": - interface => $interface, - source => "${site_openvpn::openvpn_unlimited_tcp_network_prefix}.0/${site_openvpn::openvpn_unlimited_tcp_cidr}"; + interface => $interface, + source => "${site_openvpn::openvpn_unlimited_tcp_network_prefix}.0/${site_openvpn::openvpn_unlimited_tcp_cidr}"; "${interface}_unlimited_udp": - interface => $interface, - source => "${site_openvpn::openvpn_unlimited_udp_network_prefix}.0/${site_openvpn::openvpn_unlimited_udp_cidr}"; + interface => $interface, + source => "${site_openvpn::openvpn_unlimited_udp_network_prefix}.0/${site_openvpn::openvpn_unlimited_udp_cidr}"; "${interface}_limited_tcp": - interface => $interface, - source => "${site_openvpn::openvpn_limited_tcp_network_prefix}.0/${site_openvpn::openvpn_limited_tcp_cidr}"; + interface => $interface, + source => "${site_openvpn::openvpn_limited_tcp_network_prefix}.0/${site_openvpn::openvpn_limited_tcp_cidr}"; "${interface}_limited_udp": - interface => $interface, - source => "${site_openvpn::openvpn_limited_udp_network_prefix}.0/${site_openvpn::openvpn_limited_udp_cidr}"; + interface => $interface, + source => "${site_openvpn::openvpn_limited_udp_network_prefix}.0/${site_openvpn::openvpn_limited_udp_cidr}"; } shorewall::policy { @@ -59,11 +59,11 @@ PARAM - - udp 1194 } shorewall::rule { - 'net2fw-openvpn': - source => 'net', - destination => '$FW', - action => 'leap_eip(ACCEPT)', - order => 200; + 'net2fw-openvpn': + source => 'net', + destination => '$FW', + action => 'leap_eip(ACCEPT)', + order => 200; } # create dnat rule for each port |