From 492280a9d097fde4c1a9e43d7b0a079d1fe4e10f Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Mon, 8 Oct 2012 23:12:51 +0200
Subject: shorewall: + https, masquerading

---
 puppet/modules/site_shorewall/manifests/eip.pp | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp
index 1e458b1a..9a4454f9 100644
--- a/puppet/modules/site_shorewall/manifests/eip.pp
+++ b/puppet/modules/site_shorewall/manifests/eip.pp
@@ -20,6 +20,9 @@ class site_shorewall::eip {
   shorewall::routestopped {'eth0':
     interface => 'eth0'; }
 
+  shorewall::masq {'eth0':
+    interface => 'eth0'; }
+
   shorewall::policy {
     'all-to-all':
       sourcezone      => 'all',
@@ -49,10 +52,15 @@ class site_shorewall::eip {
         destination => 'all',
         action      => 'HTTP(ACCEPT)',
         order       => 200;
-     'fw2all-DNS':
+      'fw2all-DNS':
         source      => '$FW',
         destination => 'all',
         action      => 'DNS(ACCEPT)',
         order       => 200;
+      'eip2fw-https':
+        source      => 'eip',
+        destination => '$FW',
+        action      => 'HTTPS(ACCEPT)',
+        order       => 200;
   }
 }
-- 
cgit v1.2.3