From 7a9b7bed9cd8e2f2c02c4ce3627c874350d954f7 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 2 Nov 2012 16:19:04 +0100 Subject: accept all outgoing traffic on eip gw --- puppet/modules/site_shorewall/manifests/eip.pp | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'puppet/modules/site_shorewall/manifests/eip.pp') diff --git a/puppet/modules/site_shorewall/manifests/eip.pp b/puppet/modules/site_shorewall/manifests/eip.pp index 34268125..e94c7db4 100644 --- a/puppet/modules/site_shorewall/manifests/eip.pp +++ b/puppet/modules/site_shorewall/manifests/eip.pp @@ -7,9 +7,9 @@ class site_shorewall::eip { $interface = hiera('interface') $ssh_config = hiera('ssh') - $ssh_port = $ssh_config['port'] + $ssh_port = $ssh_config['port'] - # define macro + # define macro for incoming services file { '/etc/shorewall/macro.leap_eip': content => "PARAM - - tcp 53,80,443,1194,$ssh_port PARAM - - udp 53,80,443,1194 @@ -51,6 +51,11 @@ PARAM - - udp 53,80,443,1194 destinationzone => 'all', policy => 'ACCEPT', order => 100; + 'fw-to-all': + sourcezone => '$FW', + destinationzone => 'all', + policy => 'ACCEPT', + order => 100; 'all-to-all': sourcezone => 'all', destinationzone => 'all', @@ -59,12 +64,14 @@ PARAM - - udp 53,80,443,1194 } shorewall::rule { + # ping party 'all2all-ping': source => 'all', destination => 'all', action => 'Ping(ACCEPT)', order => 200; + # outside to server 'net2fw-ssh': source => 'net', destination => '$FW', @@ -76,7 +83,7 @@ PARAM - - udp 53,80,443,1194 action => 'leap_eip(ACCEPT)', order => 200; - # eip gw itself to outside + # server to outside 'fw2all-http': source => '$FW', destination => 'all', @@ -93,10 +100,11 @@ PARAM - - udp 53,80,443,1194 action => 'Git(ACCEPT)', order => 200; - 'eip2fw-https': - source => 'eip', - destination => '$FW', - action => 'HTTPS(ACCEPT)', - order => 200; + # Webfrontend is running on another server + #'eip2fw-https': + # source => 'eip', + # destination => '$FW', + # action => 'HTTPS(ACCEPT)', + # order => 200; } } -- cgit v1.2.3