From 3bc680557ca4a70887c99ab9d53cd446730ec00d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Dec 2012 15:50:08 -0500 Subject: set ip_forwarding using augeas --- puppet/modules/site_shorewall/manifests/defaults.pp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'puppet/modules/site_shorewall') diff --git a/puppet/modules/site_shorewall/manifests/defaults.pp b/puppet/modules/site_shorewall/manifests/defaults.pp index 88981e5f..0ee20744 100644 --- a/puppet/modules/site_shorewall/manifests/defaults.pp +++ b/puppet/modules/site_shorewall/manifests/defaults.pp @@ -10,4 +10,13 @@ class site_shorewall::defaults { shorewall::rule_section { 'NEW': order => 10; } + include augeas + + augeas { 'enable_ip_forwarding': + changes => 'set /files/etc/shorewall/shorewall.conf/IP_FORWARDING Yes', + lens => 'Shellvars.lns', + incl => '/etc/shorewall/shorewall.conf', + notify => Service[shorewall]; + } + } -- cgit v1.2.3 From 221976d2814009710b1a392a451fc4684004c971 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 14 Dec 2012 13:14:49 +0100 Subject: no need for sections in shorewall rules from the shorewall-rules manpage: "If no Section Headers appear in the file then all rules are assumed to be in the NEW section." --- puppet/modules/site_shorewall/manifests/defaults.pp | 2 -- 1 file changed, 2 deletions(-) (limited to 'puppet/modules/site_shorewall') diff --git a/puppet/modules/site_shorewall/manifests/defaults.pp b/puppet/modules/site_shorewall/manifests/defaults.pp index 0ee20744..d348bf00 100644 --- a/puppet/modules/site_shorewall/manifests/defaults.pp +++ b/puppet/modules/site_shorewall/manifests/defaults.pp @@ -8,8 +8,6 @@ class site_shorewall::defaults { shorewall::zone {'net': type => 'ipv4'; } - shorewall::rule_section { 'NEW': order => 10; } - include augeas augeas { 'enable_ip_forwarding': -- cgit v1.2.3