summaryrefslogtreecommitdiff
path: root/puppet/modules/shorewall/manifests/rules/ipsec.pp
blob: 413406e19bf24752145ad160a56245260ec68e76 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# manage ipsec rules for zone specified in
# $name
define shorewall::rules::ipsec() {
  shorewall::rule {
    "${name}-me-ipsec-udp":
      source          => $name,
      destination     => '$FW',
      proto           => 'udp',
      destinationport => '500',
      order           => 240,
      action          => 'ACCEPT';
    "me-${name}-ipsec-udp":
      source          => '$FW',
      destination     => $name,
      proto           => 'udp',
      destinationport => '500',
      order           => 240,
      action          => 'ACCEPT';
    "${name}-me-ipsec":
      source          => $name,
      destination     => '$FW',
      proto           => 'esp',
      order           => 240,
      action          => 'ACCEPT';
    "me-${name}-ipsec":
      source          => '$FW',
      destination     => $name,
      proto           => 'esp',
      order           => 240,
      action          => 'ACCEPT';
  }
}