summaryrefslogtreecommitdiff
path: root/puppet/modules/shorewall/manifests/rules/ipsec.pp
blob: 82adff09dc022c260d6b206eda2e2f766d0e7b9c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
class shorewall::rules::ipsec(
  $source = 'net'
) {
    shorewall::rule {
      'net-me-ipsec-udp':
        source          => $shorewall::rules::ipsec::source,
        destination     => '$FW',
        proto           => 'udp',
        destinationport => '500',
        order           => 240,
        action          => 'ACCEPT';
      'me-net-ipsec-udp':
        source          => '$FW',
        destination     => $shorewall::rules::ipsec::source,
        proto           => 'udp',
        destinationport => '500',
        order           => 240,
        action          => 'ACCEPT';
      'net-me-ipsec':
        source          => $shorewall::rules::ipsec::source,
        destination     => '$FW',
        proto           => 'esp',
        order           => 240,
        action          => 'ACCEPT';
      'me-net-ipsec':
        source          => '$FW',
        destination     => $shorewall::rules::ipsec::source,
        proto           => 'esp',
        order           => 240,
        action          => 'ACCEPT';
    }
}