diff options
author | Lebedev Vadim <abraham1901@gmail.com> | 2014-03-17 02:31:09 +0400 |
---|---|---|
committer | Lebedev Vadim <abraham1901@gmail.com> | 2014-03-17 02:31:09 +0400 |
commit | 8ab86e291a3575ae69363c4318fb2222c69dd8a5 (patch) | |
tree | 13bcd61f4b102b1844edd32f8bf43d467b6a1aaf | |
parent | 3d574e179953fc5868b0cd0e972a0dd9b9bda5de (diff) |
* Add shorewall-blrules support
-rw-r--r-- | manifests/blrules.pp | 16 | ||||
-rw-r--r-- | templates/blrules.erb | 15 |
2 files changed, 31 insertions, 0 deletions
diff --git a/manifests/blrules.pp b/manifests/blrules.pp new file mode 100644 index 0000000..843a28f --- /dev/null +++ b/manifests/blrules.pp @@ -0,0 +1,16 @@ +class shorewall::blrules ( + $whitelists, + $drops, +) { + file{'/etc/shorewall/puppet/blrules': + content => template("shorewall/blrules.erb"), + require => Package['shorewall'], + notify => Service['shorewall'], + owner => root, + group => 0, + mode => 0644; + } +} + + + diff --git a/templates/blrules.erb b/templates/blrules.erb new file mode 100644 index 0000000..4c9af79 --- /dev/null +++ b/templates/blrules.erb @@ -0,0 +1,15 @@ +# +# Shorewall version 4.4 - Rule-based Blacklisting +# +# For information about entries in this file, type "man shorewall-blrules" +# +# Please see http://shorewall.net/blacklisting_support.htm for additional +# information. +# +############################################################################### +<% @whitelists.each do |value| -%> +WHITELIST <%= value %> +<% end -%> +<% @drops.each do |value| -%> +REJECT <%= value %> +<% end -%> |