diff options
author | Lebedev Vadim <abraham1901@gmail.com> | 2014-03-17 02:31:09 +0400 |
---|---|---|
committer | Matt Taggart <taggart@riseup.net> | 2017-02-09 15:02:57 -0800 |
commit | ba8d84a98b4193867f3edda7fc3f497fd7edc373 (patch) | |
tree | b00ee64df6ca6520626b0e3c4f36a29a88eef006 | |
parent | f35965e0d13c5a20213046f7facbfd609d418545 (diff) |
* Add shorewall-blrules support
-rw-r--r-- | manifests/blrules.pp | 16 | ||||
-rw-r--r-- | templates/blrules.erb | 15 |
2 files changed, 31 insertions, 0 deletions
diff --git a/manifests/blrules.pp b/manifests/blrules.pp new file mode 100644 index 0000000..843a28f --- /dev/null +++ b/manifests/blrules.pp @@ -0,0 +1,16 @@ +class shorewall::blrules ( + $whitelists, + $drops, +) { + file{'/etc/shorewall/puppet/blrules': + content => template("shorewall/blrules.erb"), + require => Package['shorewall'], + notify => Service['shorewall'], + owner => root, + group => 0, + mode => 0644; + } +} + + + diff --git a/templates/blrules.erb b/templates/blrules.erb new file mode 100644 index 0000000..4c9af79 --- /dev/null +++ b/templates/blrules.erb @@ -0,0 +1,15 @@ +# +# Shorewall version 4.4 - Rule-based Blacklisting +# +# For information about entries in this file, type "man shorewall-blrules" +# +# Please see http://shorewall.net/blacklisting_support.htm for additional +# information. +# +############################################################################### +<% @whitelists.each do |value| -%> +WHITELIST <%= value %> +<% end -%> +<% @drops.each do |value| -%> +REJECT <%= value %> +<% end -%> |