diff options
| author | mh <mh@immerda.ch> | 2017-04-25 15:28:26 +0200 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2017-04-25 15:41:09 +0200 |
| commit | c2bf7e71d8598dbb05b5dee9f452b6332e9e916e (patch) | |
| tree | 1e76551ccb51a8eaebf7c643847dd76197aafdcb | |
| parent | 591b48169ba18c8f9d8337aa2626d716e6866476 (diff) | |
make it possibble to disable ipv6 for these rules
| -rw-r--r-- | manifests/rules/munin.pp | 4 | ||||
| -rw-r--r-- | manifests/rules/out/puppet.pp | 21 |
2 files changed, 15 insertions, 10 deletions
diff --git a/manifests/rules/munin.pp b/manifests/rules/munin.pp index 252f2ed..9496138 100644 --- a/manifests/rules/munin.pp +++ b/manifests/rules/munin.pp @@ -2,7 +2,8 @@ class shorewall::rules::munin( $munin_port = '4949', $munin_collector = ['127.0.0.1'], - $collector_source = 'net' + $collector_source = 'net', + $shorewall6 = true, ){ shorewall::params4{ 'MUNINPORT': value => $munin_port; @@ -14,6 +15,7 @@ class shorewall::rules::munin( proto => 'tcp', destinationport => '$MUNINPORT', order => 240, + shorewall6 => $shorewall6, action => 'ACCEPT'; } } diff --git a/manifests/rules/out/puppet.pp b/manifests/rules/out/puppet.pp index cbe8cce..827e23a 100644 --- a/manifests/rules/out/puppet.pp +++ b/manifests/rules/out/puppet.pp @@ -1,7 +1,9 @@ +# outgoing puppet traffic class shorewall::rules::out::puppet( - $puppetserver = "puppet.${::domain}", - $puppetserver_port = 8140, - $puppetserver_signport = 8141 + $puppetserver = "puppet.${::domain}", + $puppetserver_port = 8140, + $puppetserver_signport = 8141, + $shorewall6 = true, ) { class{'shorewall::rules::puppet': puppetserver => $puppetserver, @@ -10,11 +12,12 @@ class shorewall::rules::out::puppet( } # we want to connect to the puppet server shorewall::rule { 'me-net-puppet_tcp': - source => '$FW', - destination => 'net:$PUPPETSERVER', - proto => 'tcp', - destinationport => '$PUPPETSERVER_PORT,$PUPPETSERVER_SIGN_PORT', - order => 340, - action => 'ACCEPT'; + source => '$FW', + destination => 'net:$PUPPETSERVER', + proto => 'tcp', + destinationport => '$PUPPETSERVER_PORT,$PUPPETSERVER_SIGN_PORT', + order => 340, + shorewall6 => $shorewall6, + action => 'ACCEPT'; } } |