diff options
| author | Matt Taggart <taggart@riseup.net> | 2017-02-10 15:53:28 -0800 |
|---|---|---|
| committer | Matt Taggart <taggart@riseup.net> | 2017-02-20 12:56:50 -0800 |
| commit | eb4720e57cddbe1d26fde10429de5e413321a5d3 (patch) | |
| tree | 34a5a21f139d8b49276708b938690469f46690f9 | |
| parent | 725b5bdc4c3e278ed34aee408a54a5453a04a41b (diff) | |
new stoppedrules, replaces routestopped
| -rw-r--r-- | files/boilerplate/stoppedrules.footer | 1 | ||||
| -rw-r--r-- | files/boilerplate/stoppedrules.header | 13 | ||||
| -rw-r--r-- | manifests/init.pp | 6 | ||||
| -rw-r--r-- | manifests/stoppedrules.pp | 13 |
4 files changed, 33 insertions, 0 deletions
diff --git a/files/boilerplate/stoppedrules.footer b/files/boilerplate/stoppedrules.footer new file mode 100644 index 0000000..5e12d1d --- /dev/null +++ b/files/boilerplate/stoppedrules.footer @@ -0,0 +1 @@ +#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/files/boilerplate/stoppedrules.header b/files/boilerplate/stoppedrules.header new file mode 100644 index 0000000..94f4d0c --- /dev/null +++ b/files/boilerplate/stoppedrules.header @@ -0,0 +1,13 @@ +# +# Shorewall -- /etc/shorewall/stoppedrules +# +# For information about entries in this file, type "man shorewall-stoppedrules" +# +# The manpage is also online at +# http://www.shorewall.net/manpages/shorewall-stoppedrules.html +# +# See http://shorewall.net/starting_and_stopping_shorewall.htm for additional +# information. +# +############################################################################### +#ACTION SOURCE DEST PROTO DPORT SPORT diff --git a/manifests/init.pp b/manifests/init.pp index fa2641d..7dc7855 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -29,6 +29,8 @@ class shorewall( $nat_defaults = {}, $routestopped = {}, $routestopped_defaults = {}, + $stoppedrules = {}, + $stoppedrules_defaults = {}, $params = {}, $params_defaults = {}, $tcdevices = {}, @@ -72,6 +74,8 @@ class shorewall( 'proxyarp', # See http://www.shorewall.net/3.0/Documentation.htm#NAT 'nat', + # See http://www.shorewall.net/manpages/shorewall-stoppedrules.html + 'stoppedrules', # See http://www.shorewall.net/3.0/Documentation.htm#Routestopped 'routestopped', # See http://www.shorewall.net/3.0/Documentation.htm#Variables @@ -102,6 +106,8 @@ class shorewall( create_resources('shorewall::masq',$masq,$masq_defaults) create_resources('shorewall::proxyarp',$proxyarp,$proxyarp_defaults) create_resources('shorewall::nat',$nat,$nat_defaults) + create_resources('shorewall::stoppedrules',$stoppedrules, + $stoppedrules_defaults) create_resources('shorewall::routestopped',$routestopped, $routestopped_defaults) create_resources('shorewall::params',$params,$params_defaults) diff --git a/manifests/stoppedrules.pp b/manifests/stoppedrules.pp new file mode 100644 index 0000000..2dff218 --- /dev/null +++ b/manifests/stoppedrules.pp @@ -0,0 +1,13 @@ +define shorewall::stoppedrules( + $action = 'ACCEPT', + $source = '-', + $destination = '-', + $proto = '-', + $destinationport = '-', + $sourceport = '-', + $order = '100' +){ + shorewall::entry{"stoppedrules-${order}-${name}": + line => "${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport}" + } +} |