Merge remote-tracking branch 'immerda/master' into riseup

author: Micah Anderson <micah@riseup.net> 2017-02-01 21:27:04 -0500
committer: Micah Anderson <micah@riseup.net> 2017-02-01 21:27:04 -0500
commit: b140aabf7c4e0a0ded0a69368c4fce354c1f96e8 (patch)
tree: e82163207cb81a4215508e6c90229c0245609ab0 /manifests/conntrack/helper.pp
parent: 2b75a0321bc9e65f4e9e6cf34b708a3d40318731 (diff)
parent: 85b6e3820fa614eeafb99b85846172553461398e (diff)
1 files changed, 32 insertions, 0 deletions
diff --git a/manifests/conntrack/helper.pp b/manifests/conntrack/helper.pp
new file mode 100644
index 0000000..ea7fb2e
--- /dev/null
+++ b/manifests/conntrack/helper.pp
@@ -0,0 +1,32 @@
+# Class for managing conntrack file: Helpers
+#
+# See http://shorewall.net/manpages/shorewall-conntrack.html for more info.
+# The $name defines the helper, so this needs to match one of the helpers
+# in the documentation.
+define shorewall::conntrack::helper(
+  $ensure = present,
+  $options = '',
+  $source = '-',
+  $destination = '-',
+  $proto,
+  $destinationport,
+  $sourceport = '',
+  $user = '',
+  $switch = '',
+  $chain = 'PO',
+  $order
+) {
+
+  $_helper = sprintf("__%s_HELPER", upcase($name))
+  $_chain = ":${chain}"
+  $_options = ''
+
+  if ($options != '') {
+    $_options = "(${options})"
+  }
+
+  shorewall::entry{"conntrack-${order}-${name}":
+    ensure => $ensure,
+    line => "?if ${_helper}\nCT:helper:${name}${_options}${_chain} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${$user} ${switch}\n?endif"
+  }
+}
author	Micah Anderson <micah@riseup.net>	2017-02-01 21:27:04 -0500
committer	Micah Anderson <micah@riseup.net>	2017-02-01 21:27:04 -0500
commit	b140aabf7c4e0a0ded0a69368c4fce354c1f96e8 (patch)
tree	e82163207cb81a4215508e6c90229c0245609ab0 /manifests/conntrack/helper.pp
parent	2b75a0321bc9e65f4e9e6cf34b708a3d40318731 (diff)
parent	85b6e3820fa614eeafb99b85846172553461398e (diff)