diff options
| author | duritong <peter.meier+github@immerda.ch> | 2017-01-12 15:47:48 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-01-12 15:47:48 +0100 |
| commit | 07f4d8f14ac5224ba900d27f51cd4ae8121f1578 (patch) | |
| tree | 8b66aeaf3df3be46ca603fc081d8293bc2114a35 /manifests/rules/libvirt/host.pp | |
| parent | 78b2f91caf4c7ade2630376c9c326773fdd5ef3c (diff) | |
| parent | 24076ddaa5c802b503e59e279750ab5d6353815d (diff) | |
Merge branch 'master' into master
Diffstat (limited to 'manifests/rules/libvirt/host.pp')
| -rw-r--r-- | manifests/rules/libvirt/host.pp | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/manifests/rules/libvirt/host.pp b/manifests/rules/libvirt/host.pp index dfb753c..dc3970d 100644 --- a/manifests/rules/libvirt/host.pp +++ b/manifests/rules/libvirt/host.pp @@ -2,6 +2,8 @@ class shorewall::rules::libvirt::host ( $vmz = 'vmz', $masq_iface = 'eth0', $debproxy_port = 8000, + $accept_dhcp = true, + $vmz_iface = 'virbr0', ) { define shorewall::rule::accept::from_vmz ( @@ -49,6 +51,16 @@ class shorewall::rules::libvirt::host ( action => 'ACCEPT'; } + if $accept_dhcp { + shorewall::mangle { "CHECKSUM:T_${vmz_iface}": + action => 'CHECKSUM:T', + source => '-', + destination => $vmz_iface, + proto => 'udp', + destinationport => '68'; + } + } + if $debproxy_port { shorewall::rule::accept::from_vmz { 'accept_debproxy_from_vmz': proto => 'tcp', |