diff options
author | mh <mh@immerda.ch> | 2017-04-07 17:46:01 +0200 |
---|---|---|
committer | mh <mh@immerda.ch> | 2017-04-07 17:46:01 +0200 |
commit | cdb82d7bde4861434cea81d7f5770164f5fff76c (patch) | |
tree | 12aa62482f24f0a69b71f27875b3346e2e9d5a90 /manifests/zone.pp | |
parent | 4a29f5e293b36e11d870061d4d93d7af306dcbd6 (diff) |
make zones also for ipv6
Diffstat (limited to 'manifests/zone.pp')
-rw-r--r-- | manifests/zone.pp | 34 |
1 files changed, 25 insertions, 9 deletions
diff --git a/manifests/zone.pp b/manifests/zone.pp index 81e5771..8ee1b58 100644 --- a/manifests/zone.pp +++ b/manifests/zone.pp @@ -1,14 +1,30 @@ +# define a zone define shorewall::zone( - $type, - $options = '-', - $in = '-', - $out = '-', - $parent = '-', - $order = 100 + $type, + $options = '-', + $in = '-', + $out = '-', + $parent = '-', + $order = 100, ){ - $real_name = $parent ? { '-' => $name, default => "${name}:${parent}" } - shorewall::entry { "zones-${order}-${name}": - line => "${real_name} ${type} ${options} ${in} ${out}" + $real_name = $parent ? { '-' => $name, default => "${name}:${parent}" } + shorewall::entry { "zones-${order}-${name}": + line => "${real_name} ${type} ${options} ${in} ${out}", + shorewall => true, + shorewall6 => false, + } + if $shorewall::with_shorewall6 { + $type6 = $type ? { + 'ipv4' => 'ipv6', + 'ipsec' => 'ipsec6', + 'bport' => 'bport6', + default => $type, } + shorewall::entry { "zones-${order}-${name}_6": + line => "${real_name} ${type6} ${options} ${in} ${out}", + shorewall => false, + shorewall6 => true, + } + } } |