summaryrefslogtreecommitdiff
path: root/manifests
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2013-01-02 18:01:43 +0100
committerintrigeri <intrigeri@boum.org>2013-01-02 18:01:43 +0100
commit88fa544a9c2f974b35a169b4e3865ccaf4f68fd1 (patch)
treeaf50c9d93ce5482eb734d49e94a33490e0ba6551 /manifests
parentc725e8bfb1026f7d59ea1d825c8dfcee02952ee8 (diff)
Revert "Allow redirecting DNS requests to Tor for specific users or globally."
This reverts commit 0c28fa636653f395c756f56c93f8c78fddfcee00. This stuff is not ready for the shared repo, but we want to take benefit from me having already merged immerda's stuff into my branch and solved the conflicts.
Diffstat (limited to 'manifests')
-rw-r--r--manifests/init.pp6
-rw-r--r--manifests/rules/torify/redirect_dns_to_tor.pp38
2 files changed, 0 insertions, 44 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index a446253..dd28767 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -27,12 +27,6 @@ class shorewall(
case $tor_transparent_proxy_port {
'': { $tor_transparent_proxy_port = '9040' }
}
- case $tor_dns_host {
- '': { $tor_dns_host = '127.0.0.1' }
- }
- case $tor_dns_port {
- '': { $tor_dns_port = '8853' }
- }
if $tor_user == '' {
$tor_user = $dist_tor_user ? {
'' => 'tor',
diff --git a/manifests/rules/torify/redirect_dns_to_tor.pp b/manifests/rules/torify/redirect_dns_to_tor.pp
deleted file mode 100644
index 9c71204..0000000
--- a/manifests/rules/torify/redirect_dns_to_tor.pp
+++ /dev/null
@@ -1,38 +0,0 @@
-define shorewall::rules::torify::redirect_dns_to_tor() {
-
- $user = $name
-
- $destzone = $shorewall::tor_dns_host ? {
- '127.0.0.1' => '$FW',
- default => 'net'
- }
-
- $tcp_rule = "redirect-tcp-dns-to-tor-user=${user}"
- if !defined(Shorewall::Rule["$tcp_rule"]) {
- shorewall::rule {
- "$tcp_rule":
- source => '$FW',
- destination => "${destzone}:${shorewall::tor_dns_host}:${shorewall::tor_dns_port}",
- proto => 'tcp',
- destinationport => 'domain',
- user => $user,
- order => 108,
- action => 'DNAT';
- }
- }
-
- $udp_rule = "redirect-udp-dns-to-tor-user=${user}"
- if !defined(Shorewall::Rule["$udp_rule"]) {
- shorewall::rule {
- "$udp_rule":
- source => '$FW',
- destination => "${destzone}:${shorewall::tor_dns_host}:${shorewall::tor_dns_port}",
- proto => 'udp',
- destinationport => 'domain',
- user => $user,
- order => 108,
- action => 'DNAT';
- }
- }
-
-}