3 files changed, 1 insertions, 56 deletions

diff --git a/README b/README
index 07c50f2..cb4424f 100644
--- a/README
+++ b/README
@@ -110,18 +110,7 @@ rejected. This is intentional: it does not make sense leaking -via DNS
 requests- network activity that would otherwise be torified. In that
 case you probably want to read proper documentation about such
 matters, enable the Tor DNS resolver and redirect DNS requests through
-it,
-
-either globally:
-
-  shorewall::rules::torify::redirect_dns_to_tor { '-': }
-
-or for specific users:
-
-  shorewall::rules::torify::redirect_dns_to_tor { ['bob', 'alice' ]: }
-
-The $tor_dns_host and $tor_dns_port variables must be set before
-these defines are setup.
+it.
 
 Example
 -------
diff --git a/manifests/init.pp b/manifests/init.pp
index a446253..dd28767 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -27,12 +27,6 @@ class shorewall(
   case $tor_transparent_proxy_port {
     '': { $tor_transparent_proxy_port = '9040' }
   }
-  case $tor_dns_host {
-    '': { $tor_dns_host = '127.0.0.1' }
-  }
-  case $tor_dns_port {
-    '': { $tor_dns_port = '8853' }
-  }
   if $tor_user == '' {
     $tor_user = $dist_tor_user ? {
       ''      => 'tor',
diff --git a/manifests/rules/torify/redirect_dns_to_tor.pp b/manifests/rules/torify/redirect_dns_to_tor.pp
deleted file mode 100644
index 9c71204..0000000
--- a/manifests/rules/torify/redirect_dns_to_tor.pp
+++ /dev/null
@@ -1,38 +0,0 @@
-define shorewall::rules::torify::redirect_dns_to_tor() {
-
-  $user = $name
-
-  $destzone = $shorewall::tor_dns_host ? {
-    '127.0.0.1' => '$FW',
-    default     => 'net'
-  }
-
-  $tcp_rule = "redirect-tcp-dns-to-tor-user=${user}"
-  if !defined(Shorewall::Rule["$tcp_rule"]) {
-    shorewall::rule {
-      "$tcp_rule":
-        source          => '$FW',
-        destination     => "${destzone}:${shorewall::tor_dns_host}:${shorewall::tor_dns_port}",
-        proto           => 'tcp',
-        destinationport => 'domain',
-        user            => $user,
-        order           => 108,
-        action          => 'DNAT';
-    }
-  }
-
-  $udp_rule = "redirect-udp-dns-to-tor-user=${user}"
-  if !defined(Shorewall::Rule["$udp_rule"]) {
-    shorewall::rule {
-      "$udp_rule":
-        source          => '$FW',
-        destination     => "${destzone}:${shorewall::tor_dns_host}:${shorewall::tor_dns_port}",
-        proto           => 'udp',
-        destinationport => 'domain',
-        user            => $user,
-        order           => 108,
-        action          => 'DNAT';
-    }
-  }
-
-}