summaryrefslogtreecommitdiff
path: root/manifests/rules/libvirt
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/rules/libvirt')
-rw-r--r--manifests/rules/libvirt/host.pp19
-rw-r--r--manifests/rules/libvirt/host/from_vmz.pp14
2 files changed, 16 insertions, 17 deletions
diff --git a/manifests/rules/libvirt/host.pp b/manifests/rules/libvirt/host.pp
index dc3970d..090a9ca 100644
--- a/manifests/rules/libvirt/host.pp
+++ b/manifests/rules/libvirt/host.pp
@@ -6,21 +6,6 @@ class shorewall::rules::libvirt::host (
$vmz_iface = 'virbr0',
) {
- define shorewall::rule::accept::from_vmz (
- $proto = '-',
- $destinationport = '-',
- $action = 'ACCEPT'
- ) {
- shorewall::rule { $name:
- source => $shorewall::rules::libvirt::host::vmz,
- destination => '$FW',
- order => 300,
- proto => $proto,
- destinationport => $destinationport,
- action => $action;
- }
- }
-
shorewall::policy {
'fw-to-vmz':
sourcezone => '$FW',
@@ -40,7 +25,7 @@ class shorewall::rules::libvirt::host (
order => 800;
}
- shorewall::rule::accept::from_vmz {
+ shorewall::rules::libvirt::host::from_vmz {
'accept_dns_from_vmz':
action => 'DNS(ACCEPT)';
'accept_tftp_from_vmz':
@@ -62,7 +47,7 @@ class shorewall::rules::libvirt::host (
}
if $debproxy_port {
- shorewall::rule::accept::from_vmz { 'accept_debproxy_from_vmz':
+ shorewall::rules::libvirt::host::from_vmz { 'accept_debproxy_from_vmz':
proto => 'tcp',
destinationport => $debproxy_port,
action => 'ACCEPT';
diff --git a/manifests/rules/libvirt/host/from_vmz.pp b/manifests/rules/libvirt/host/from_vmz.pp
new file mode 100644
index 0000000..f25c333
--- /dev/null
+++ b/manifests/rules/libvirt/host/from_vmz.pp
@@ -0,0 +1,14 @@
+define shorewall::rules::libvirt::host::from_vmz (
+ $proto = '-',
+ $destinationport = '-',
+ $action = 'ACCEPT'
+) {
+ shorewall::rule { $name:
+ source => $shorewall::rules::libvirt::host::vmz,
+ destination => '$FW',
+ order => 300,
+ proto => $proto,
+ destinationport => $destinationport,
+ action => $action;
+ }
+}