diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/base.pp | 3 | ||||
| -rw-r--r-- | manifests/init.pp | 25 | ||||
| -rw-r--r-- | manifests/tunnel.pp | 11 |
3 files changed, 24 insertions, 15 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index 937b83b..97f94f5 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,6 +1,7 @@ class shorewall::base { + package { 'shorewall': - ensure => $shorewall_ensure_version, + ensure => $shorewall::ensure_version, } # This file has to be managed in place, so shorewall can find it diff --git a/manifests/init.pp b/manifests/init.pp index 3b4b3b2..580dc8c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,5 +1,12 @@ class shorewall( - $startup = '1' + $startup = '1', + $ensure_version = 'present', + $tor_transparent_proxy_host = '127.0.0.1', + $tor_transparent_proxy_port = '9040', + $tor_user = $::operatingsystem ? { + 'Debian' => 'debian-tor', + default => 'tor' + } ) { case $::operatingsystem { @@ -21,19 +28,6 @@ class shorewall( } } - case $tor_transparent_proxy_host { - '': { $tor_transparent_proxy_host = '127.0.0.1' } - } - case $tor_transparent_proxy_port { - '': { $tor_transparent_proxy_port = '9040' } - } - if $tor_user == '' { - $tor_user = $dist_tor_user ? { - '' => 'tor', - default => $dist_tor_user, - } - } - # See http://www.shorewall.net/3.0/Documentation.htm#Zones shorewall::managed_file{ zones: } # See http://www.shorewall.net/3.0/Documentation.htm#Interfaces @@ -66,4 +60,7 @@ class shorewall( shorewall::managed_file { tcclasses: } # http://www.shorewall.net/manpages/shorewall-providers.html shorewall::managed_file { providers: } + # See http://www.shorewall.net/manpages/shorewall-tunnels.html + shorewall::managed_file { tunnel: } + } diff --git a/manifests/tunnel.pp b/manifests/tunnel.pp new file mode 100644 index 0000000..e0c71e7 --- /dev/null +++ b/manifests/tunnel.pp @@ -0,0 +1,11 @@ +define shorewall::tunnel( + $tunnel_type, + $zone, + $gateway = '0.0.0.0/0', + $gateway_zones = '', + $order = '1' +) { + shorewall::entry { "tunnel.d/${order}-${title}": + line => "# ${name}\n${tunnel_type} ${zone} ${gateway} ${gateway_zones}", + } +} |