From 69eac26f08e65eb288e526abd85e34e639369fb0 Mon Sep 17 00:00:00 2001
From: Lebedev Vadim <abraham1901@gmail.com>
Date: Wed, 29 Jun 2016 18:54:03 +0300
Subject: * add shorewal version facter

---
 lib/facter/shorewall_major_version.rb | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 lib/facter/shorewall_major_version.rb

diff --git a/lib/facter/shorewall_major_version.rb b/lib/facter/shorewall_major_version.rb
new file mode 100644
index 0000000..a733842
--- /dev/null
+++ b/lib/facter/shorewall_major_version.rb
@@ -0,0 +1,5 @@
+Facter.add("shorewall_major_version") do
+  setcode do
+    Facter::Util::Resolution.exec('shorewall version').split('.')[0]    || nil
+  end
+end
-- 
cgit v1.2.3


From f35965e0d13c5a20213046f7facbfd609d418545 Mon Sep 17 00:00:00 2001
From: Lebedev Vadim <abraham1901@gmail.com>
Date: Wed, 29 Jun 2016 18:52:16 +0300
Subject: * fix rule section

---
 manifests/rule_section.pp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/manifests/rule_section.pp b/manifests/rule_section.pp
index 82984ca..3f2ecc5 100644
--- a/manifests/rule_section.pp
+++ b/manifests/rule_section.pp
@@ -1,7 +1,11 @@
 define shorewall::rule_section(
     $order
 ){
+  $rule_section_prefix = $shorewall_major_version ? {
+    '5' => '?'
+  }
+
     shorewall::entry{"rules-${order}-${name}":
-        line => "SECTION ${name}",
+        line => "${rule_section_prefix}SECTION ${name}",
     }       
 }
-- 
cgit v1.2.3


From ba8d84a98b4193867f3edda7fc3f497fd7edc373 Mon Sep 17 00:00:00 2001
From: Lebedev Vadim <abraham1901@gmail.com>
Date: Mon, 17 Mar 2014 02:31:09 +0400
Subject: * Add shorewall-blrules support

---
 manifests/blrules.pp  | 16 ++++++++++++++++
 templates/blrules.erb | 15 +++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 manifests/blrules.pp
 create mode 100644 templates/blrules.erb

diff --git a/manifests/blrules.pp b/manifests/blrules.pp
new file mode 100644
index 0000000..843a28f
--- /dev/null
+++ b/manifests/blrules.pp
@@ -0,0 +1,16 @@
+class shorewall::blrules (
+  $whitelists,
+  $drops,
+) {
+  file{'/etc/shorewall/puppet/blrules':
+    content => template("shorewall/blrules.erb"),
+    require => Package['shorewall'],
+    notify  => Service['shorewall'],
+    owner   => root,
+    group   => 0,
+    mode    => 0644;
+  }
+}
+
+
+
diff --git a/templates/blrules.erb b/templates/blrules.erb
new file mode 100644
index 0000000..4c9af79
--- /dev/null
+++ b/templates/blrules.erb
@@ -0,0 +1,15 @@
+#
+# Shorewall version 4.4 - Rule-based Blacklisting
+#
+# For information about entries in this file, type "man shorewall-blrules"
+#
+# Please see http://shorewall.net/blacklisting_support.htm for additional
+# information.
+#
+###############################################################################
+<% @whitelists.each do |value| -%>
+WHITELIST       <%= value %>
+<% end -%>
+<% @drops.each do |value| -%>
+REJECT <%= value %>
+<% end -%>
-- 
cgit v1.2.3


From 4c69a621db40f60a3f43e6587e6367dbf8cbfb1a Mon Sep 17 00:00:00 2001
From: Lebedev Vadim <abraham1901@gmail.com>
Date: Tue, 18 Mar 2014 23:00:32 +0400
Subject: * Add example

---
 manifests/blrules.pp | 27 +++++++++++++++++++++++----
 1 file changed, 23 insertions(+), 4 deletions(-)

diff --git a/manifests/blrules.pp b/manifests/blrules.pp
index 843a28f..e45739e 100644
--- a/manifests/blrules.pp
+++ b/manifests/blrules.pp
@@ -1,9 +1,31 @@
+# Manage blrules. For additional information type "man shorewall-blrules"
+#
+# Sample Usage:
+#
+#  shorewall::interface { 'br0':
+#    zone    => 'net',
+#    rfc1918  => true,
+#    options => 'tcpflags,blacklist,nosmurfs,routeback,bridge';
+#  }
+#
+#  class { 'shorewall::blrules':
+#    options         => 'tcpflags,blacklist,nosmurfs,routeback,bridge',
+#    whitelists    =>  [
+#                          "net:10.0.0.1,192.168.0.1 all",
+#                        ],
+#
+#    drops           => [
+#                          'net  all tcp 22', #ssh
+#                       ],
+#  }
+
+
 class shorewall::blrules (
   $whitelists,
   $drops,
 ) {
   file{'/etc/shorewall/puppet/blrules':
-    content => template("shorewall/blrules.erb"),
+    content => template('shorewall/blrules.erb'),
     require => Package['shorewall'],
     notify  => Service['shorewall'],
     owner   => root,
@@ -11,6 +33,3 @@ class shorewall::blrules (
     mode    => 0644;
   }
 }
-
-
-
-- 
cgit v1.2.3


From ea4721adecb9c8e0f5542c498b341a8ad87e0355 Mon Sep 17 00:00:00 2001
From: Lebedev Vadim <abraham1901@gmail.com>
Date: Tue, 18 Mar 2014 23:01:33 +0400
Subject: * Fix typo

---
 manifests/blrules.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/blrules.pp b/manifests/blrules.pp
index e45739e..b8fe73f 100644
--- a/manifests/blrules.pp
+++ b/manifests/blrules.pp
@@ -30,6 +30,6 @@ class shorewall::blrules (
     notify  => Service['shorewall'],
     owner   => root,
     group   => 0,
-    mode    => 0644;
+    mode    => '0644';
   }
 }
-- 
cgit v1.2.3


From e6a2b00207b0ec495b81e44e8d90acffcf1bb166 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Fri, 13 Jan 2017 16:40:38 +0100
Subject: mory rubyism

---
 lib/facter/shorewall_major_version.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/facter/shorewall_major_version.rb b/lib/facter/shorewall_major_version.rb
index a733842..0068b48 100644
--- a/lib/facter/shorewall_major_version.rb
+++ b/lib/facter/shorewall_major_version.rb
@@ -1,5 +1,5 @@
 Facter.add("shorewall_major_version") do
   setcode do
-    Facter::Util::Resolution.exec('shorewall version').split('.')[0]    || nil
+    Facter::Util::Resolution.exec('shorewall version').split('.').first || nil
   end
 end
-- 
cgit v1.2.3


From b6698ab18b4522a621d534a6e214219247ce3afc Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Fri, 13 Jan 2017 16:42:22 +0100
Subject: cherry pick fixes for 5.x

Conflicts:
	manifests/rule_section.pp
---
 manifests/rule_section.pp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/manifests/rule_section.pp b/manifests/rule_section.pp
index 3f2ecc5..35e46b2 100644
--- a/manifests/rule_section.pp
+++ b/manifests/rule_section.pp
@@ -1,8 +1,10 @@
 define shorewall::rule_section(
     $order
 ){
-  $rule_section_prefix = $shorewall_major_version ? {
-    '5' => '?'
+  if versioncmp($shorewall_major_version,'5') < 0 {
+    $rule_section_prefix = '?'
+  } else {
+    $rule_section_prefix = ''
   }
 
     shorewall::entry{"rules-${order}-${name}":
-- 
cgit v1.2.3


From 50acce5dee1b76746f81d7c300913dd7d58021d4 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Fri, 13 Jan 2017 16:54:23 +0100
Subject: correct decision

---
 manifests/rule_section.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/rule_section.pp b/manifests/rule_section.pp
index 35e46b2..f5fa785 100644
--- a/manifests/rule_section.pp
+++ b/manifests/rule_section.pp
@@ -1,7 +1,7 @@
 define shorewall::rule_section(
     $order
 ){
-  if versioncmp($shorewall_major_version,'5') < 0 {
+  if versioncmp($shorewall_major_version,'4') > 0 {
     $rule_section_prefix = '?'
   } else {
     $rule_section_prefix = ''
-- 
cgit v1.2.3