From ba8d84a98b4193867f3edda7fc3f497fd7edc373 Mon Sep 17 00:00:00 2001
From: Lebedev Vadim <abraham1901@gmail.com>
Date: Mon, 17 Mar 2014 02:31:09 +0400
Subject: * Add shorewall-blrules support

---
 manifests/blrules.pp  | 16 ++++++++++++++++
 templates/blrules.erb | 15 +++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 manifests/blrules.pp
 create mode 100644 templates/blrules.erb

diff --git a/manifests/blrules.pp b/manifests/blrules.pp
new file mode 100644
index 0000000..843a28f
--- /dev/null
+++ b/manifests/blrules.pp
@@ -0,0 +1,16 @@
+class shorewall::blrules (
+  $whitelists,
+  $drops,
+) {
+  file{'/etc/shorewall/puppet/blrules':
+    content => template("shorewall/blrules.erb"),
+    require => Package['shorewall'],
+    notify  => Service['shorewall'],
+    owner   => root,
+    group   => 0,
+    mode    => 0644;
+  }
+}
+
+
+
diff --git a/templates/blrules.erb b/templates/blrules.erb
new file mode 100644
index 0000000..4c9af79
--- /dev/null
+++ b/templates/blrules.erb
@@ -0,0 +1,15 @@
+#
+# Shorewall version 4.4 - Rule-based Blacklisting
+#
+# For information about entries in this file, type "man shorewall-blrules"
+#
+# Please see http://shorewall.net/blacklisting_support.htm for additional
+# information.
+#
+###############################################################################
+<% @whitelists.each do |value| -%>
+WHITELIST       <%= value %>
+<% end -%>
+<% @drops.each do |value| -%>
+REJECT <%= value %>
+<% end -%>
-- 
cgit v1.2.3