From eb4720e57cddbe1d26fde10429de5e413321a5d3 Mon Sep 17 00:00:00 2001
From: Matt Taggart <taggart@riseup.net>
Date: Fri, 10 Feb 2017 15:53:28 -0800
Subject: new stoppedrules, replaces routestopped

---
 files/boilerplate/stoppedrules.footer |  1 +
 files/boilerplate/stoppedrules.header | 13 +++++++++++++
 manifests/init.pp                     |  6 ++++++
 manifests/stoppedrules.pp             | 13 +++++++++++++
 4 files changed, 33 insertions(+)
 create mode 100644 files/boilerplate/stoppedrules.footer
 create mode 100644 files/boilerplate/stoppedrules.header
 create mode 100644 manifests/stoppedrules.pp

diff --git a/files/boilerplate/stoppedrules.footer b/files/boilerplate/stoppedrules.footer
new file mode 100644
index 0000000..5e12d1d
--- /dev/null
+++ b/files/boilerplate/stoppedrules.footer
@@ -0,0 +1 @@
+#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
diff --git a/files/boilerplate/stoppedrules.header b/files/boilerplate/stoppedrules.header
new file mode 100644
index 0000000..94f4d0c
--- /dev/null
+++ b/files/boilerplate/stoppedrules.header
@@ -0,0 +1,13 @@
+#
+# Shorewall -- /etc/shorewall/stoppedrules
+#
+# For information about entries in this file, type "man shorewall-stoppedrules"
+#
+# The manpage is also online at
+# http://www.shorewall.net/manpages/shorewall-stoppedrules.html
+#
+# See http://shorewall.net/starting_and_stopping_shorewall.htm for additional
+# information.
+#
+###############################################################################
+#ACTION		SOURCE			DEST		PROTO	DPORT	SPORT
diff --git a/manifests/init.pp b/manifests/init.pp
index fa2641d..7dc7855 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -29,6 +29,8 @@ class shorewall(
   $nat_defaults               = {},
   $routestopped               = {},
   $routestopped_defaults      = {},
+  $stoppedrules               = {},
+  $stoppedrules_defaults      = {},
   $params                     = {},
   $params_defaults            = {},
   $tcdevices                  = {},
@@ -72,6 +74,8 @@ class shorewall(
       'proxyarp',
       # See http://www.shorewall.net/3.0/Documentation.htm#NAT
       'nat',
+      # See http://www.shorewall.net/manpages/shorewall-stoppedrules.html
+      'stoppedrules',
       # See http://www.shorewall.net/3.0/Documentation.htm#Routestopped
       'routestopped',
       # See http://www.shorewall.net/3.0/Documentation.htm#Variables
@@ -102,6 +106,8 @@ class shorewall(
   create_resources('shorewall::masq',$masq,$masq_defaults)
   create_resources('shorewall::proxyarp',$proxyarp,$proxyarp_defaults)
   create_resources('shorewall::nat',$nat,$nat_defaults)
+  create_resources('shorewall::stoppedrules',$stoppedrules,
+    $stoppedrules_defaults)
   create_resources('shorewall::routestopped',$routestopped,
     $routestopped_defaults)
   create_resources('shorewall::params',$params,$params_defaults)
diff --git a/manifests/stoppedrules.pp b/manifests/stoppedrules.pp
new file mode 100644
index 0000000..2dff218
--- /dev/null
+++ b/manifests/stoppedrules.pp
@@ -0,0 +1,13 @@
+define shorewall::stoppedrules(
+  $action          = 'ACCEPT',
+  $source          = '-',
+  $destination     = '-',
+  $proto           = '-',
+  $destinationport = '-',
+  $sourceport      = '-',
+  $order           = '100'
+){
+  shorewall::entry{"stoppedrules-${order}-${name}":
+    line => "${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport}"
+  }
+}
-- 
cgit v1.2.3