From 9629084c45ee551d138b92ed944af68f5f967e65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sylvain=20Veyri=C3=A9?= Date: Tue, 20 Aug 2013 15:34:09 +0200 Subject: Remove require for augeas, since it is provided with Puppet --- manifests/base.pp | 2 -- 1 file changed, 2 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index 4ee8747..edb0c45 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -27,8 +27,6 @@ class shorewall::base { } } else { - require augeas - augeas { 'shorewall_module_config_path': changes => 'set /files/etc/shorewall/shorewall.conf/CONFIG_PATH \'"/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"\'', lens => 'Shellvars.lns', -- cgit v1.2.3 From a437ccc4a943359e34ae02bf86edf7b877e8a2c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sylvain=20Veyri=C3=A9?= Date: Tue, 20 Aug 2013 15:36:49 +0200 Subject: The augeas module is not needed, but the concat module is --- README | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index 3a84b3b..20d1b47 100644 --- a/README +++ b/README @@ -7,8 +7,8 @@ This module manages the configuration of Shorewall (http://www.shorewall.net/) Requirements ------------ -This module requires the augeas module, you can find that here: -https://labs.riseup.net/code/projects/shared-augeas +This module requires the concat module, you can find that here: +https://github.com/puppetlabs/puppetlabs-concat.git Copyright --------- -- cgit v1.2.3 From 533509b6d3f7ba5d5a6af012ac949ee04c17e39e Mon Sep 17 00:00:00 2001 From: o Date: Wed, 11 Jun 2014 22:15:39 +0200 Subject: add rule for stun --- manifests/rules/jabberserver.pp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/manifests/rules/jabberserver.pp b/manifests/rules/jabberserver.pp index 3b38b29..dd51ca4 100644 --- a/manifests/rules/jabberserver.pp +++ b/manifests/rules/jabberserver.pp @@ -7,6 +7,13 @@ class shorewall::rules::jabberserver { destinationport => '5222,5223,5269', order => 240, action => 'ACCEPT'; + 'net-me-udp_jabber': + source => 'net', + destination => '$FW', + proto => 'udp', + destinationport => '3478', + order => 240, + action => 'ACCEPT'; 'me-net-tcp_jabber_s2s': source => '$FW', destination => 'net', -- cgit v1.2.3 From d918999700676b7b5a7c772b27bb1deca711fa52 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 13 Jun 2014 09:37:54 +0200 Subject: a cleaner naming --- manifests/rules/jabberserver.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/rules/jabberserver.pp b/manifests/rules/jabberserver.pp index dd51ca4..0495f61 100644 --- a/manifests/rules/jabberserver.pp +++ b/manifests/rules/jabberserver.pp @@ -7,7 +7,7 @@ class shorewall::rules::jabberserver { destinationport => '5222,5223,5269', order => 240, action => 'ACCEPT'; - 'net-me-udp_jabber': + 'net-me-udp_jabber_stun_server': source => 'net', destination => '$FW', proto => 'udp', -- cgit v1.2.3 From 3219370dff88101acbce453db6df3eaac44712cb Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 13 Jun 2014 09:38:36 +0200 Subject: linting --- manifests/rules/jabberserver.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/rules/jabberserver.pp b/manifests/rules/jabberserver.pp index 0495f61..14666a0 100644 --- a/manifests/rules/jabberserver.pp +++ b/manifests/rules/jabberserver.pp @@ -1,3 +1,5 @@ +# open ports used by a jabberserver +# in and outbound. class shorewall::rules::jabberserver { shorewall::rule { 'net-me-tcp_jabber': -- cgit v1.2.3 From e7556317e563ade2d2560b382b537376a9f4ec56 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 13 Jun 2014 09:39:38 +0200 Subject: there might be people who don't have a stun server --- manifests/rules/jabberserver.pp | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/manifests/rules/jabberserver.pp b/manifests/rules/jabberserver.pp index 14666a0..0b10420 100644 --- a/manifests/rules/jabberserver.pp +++ b/manifests/rules/jabberserver.pp @@ -1,6 +1,8 @@ # open ports used by a jabberserver # in and outbound. -class shorewall::rules::jabberserver { +class shorewall::rules::jabberserver( + $open_stun = true, +) { shorewall::rule { 'net-me-tcp_jabber': source => 'net', @@ -9,13 +11,6 @@ class shorewall::rules::jabberserver { destinationport => '5222,5223,5269', order => 240, action => 'ACCEPT'; - 'net-me-udp_jabber_stun_server': - source => 'net', - destination => '$FW', - proto => 'udp', - destinationport => '3478', - order => 240, - action => 'ACCEPT'; 'me-net-tcp_jabber_s2s': source => '$FW', destination => 'net', @@ -25,4 +20,15 @@ class shorewall::rules::jabberserver { action => 'ACCEPT'; } + if $open_stun { + shorewall::rule { + 'net-me-udp_jabber_stun_server': + source => 'net', + destination => '$FW', + proto => 'udp', + destinationport => '3478', + order => 240, + action => 'ACCEPT'; + } + } } -- cgit v1.2.3 From e0a67255fc62e67684ee8ad8597c4eb4a6da6ffb Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 13 Jun 2014 09:40:09 +0200 Subject: indentation --- manifests/rules/jabberserver.pp | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/manifests/rules/jabberserver.pp b/manifests/rules/jabberserver.pp index 0b10420..226d627 100644 --- a/manifests/rules/jabberserver.pp +++ b/manifests/rules/jabberserver.pp @@ -5,30 +5,30 @@ class shorewall::rules::jabberserver( ) { shorewall::rule { 'net-me-tcp_jabber': - source => 'net', - destination => '$FW', - proto => 'tcp', - destinationport => '5222,5223,5269', - order => 240, - action => 'ACCEPT'; + source => 'net', + destination => '$FW', + proto => 'tcp', + destinationport => '5222,5223,5269', + order => 240, + action => 'ACCEPT'; 'me-net-tcp_jabber_s2s': - source => '$FW', - destination => 'net', - proto => 'tcp', - destinationport => '5260,5269,5270,5271,5272', - order => 240, - action => 'ACCEPT'; + source => '$FW', + destination => 'net', + proto => 'tcp', + destinationport => '5260,5269,5270,5271,5272', + order => 240, + action => 'ACCEPT'; } if $open_stun { shorewall::rule { 'net-me-udp_jabber_stun_server': - source => 'net', - destination => '$FW', - proto => 'udp', - destinationport => '3478', - order => 240, - action => 'ACCEPT'; + source => 'net', + destination => '$FW', + proto => 'udp', + destinationport => '3478', + order => 240, + action => 'ACCEPT'; } } } -- cgit v1.2.3 From a297c274cd4de20f64f37bd76bb97fbc750eab05 Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 9 Jul 2014 23:25:46 +0200 Subject: get rid off lsb facts --- manifests/init.pp | 11 +---------- manifests/ubuntu/karmic.pp | 5 ----- 2 files changed, 1 insertion(+), 15 deletions(-) delete mode 100644 manifests/ubuntu/karmic.pp diff --git a/manifests/init.pp b/manifests/init.pp index cd6488b..30a0aca 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -13,17 +13,8 @@ class shorewall( case $::operatingsystem { gentoo: { include shorewall::gentoo } - debian: { - include shorewall::debian - $dist_tor_user = 'debian-tor' - } + debian,ubuntu: { centos: { include shorewall::centos } - ubuntu: { - case $::lsbdistcodename { - karmic: { include shorewall::ubuntu::karmic } - default: { include shorewall::debian } - } - } default: { notice "unknown operatingsystem: ${::operatingsystem}" include shorewall::base diff --git a/manifests/ubuntu/karmic.pp b/manifests/ubuntu/karmic.pp deleted file mode 100644 index 0df3789..0000000 --- a/manifests/ubuntu/karmic.pp +++ /dev/null @@ -1,5 +0,0 @@ -class shorewall::ubuntu::karmic inherits shorewall::debian { - Package['shorewall']{ - name => 'shorewall-shell', - } -} -- cgit v1.2.3 From 19029f91579bf08a7186119322ccd4642642bb49 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 11 Jul 2014 16:36:58 +0200 Subject: fix the missing include --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 30a0aca..128e98d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -13,7 +13,7 @@ class shorewall( case $::operatingsystem { gentoo: { include shorewall::gentoo } - debian,ubuntu: { + debian,ubuntu: { include shorewall::debian } centos: { include shorewall::centos } default: { notice "unknown operatingsystem: ${::operatingsystem}" -- cgit v1.2.3 From 00d6c84d5578e61f72f88f816527c333cafb477e Mon Sep 17 00:00:00 2001 From: mh Date: Sun, 24 Aug 2014 17:53:09 +0200 Subject: linting --- manifests/base.pp | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index 4ee8747..d43ea64 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -27,15 +27,15 @@ class shorewall::base { } } else { - require augeas + require augeas - augeas { 'shorewall_module_config_path': - changes => 'set /files/etc/shorewall/shorewall.conf/CONFIG_PATH \'"/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"\'', - lens => 'Shellvars.lns', - incl => '/etc/shorewall/shorewall.conf', - notify => Service['shorewall'], - require => Package['shorewall']; - } + augeas { 'shorewall_module_config_path': + changes => 'set /files/etc/shorewall/shorewall.conf/CONFIG_PATH \'"/etc/shorewall/puppet:/etc/shorewall:/usr/share/shorewall"\'', + lens => 'Shellvars.lns', + incl => '/etc/shorewall/shorewall.conf', + notify => Service['shorewall'], + require => Package['shorewall']; + } } service{'shorewall': -- cgit v1.2.3 From 7ef94b2e8431b669af868547f75742438cac80af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sylvain=20Veyri=C3=A9?= Date: Tue, 16 Sep 2014 15:28:50 +0200 Subject: Non string mode is now deprecated --- manifests/debian.pp | 2 +- manifests/managed_file.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/debian.pp b/manifests/debian.pp index c7ed607..2ff88c8 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -3,7 +3,7 @@ class shorewall::debian inherits shorewall::base { content => template("shorewall/debian_default.erb"), require => Package['shorewall'], notify => Service['shorewall'], - owner => root, group => 0, mode => 0644; + owner => root, group => 0, mode => '0644'; } Service['shorewall']{ status => '/sbin/shorewall status' diff --git a/manifests/managed_file.pp b/manifests/managed_file.pp index d564daa..9c5758d 100644 --- a/manifests/managed_file.pp +++ b/manifests/managed_file.pp @@ -2,7 +2,7 @@ define shorewall::managed_file () { concat{ "/etc/shorewall/puppet/${name}": notify => Service['shorewall'], require => File['/etc/shorewall/puppet'], - owner => root, group => 0, mode => 0600; + owner => root, group => 0, mode => '0600'; } concat::fragment { "${name}-header": -- cgit v1.2.3 From 5b602647de2abe832be5fbc9329408ea5268ba6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sylvain=20Veyri=C3=A9?= Date: Tue, 16 Sep 2014 15:40:38 +0200 Subject: Deprecated --- manifests/base.pp | 8 ++++---- manifests/debian.pp | 2 +- manifests/managed_file.pp | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index edb0c45..8eee3c0 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -10,14 +10,14 @@ class shorewall::base { '/etc/shorewall/shorewall.conf': require => Package[shorewall], notify => Service[shorewall], - owner => root, - group => 0, + owner => 'root', + group => 'root', mode => '0644'; '/etc/shorewall/puppet': ensure => directory, require => Package[shorewall], - owner => root, - group => 0, + owner => 'root', + group => 'root', mode => '0644'; } diff --git a/manifests/debian.pp b/manifests/debian.pp index 2ff88c8..01d108f 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -3,7 +3,7 @@ class shorewall::debian inherits shorewall::base { content => template("shorewall/debian_default.erb"), require => Package['shorewall'], notify => Service['shorewall'], - owner => root, group => 0, mode => '0644'; + owner => 'root', group => 'root', mode => '0644'; } Service['shorewall']{ status => '/sbin/shorewall status' diff --git a/manifests/managed_file.pp b/manifests/managed_file.pp index 9c5758d..7061721 100644 --- a/manifests/managed_file.pp +++ b/manifests/managed_file.pp @@ -2,7 +2,7 @@ define shorewall::managed_file () { concat{ "/etc/shorewall/puppet/${name}": notify => Service['shorewall'], require => File['/etc/shorewall/puppet'], - owner => root, group => 0, mode => '0600'; + owner => 'root', group => 'root', mode => '0600'; } concat::fragment { "${name}-header": -- cgit v1.2.3 From 27dcb673758d8d7b6325c3448f65b2007493e331 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 17 Oct 2014 12:30:38 +0200 Subject: update a few headers --- files/boilerplate/interfaces.header | 4 ++-- files/boilerplate/policy.header | 8 +++++--- files/boilerplate/zones.header | 11 ++++++----- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/files/boilerplate/interfaces.header b/files/boilerplate/interfaces.header index 2027523..663e436 100644 --- a/files/boilerplate/interfaces.header +++ b/files/boilerplate/interfaces.header @@ -1,10 +1,10 @@ # -# Shorewall version 3.4 - Interfaces File +# Shorewall version 4 - Interfaces File # # For information about entries in this file, type "man shorewall-interfaces" # # For additional information, see -# http://shorewall.net/Documentation.htm#Interfaces +# http://www.shorewall.net/manpages/shorewall-interfaces.html # ############################################################################### #ZONE INTERFACE BROADCAST OPTIONS diff --git a/files/boilerplate/policy.header b/files/boilerplate/policy.header index a0c5d5d..cc9781f 100644 --- a/files/boilerplate/policy.header +++ b/files/boilerplate/policy.header @@ -1,9 +1,11 @@ # -# Shorewall version 3.4 - Policy File +# Shorewall version 4 - Policy File # # For information about entries in this file, type "man shorewall-policy" # -# See http://shorewall.net/Documentation.htm#Policy for additional information. +# The manpage is also online at +# http://www.shorewall.net/manpages/shorewall-policy.html # ############################################################################### -#SOURCE DEST POLICY LOG LIMIT:BURST +#SOURCE DEST POLICY LOG LIMIT: CONNLIMIT: +# LEVEL BURST MASK diff --git a/files/boilerplate/zones.header b/files/boilerplate/zones.header index 8b82c2e..5dada52 100644 --- a/files/boilerplate/zones.header +++ b/files/boilerplate/zones.header @@ -1,11 +1,12 @@ # -# Shorewall version 3.4 - Zones File +# Shorewall version 4 - Zones File # # For information about this file, type "man shorewall-zones" # -# For more information, see http://www.shorewall.net/Documentation.htm#Zones +# The manpage is also online at +# http://www.shorewall.net/manpages/shorewall-zones.html # ############################################################################### -#ZONE TYPE OPTIONS IN OUT -# OPTIONS OPTIONS -fw firewall +#ZONE TYPE OPTIONS IN OUT +# OPTIONS OPTIONS +fw firewall -- cgit v1.2.3 From 55796b7b8c627ca1a0c85f9f8faa4cabacfccfd2 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 17 Oct 2014 12:44:51 +0200 Subject: make it possible to create resources from hiera --- manifests/init.pp | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 128e98d..f096d86 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -8,7 +8,43 @@ class shorewall( $tor_user = $::operatingsystem ? { 'Debian' => 'debian-tor', default => 'tor' - } + }, + $zones = {}, + $zones_defaults = {}, + $interfaces = {}, + $interfaces_defaults = {}, + $hosts = {}, + $hosts_defaults = {}, + $policy = {}, + $policy_defaults = {}, + $rules = {}, + $rules_defaults = {}, + $rulesections = {}, + $rulesections_defaults = {}, + $masq = {}, + $masq_defaults = {}, + $proxyarp = {}, + $proxyarp_defaults = {}, + $nat = {}, + $nat_defaults = {}, + $blacklist = {}, + $blacklist_defaults = {}, + $rfc1918 = {}, + $rfc1918_defaults = {}, + $routestopped = {}, + $routestopped_defaults = {}, + $params = {}, + $params_defaults = {}, + $tcdevices = {}, + $tcdevices_defaults = {}, + $tcrules = {}, + $tcrules_defaults = {}, + $tcclasses = {}, + $tcclasses_defaults = {}, + $tunnels = {}, + $tunnels_defaults = {}, + $rtrules = {}, + $rtrules_defaults = {}, ) { case $::operatingsystem { @@ -61,4 +97,24 @@ class shorewall( 'rtrules', ]:; } + + create_resources('shorewall::zone',$zones,$zones_defaults) + create_resources('shorewall::interface',$interfaces,$interfaces_defaults) + create_resources('shorewall::host',$hosts,$hosts_defaults) + create_resources('shorewall::policy',$policy,$policy_defaults) + create_resources('shorewall::rule',$rules,$rules_defaults) + create_resources('shorewall::rule_section',$rulesections,$rulesections_defaults) + create_resources('shorewall::masq',$masq,$masq_defaults) + create_resources('shorewall::proxyarp',$proxyarp,$proxyarp_defaults) + create_resources('shorewall::nat',$nat,$nat_defaults) + create_resources('shorewall::blacklist',$blacklist,$blacklist_defaults) + create_resources('shorewall::rfc1918',$rfc1918,$rfc1918_defaults) + create_resources('shorewall::routestopped',$routestopped, + $routestopped_defaults) + create_resources('shorewall::params',$params,$params_defaults) + create_resources('shorewall::tcdevices',$tcdevices,$tcdevices_defaults) + create_resources('shorewall::tcrules',$tcrules,$tcrules_defaults) + create_resources('shorewall::tcclasses',$tcclasses,$tcclasses_defaults) + create_resources('shorewall::tunnel',$tunnels,$tunnels_defaults) + create_resources('shorewall::rtrules',$rtrules,$rtrules_defaults) } -- cgit v1.2.3 From 81b0f114d8a9510286f7fb31b7202bcd86104409 Mon Sep 17 00:00:00 2001 From: duritong Date: Mon, 9 Feb 2015 23:58:30 +0100 Subject: we also support later versions --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index 20d1b47..0e61035 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -modules/shorewall/manifests/init.pp - manage firewalling with shorewall 3.x +modules/shorewall/manifests/init.pp - manage firewalling with shorewall Puppet Module for Shorewall --------------------------- -- cgit v1.2.3 From e61e6805e5a8fe4e39b0c31631491c29f209357c Mon Sep 17 00:00:00 2001 From: Nick Date: Fri, 17 Apr 2015 12:54:57 +0200 Subject: Fix tunnels filename --- manifests/tunnel.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/tunnel.pp b/manifests/tunnel.pp index 2cac922..0e645c8 100644 --- a/manifests/tunnel.pp +++ b/manifests/tunnel.pp @@ -5,7 +5,7 @@ define shorewall::tunnel( $gateway_zones = '', $order = '1' ) { - shorewall::entry { "tunnel-${order}-${name}": + shorewall::entry { "tunnels-${order}-${name}": line => "# ${name}\n${tunnel_type} ${zone} ${gateway} ${gateway_zones}", } } -- cgit v1.2.3 From 07c863098f453d3ce67d64c2ac5c67d8cf4c6a25 Mon Sep 17 00:00:00 2001 From: Nick Date: Fri, 17 Apr 2015 12:59:19 +0200 Subject: Change tunnel managed file --- files/boilerplate/tunnel.footer | 1 - files/boilerplate/tunnel.header | 11 ----------- files/boilerplate/tunnels.footer | 1 + files/boilerplate/tunnels.header | 11 +++++++++++ manifests/init.pp | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) delete mode 100644 files/boilerplate/tunnel.footer delete mode 100644 files/boilerplate/tunnel.header create mode 100644 files/boilerplate/tunnels.footer create mode 100644 files/boilerplate/tunnels.header diff --git a/files/boilerplate/tunnel.footer b/files/boilerplate/tunnel.footer deleted file mode 100644 index 5e12d1d..0000000 --- a/files/boilerplate/tunnel.footer +++ /dev/null @@ -1 +0,0 @@ -#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/files/boilerplate/tunnel.header b/files/boilerplate/tunnel.header deleted file mode 100644 index 638fd56..0000000 --- a/files/boilerplate/tunnel.header +++ /dev/null @@ -1,11 +0,0 @@ -# -# Shorewall version 4 - Tunnels File -# -# For information about entries in this file, type "man shorewall-tunnels" -# -# The manpage is also online at -# http://www.shorewall.net/manpages/shorewall-tunnels.html -# -############################################################################### -#TYPE ZONE GATEWAY GATEWAY -# ZONE diff --git a/files/boilerplate/tunnels.footer b/files/boilerplate/tunnels.footer new file mode 100644 index 0000000..5e12d1d --- /dev/null +++ b/files/boilerplate/tunnels.footer @@ -0,0 +1 @@ +#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/files/boilerplate/tunnels.header b/files/boilerplate/tunnels.header new file mode 100644 index 0000000..638fd56 --- /dev/null +++ b/files/boilerplate/tunnels.header @@ -0,0 +1,11 @@ +# +# Shorewall version 4 - Tunnels File +# +# For information about entries in this file, type "man shorewall-tunnels" +# +# The manpage is also online at +# http://www.shorewall.net/manpages/shorewall-tunnels.html +# +############################################################################### +#TYPE ZONE GATEWAY GATEWAY +# ZONE diff --git a/manifests/init.pp b/manifests/init.pp index f096d86..5966bed 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -92,7 +92,7 @@ class shorewall( # http://www.shorewall.net/manpages/shorewall-providers.html 'providers', # See http://www.shorewall.net/manpages/shorewall-tunnels.html - 'tunnel', + 'tunnels', # See http://www.shorewall.net/MultiISP.html 'rtrules', ]:; -- cgit v1.2.3