From 32c97619505a28d6f9838d9ebc109f472687fe4f Mon Sep 17 00:00:00 2001 From: Marknl Date: Tue, 10 Jan 2017 11:21:20 +0100 Subject: Added $host option Current rule.pp converts the $name into the "HOST" parameter in the file, this can result in these definitions: ```shorewall::host { 'eth0:$VPN_HOSTS': zone => 'vpn', options => 'ipsec', order => 200; }``` I suggest moving the variable usage from the $name into a $host parameter, so above example becomes: ```shorewall::host { 'vpn-hosts': zone => 'vpn', host => 'eth0:$VPN_HOSTS', options => 'ipsec', order => 200; }``` --- manifests/host.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'manifests/host.pp') diff --git a/manifests/host.pp b/manifests/host.pp index f400223..2510ca7 100644 --- a/manifests/host.pp +++ b/manifests/host.pp @@ -1,10 +1,11 @@ define shorewall::host( $zone, + $host, $options = 'tcpflags,blacklist,norfc1918', $order='100' ){ shorewall::entry{"hosts-${order}-${name}": - line => "${zone} ${name} ${options}" + line => "#${name}\n${zone} ${host} ${options}" } } -- cgit v1.2.3 From a7b138d73ea419afa82c83d1b4d607a5a5d5ddee Mon Sep 17 00:00:00 2001 From: Marknl Date: Wed, 11 Jan 2017 22:52:36 +0100 Subject: Brought $name back into the game for backw. compat --- manifests/host.pp | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'manifests/host.pp') diff --git a/manifests/host.pp b/manifests/host.pp index 2510ca7..1bd56cc 100644 --- a/manifests/host.pp +++ b/manifests/host.pp @@ -1,11 +1,15 @@ define shorewall::host( $zone, - $host, + $host = undef, $options = 'tcpflags,blacklist,norfc1918', - $order='100' + $order ='100' ){ + + unless $host == undef { + $host = $name + } + shorewall::entry{"hosts-${order}-${name}": line => "#${name}\n${zone} ${host} ${options}" } } - -- cgit v1.2.3 From c868850e3161c69d01b7caf05192d625fc1df0c1 Mon Sep 17 00:00:00 2001 From: Marknl Date: Thu, 12 Jan 2017 13:17:21 +0100 Subject: Use $name for backwards compatibility --- manifests/host.pp | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'manifests/host.pp') diff --git a/manifests/host.pp b/manifests/host.pp index 1bd56cc..d2a73ce 100644 --- a/manifests/host.pp +++ b/manifests/host.pp @@ -1,13 +1,9 @@ define shorewall::host( $zone, - $host = undef, + $host = $name, $options = 'tcpflags,blacklist,norfc1918', $order ='100' ){ - - unless $host == undef { - $host = $name - } shorewall::entry{"hosts-${order}-${name}": line => "#${name}\n${zone} ${host} ${options}" -- cgit v1.2.3 From 8552753d9e3ab7662e618c54875e626a2b6926e9 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Fri, 10 Feb 2017 13:08:12 -0800 Subject: remove deprecated blacklist the blacklist file was deprecated by upstream in 4.5.7, remove all references to them. Debian wheezy shipped with 4.5.5.3-3 (but could use a backport) and jessie has 4.6.4.3-2 currently. --- manifests/host.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'manifests/host.pp') diff --git a/manifests/host.pp b/manifests/host.pp index f400223..370be03 100644 --- a/manifests/host.pp +++ b/manifests/host.pp @@ -1,6 +1,6 @@ define shorewall::host( $zone, - $options = 'tcpflags,blacklist,norfc1918', + $options = 'tcpflags,norfc1918', $order='100' ){ shorewall::entry{"hosts-${order}-${name}": -- cgit v1.2.3 From 47f1ee74666fa00314546d01982461fa79d9da0a Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Fri, 10 Feb 2017 13:24:59 -0800 Subject: remove deprecated norfc1918 option It was deprecated in 4.2.0 http://www.shorewall.net/upgrade_issues.htm --- manifests/host.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'manifests/host.pp') diff --git a/manifests/host.pp b/manifests/host.pp index 370be03..fe12247 100644 --- a/manifests/host.pp +++ b/manifests/host.pp @@ -1,6 +1,6 @@ define shorewall::host( $zone, - $options = 'tcpflags,norfc1918', + $options = 'tcpflags', $order='100' ){ shorewall::entry{"hosts-${order}-${name}": -- cgit v1.2.3 From cabbf434c1778cb4e8fe2f7f726a012f707cd2a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Charaoui?= Date: Wed, 2 May 2018 20:28:50 +0000 Subject: Add missing parameter in host.pp --- manifests/host.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'manifests/host.pp') diff --git a/manifests/host.pp b/manifests/host.pp index 2a088ac..d0994fc 100644 --- a/manifests/host.pp +++ b/manifests/host.pp @@ -1,5 +1,6 @@ define shorewall::host( $zone, + $host, $options = 'tcpflags', $order='100' ){ -- cgit v1.2.3