From 28a72736071330261ba8fa9dd5ca4e1202c1247f Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Sun, 9 Apr 2017 18:57:53 +0200
Subject: make it possible to manage rules for ipv4 & ipv6 + add some more
 modern headers for certain versions

---
 manifests/rule6.pp | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 manifests/rule6.pp

(limited to 'manifests/rule6.pp')

diff --git a/manifests/rule6.pp b/manifests/rule6.pp
new file mode 100644
index 0000000..eb6b741
--- /dev/null
+++ b/manifests/rule6.pp
@@ -0,0 +1,43 @@
+# http://www.shorewall.net/manpages6/shorewall6-rules.html
+define shorewall::rule6(
+  $action,
+  $source,
+  $destination,
+  $proto           = '-',
+  $destinationport = '-',
+  $sourceport      = '-',
+  $originaldest    = '-',
+  $ratelimit       = '-',
+  $user            = '-',
+  $mark            = '-',
+  $connlimit       = '-',
+  $time            = '-',
+  $headers         = '-',
+  $switch          = '-',
+  $helper          = '-',
+  $order           = '500',
+  $ensure          = 'present',
+){
+  shorewall::rule{
+    $name:
+      ensure          => $ensure,
+      action          => $action,
+      source          => $source,
+      destination     => $destination,
+      proto           => $proto,
+      destinationport => $destinationport,
+      sourceport      => $sourceport,
+      originaldest    => $originaldest,
+      ratelimit       => $ratelimit,
+      user            => $user,
+      mark            => $mark,
+      connlimit       => $connlimit,
+      time            => $time,
+      headers         => $headers,
+      switch          => $switch,
+      helper          => $helper,
+      order           => $order,
+      shorewall       => false,
+      shorewall6      => true,
+  }
+}
-- 
cgit v1.2.3


From e2f07459474470aeea73e6160ecf2652bc9ae6bf Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Tue, 25 Apr 2017 14:54:00 +0200
Subject: suffix it with _IP6, so we can have duplicate definitions with IPv4
 shorewall

---
 manifests/rule6.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'manifests/rule6.pp')

diff --git a/manifests/rule6.pp b/manifests/rule6.pp
index eb6b741..77a945f 100644
--- a/manifests/rule6.pp
+++ b/manifests/rule6.pp
@@ -19,7 +19,7 @@ define shorewall::rule6(
   $ensure          = 'present',
 ){
   shorewall::rule{
-    $name:
+    "${name}_IP6":
       ensure          => $ensure,
       action          => $action,
       source          => $source,
-- 
cgit v1.2.3