From 052f749adb3b488388cba57f65f74852621ac1fa Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Sat, 5 Nov 2011 14:50:26 +0100
Subject: allow ssh_in source to be selected by hiera, better naming for the
 same option for munin

---
 manifests/rules/ssh.pp | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'manifests/rules/ssh.pp')

diff --git a/manifests/rules/ssh.pp b/manifests/rules/ssh.pp
index 0eebcb4..3b7efa2 100644
--- a/manifests/rules/ssh.pp
+++ b/manifests/rules/ssh.pp
@@ -1,10 +1,12 @@
-class shorewall::rules::ssh($ports) {
-  $flatted_ports = join($ports,',')
+class shorewall::rules::ssh(
+  $ports,
+  $source = hiera('shorewall_ssh_in_source','net')
+) {
   shorewall::rule { 'net-me-tcp_ssh':
-    source          => 'net',
+    source          => $shorewall::rules::ssh::source,
     destination     => '$FW',
     proto           => 'tcp',
-    destinationport => $flatted_ports,
+    destinationport => join($shorewall::rules::ssh::ports,','),
     order           => 240,
     action          => 'ACCEPT';
   }
-- 
cgit v1.2.3