From b39b5c24910f8816c3b9e6d2a0211ad892b36aa6 Mon Sep 17 00:00:00 2001
From: intrigeri <intrigeri@boum.org>
Date: Fri, 17 Dec 2010 19:39:44 +0100
Subject: Add support for Tor-ified traffic.

---
 manifests/rules/torify/user.pp | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 manifests/rules/torify/user.pp

(limited to 'manifests/rules/torify/user.pp')

diff --git a/manifests/rules/torify/user.pp b/manifests/rules/torify/user.pp
new file mode 100644
index 0000000..5caccfd
--- /dev/null
+++ b/manifests/rules/torify/user.pp
@@ -0,0 +1,27 @@
+define shorewall::rules::torify::user(
+  $originaldest = '-',
+  $allow_rfc1918 = true
+){
+
+  $user = $name
+
+  include shorewall::rules::torify::allow_tor_transparent_proxy
+
+  if $originaldest == '-' and $user == '-' {
+    include shorewall::rules::torify::allow_tor_user
+  }
+
+  shorewall::rules::torify::redirect_tcp_to_tor {
+    "redirect-to-tor-user=${user}-to=${originaldest}":
+      user         => $user,
+      originaldest => $originaldest
+  }
+
+  shorewall::rules::torify::reject_non_tor {
+    "reject-non-tor-user=${user}-to=${originaldest}":
+      user          => "$user",
+      originaldest  => $originaldest,
+      allow_rfc1918 => $allow_rfc1918;
+  }
+
+}
-- 
cgit v1.2.3