From 00d7e707917a28816ea34589318390fe4f185c73 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Sat, 24 Mar 2018 16:20:29 +0100
Subject: The blacklist option should not be set by default, it should only be
 added when you are actually going to blacklist things. Otherwise you get this
 warning from shorewall_check each day:

WARNING: There are interfaces or zones with the 'blacklist' option, but the 'blacklist' file is either missing or has zero size

Also, the README for this module notes that this option is deprecated upstream,
and so we should remove it.
---
 manifests/interface.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'manifests')

diff --git a/manifests/interface.pp b/manifests/interface.pp
index 4184db5..d6c3623 100644
--- a/manifests/interface.pp
+++ b/manifests/interface.pp
@@ -3,7 +3,7 @@
 define shorewall::interface(
   $zone,
   $broadcast   = 'detect',
-  $options     = 'tcpflags,blacklist,routefilter,nosmurfs,logmartians',
+  $options     = 'tcpflags,routefilter,nosmurfs,logmartians',
   $add_options = '',
   $rfc1918     = false,
   $dhcp        = false,
-- 
cgit v1.2.3