From 8552753d9e3ab7662e618c54875e626a2b6926e9 Mon Sep 17 00:00:00 2001
From: Matt Taggart <taggart@riseup.net>
Date: Fri, 10 Feb 2017 13:08:12 -0800
Subject: remove deprecated blacklist

the blacklist file was deprecated by upstream in 4.5.7, remove all
references to them. Debian wheezy shipped with 4.5.5.3-3 (but could
use a backport) and jessie has 4.6.4.3-2 currently.
---
 manifests/blacklist.pp | 9 ---------
 manifests/blrules.pp   | 4 ++--
 manifests/host.pp      | 2 +-
 manifests/init.pp      | 5 -----
 manifests/interface.pp | 2 +-
 5 files changed, 4 insertions(+), 18 deletions(-)
 delete mode 100644 manifests/blacklist.pp

(limited to 'manifests')

diff --git a/manifests/blacklist.pp b/manifests/blacklist.pp
deleted file mode 100644
index afbe216..0000000
--- a/manifests/blacklist.pp
+++ /dev/null
@@ -1,9 +0,0 @@
-define shorewall::blacklist(
-    $proto = '-',
-    $port = '-',
-    $order='100'
-){
-    shorewall::entry{"blacklist-${order}-${name}":
-        line => "${name} ${proto} ${port}",
-    }           
-}
diff --git a/manifests/blrules.pp b/manifests/blrules.pp
index b8fe73f..d6b5550 100644
--- a/manifests/blrules.pp
+++ b/manifests/blrules.pp
@@ -5,11 +5,11 @@
 #  shorewall::interface { 'br0':
 #    zone    => 'net',
 #    rfc1918  => true,
-#    options => 'tcpflags,blacklist,nosmurfs,routeback,bridge';
+#    options => 'tcpflags,nosmurfs,routeback,bridge';
 #  }
 #
 #  class { 'shorewall::blrules':
-#    options         => 'tcpflags,blacklist,nosmurfs,routeback,bridge',
+#    options         => 'tcpflags,nosmurfs,routeback,bridge',
 #    whitelists    =>  [
 #                          "net:10.0.0.1,192.168.0.1 all",
 #                        ],
diff --git a/manifests/host.pp b/manifests/host.pp
index f400223..370be03 100644
--- a/manifests/host.pp
+++ b/manifests/host.pp
@@ -1,6 +1,6 @@
 define shorewall::host(
     $zone,
-    $options = 'tcpflags,blacklist,norfc1918',
+    $options = 'tcpflags,norfc1918',
     $order='100'
 ){
     shorewall::entry{"hosts-${order}-${name}":
diff --git a/manifests/init.pp b/manifests/init.pp
index d6b2d2a..5e2da52 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -27,8 +27,6 @@ class shorewall(
   $proxyarp_defaults          = {},
   $nat                        = {},
   $nat_defaults               = {},
-  $blacklist                  = {},
-  $blacklist_defaults         = {},
   $rfc1918                    = {},
   $rfc1918_defaults           = {},
   $routestopped               = {},
@@ -76,8 +74,6 @@ class shorewall(
       'proxyarp',
       # See http://www.shorewall.net/3.0/Documentation.htm#NAT
       'nat',
-      # See http://www.shorewall.net/3.0/Documentation.htm#Blacklist
-      'blacklist',
       # See http://www.shorewall.net/3.0/Documentation.htm#rfc1918
       'rfc1918',
       # See http://www.shorewall.net/3.0/Documentation.htm#Routestopped
@@ -110,7 +106,6 @@ class shorewall(
   create_resources('shorewall::masq',$masq,$masq_defaults)
   create_resources('shorewall::proxyarp',$proxyarp,$proxyarp_defaults)
   create_resources('shorewall::nat',$nat,$nat_defaults)
-  create_resources('shorewall::blacklist',$blacklist,$blacklist_defaults)
   create_resources('shorewall::rfc1918',$rfc1918,$rfc1918_defaults)
   create_resources('shorewall::routestopped',$routestopped,
     $routestopped_defaults)
diff --git a/manifests/interface.pp b/manifests/interface.pp
index 403ee74..b3d66c6 100644
--- a/manifests/interface.pp
+++ b/manifests/interface.pp
@@ -1,7 +1,7 @@
 define shorewall::interface(
     $zone,
     $broadcast = 'detect',
-    $options = 'tcpflags,blacklist,routefilter,nosmurfs,logmartians',
+    $options = 'tcpflags,routefilter,nosmurfs,logmartians',
     $add_options = '',
     $rfc1918 = false,
     $dhcp = false,
-- 
cgit v1.2.3


From 47f1ee74666fa00314546d01982461fa79d9da0a Mon Sep 17 00:00:00 2001
From: Matt Taggart <taggart@riseup.net>
Date: Fri, 10 Feb 2017 13:24:59 -0800
Subject: remove deprecated norfc1918 option

It was deprecated in 4.2.0
http://www.shorewall.net/upgrade_issues.htm
---
 manifests/host.pp      | 2 +-
 manifests/interface.pp | 8 +-------
 2 files changed, 2 insertions(+), 8 deletions(-)

(limited to 'manifests')

diff --git a/manifests/host.pp b/manifests/host.pp
index 370be03..fe12247 100644
--- a/manifests/host.pp
+++ b/manifests/host.pp
@@ -1,6 +1,6 @@
 define shorewall::host(
     $zone,
-    $options = 'tcpflags,norfc1918',
+    $options = 'tcpflags',
     $order='100'
 ){
     shorewall::entry{"hosts-${order}-${name}":
diff --git a/manifests/interface.pp b/manifests/interface.pp
index b3d66c6..670e477 100644
--- a/manifests/interface.pp
+++ b/manifests/interface.pp
@@ -3,7 +3,6 @@ define shorewall::interface(
     $broadcast = 'detect',
     $options = 'tcpflags,routefilter,nosmurfs,logmartians',
     $add_options = '',
-    $rfc1918 = false,
     $dhcp = false,
     $order = 100
 ){
@@ -17,13 +16,8 @@ define shorewall::interface(
         default => ',dhcp',
     }
 
-    $rfc1918_opt = $rfc1918 ? {
-        false   => ',norfc1918',
-        default => '',
-    }
-
     shorewall::entry { "interfaces-${order}-${name}":
-        line => "${zone} ${name} ${broadcast} ${options}${dhcp_opt}${rfc1918_opt}${added_opts}",
+        line => "${zone} ${name} ${broadcast} ${options}${dhcp_opt}${added_opts}",
     }
 }
 
-- 
cgit v1.2.3


From 4b3f8eac5f343b5ecd2354d16e83256b8413e807 Mon Sep 17 00:00:00 2001
From: Matt Taggart <taggart@riseup.net>
Date: Fri, 10 Feb 2017 13:33:05 -0800
Subject: remove deprecated rfc1918 file

this hasn't been supported since 3.x days
---
 manifests/blrules.pp | 1 -
 manifests/init.pp    | 5 -----
 manifests/rfc1918.pp | 8 --------
 3 files changed, 14 deletions(-)
 delete mode 100644 manifests/rfc1918.pp

(limited to 'manifests')

diff --git a/manifests/blrules.pp b/manifests/blrules.pp
index d6b5550..abf7508 100644
--- a/manifests/blrules.pp
+++ b/manifests/blrules.pp
@@ -4,7 +4,6 @@
 #
 #  shorewall::interface { 'br0':
 #    zone    => 'net',
-#    rfc1918  => true,
 #    options => 'tcpflags,nosmurfs,routeback,bridge';
 #  }
 #
diff --git a/manifests/init.pp b/manifests/init.pp
index 5e2da52..fa2641d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -27,8 +27,6 @@ class shorewall(
   $proxyarp_defaults          = {},
   $nat                        = {},
   $nat_defaults               = {},
-  $rfc1918                    = {},
-  $rfc1918_defaults           = {},
   $routestopped               = {},
   $routestopped_defaults      = {},
   $params                     = {},
@@ -74,8 +72,6 @@ class shorewall(
       'proxyarp',
       # See http://www.shorewall.net/3.0/Documentation.htm#NAT
       'nat',
-      # See http://www.shorewall.net/3.0/Documentation.htm#rfc1918
-      'rfc1918',
       # See http://www.shorewall.net/3.0/Documentation.htm#Routestopped
       'routestopped',
       # See http://www.shorewall.net/3.0/Documentation.htm#Variables
@@ -106,7 +102,6 @@ class shorewall(
   create_resources('shorewall::masq',$masq,$masq_defaults)
   create_resources('shorewall::proxyarp',$proxyarp,$proxyarp_defaults)
   create_resources('shorewall::nat',$nat,$nat_defaults)
-  create_resources('shorewall::rfc1918',$rfc1918,$rfc1918_defaults)
   create_resources('shorewall::routestopped',$routestopped,
     $routestopped_defaults)
   create_resources('shorewall::params',$params,$params_defaults)
diff --git a/manifests/rfc1918.pp b/manifests/rfc1918.pp
deleted file mode 100644
index 31dce5d..0000000
--- a/manifests/rfc1918.pp
+++ /dev/null
@@ -1,8 +0,0 @@
-define shorewall::rfc1918(
-    $action = 'logdrop',
-    $order='100'
-){
-    shorewall::entry{"rfc1918-${order}-${name}":
-        line => "${name} ${action}"
-    }   
-}
-- 
cgit v1.2.3