1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
# Manage blrules. For additional information type "man shorewall-blrules"
#
# Sample Usage:
#
# shorewall::interface { 'br0':
# zone => 'net',
# rfc1918 => true,
# options => 'tcpflags,blacklist,nosmurfs,routeback,bridge';
# }
#
# class { 'shorewall::blrules':
# options => 'tcpflags,blacklist,nosmurfs,routeback,bridge',
# whitelists => [
# "net:10.0.0.1,192.168.0.1 all",
# ],
#
# drops => [
# 'net all tcp 22', #ssh
# ],
# }
#
class shorewall::blrules (
$whitelists,
$drops,
) {
file{'/etc/shorewall/puppet/blrules':
content => template('shorewall/blrules.erb'),
require => Package['shorewall'],
notify => Exec['shorewall_check'],
owner => root,
group => 0,
mode => '0644';
}
}
|
