summaryrefslogtreecommitdiff
path: root/manifests/blrules.pp
blob: 5565bf31d2e31ef25e53ffc596a09317874296e0 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

# Manage blrules. For additional information type "man shorewall-blrules"
#
# Sample Usage:
#
#  shorewall::interface { 'br0':
#    zone    => 'net',
#    options => 'tcpflags,nosmurfs,routeback,bridge';
#  }
#
#  class { 'shorewall::blrules':
#    options         => 'tcpflags,nosmurfs,routeback,bridge',
#    whitelists    =>  [
#                          "net:10.0.0.1,192.168.0.1 all",
#                        ],
#
#    drops           => [
#                          'net  all tcp 22', #ssh
#                       ],
#  }


class shorewall::blrules (
  $whitelists,
  $drops,
) {
  file{'/etc/shorewall/puppet/blrules':
    content => template('shorewall/blrules.erb'),
    require => Package['shorewall'],
    notify  => Exec['shorewall_check'],
    owner   => root,
    group   => 0,
    mode    => '0644';
  }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-08 14:07:44 +0000