1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
# http://www.shorewall.net/manpages/shorewall-rules.html
# http://www.shorewall.net/manpages6/shorewall6-rules.html
define shorewall::rule(
$action,
$source,
$destination,
$proto = '-',
$destinationport = '-',
$sourceport = '-',
$originaldest = '-',
$ratelimit = '-',
$user = '-',
$mark = '-',
$connlimit = '-',
$time = '-',
$headers = '-',
$switch = '-',
$helper = '-',
$order = '500',
$shorewall = true,
$shorewall6 = true,
$ensure = 'present',
){
if versioncmp($shorewall_version,'4.5.7') >= 0 {
$line = " ${connlimit} ${time} ${headers} ${switch} ${helper}"
} elsif versioncmp($shorewall_version,'4.4.24') >= 0 {
# el6
$line = " ${connlimit} ${time} ${headers} ${switch}"
} else {
# el5
$line = ''
}
$with_shorewall6 = $shorewall6 and $shorewall::with_shorewall6
shorewall::entry{"rules-${order}-${name}":
ensure => $ensure,
line => "# ${name}\n${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${originaldest} ${ratelimit} ${user} ${mark}${line}",
shorewall => $shorewall,
shorewall6 => $with_shorewall6,
}
}
|
