From 0b180227270cf5d1a5e2176142c2a129940f523a Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Fri, 26 Sep 2008 17:55:02 -0400
Subject: add sshd_allow_tcp_forwarding variable, with the default changed to
 no (note this is opposite of what the existing template had enabled for
 Debian, but this is a better setting)

---
 manifests/init.pp | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'manifests')

diff --git a/manifests/init.pp b/manifests/init.pp
index 5ba3e22..af716cd 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,6 +1,7 @@
 #
 # ssh module
 #
+# Copyright 2008, micah@riseup.net
 # Copyright 2008, admin(at)immerda.ch
 # Copyright 2008, Puzzle ITC GmbH
 # Marcel Härry haerry+puppet(at)puzzle.ch
@@ -44,6 +45,10 @@
 # 				Valid values: yes or no
 #				Default: no
 # 
+# sshd_tcp_forwarding:		If you want to enable TcpForwarding
+# 				Valid Values: yes or no
+#				Default: no
+#
 # sshd_x11_forwarding:          If you want to enable x11 forwarding 
 #                               Valid Values: yes or no
 #                               Default: no
@@ -110,6 +115,10 @@ class sshd::base {
         '' => 'no',
         default => $sshd_password_authentication
     }
+    $real_sshd_tcp_forwarding = $sshd_tcp_forwarding ? {
+    	'' => 'no',
+	default => $sshd_tcp_forwarding
+    }
     $real_sshd_x11_forwarding = $sshd_x11_forwarding ? {
         '' => 'no',
         default => $sshd_x11_forwarding
-- 
cgit v1.2.3