summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2014-09-26 16:45:09 -0300
committerSilvio Rhatto <rhatto@riseup.net>2014-09-26 16:45:09 -0300
commit2f9efd957302ba3554bda594660ca7a4d87b5178 (patch)
tree2f864b8a064c86406799f1f3bce51d186751a058
parenta5d371aefc402d6594abd41b9af64dcf20a123b9 (diff)
downloadpuppet-firewall-2f9efd957302ba3554bda594660ca7a4d87b5178.tar.gz
puppet-firewall-2f9efd957302ba3554bda594660ca7a4d87b5178.tar.bz2
New hiera parameter firewall::external_ip
-rw-r--r--manifests/vserver.pp42
1 files changed, 21 insertions, 21 deletions
diff --git a/manifests/vserver.pp b/manifests/vserver.pp
index e06e6fe..30f2c52 100644
--- a/manifests/vserver.pp
+++ b/manifests/vserver.pp
@@ -15,7 +15,7 @@ class firewall::vserver::http($destination, $zone = 'vm') {
destination => "fw:$destination:80",
proto => 'tcp',
destinationport => '80',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 601,
}
@@ -38,7 +38,7 @@ class firewall::vserver::https($destination, $zone = 'vm') {
destination => "fw:$destination:443",
proto => 'tcp',
destinationport => '443',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => hiera("firewall::ssl_ratelimit", '-'),
order => 602,
}
@@ -71,7 +71,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140',
destination => "$zone:$destination:$puppetmaster_port",
proto => 'tcp',
destinationport => "$puppetmaster_port",
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => hiera("firewall::ssl_ratelimit", '-'),
order => 702,
}
@@ -82,7 +82,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140',
destination => "$zone:$destination:$puppetmaster_port",
proto => 'udp',
destinationport => "$puppetmaster_port",
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => hiera("firewall::ssl_ratelimit", '-'),
order => 703,
}
@@ -113,7 +113,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140',
destination => "$zone:$destination:$puppetmaster_nonssl_port",
proto => 'tcp',
destinationport => "$puppetmaster_nonssl_port",
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 706,
}
@@ -124,7 +124,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140',
destination => "$zone:$destination:$puppetmaster_nonssl_port",
proto => 'udp',
destinationport => "$puppetmaster_nonssl_port",
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 707,
}
@@ -147,7 +147,7 @@ class firewall::vserver::gitd($destination, $zone = 'fw') {
destination => "$zone:$destination:9418",
proto => 'tcp',
destinationport => '9418',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 801,
}
@@ -170,7 +170,7 @@ class firewall::vserver::icecast($destination, $zone = 'fw') {
destination => "$zone:$destination:8000",
proto => 'tcp',
destinationport => '8000',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 901,
}
@@ -193,7 +193,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') {
destination => "$zone:$destination:25",
proto => 'tcp',
destinationport => '25',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 1001,
}
@@ -214,7 +214,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') {
destination => "$zone:$destination:993",
proto => 'tcp',
destinationport => '993',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => hiera("firewall::ssl_ratelimit", '-'),
order => 1003,
}
@@ -235,7 +235,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') {
destination => "$zone:$destination:587",
proto => 'tcp',
destinationport => '587',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => hiera("firewall::ssl_ratelimit", '-'),
order => 1005,
}
@@ -264,7 +264,7 @@ define firewall::vserver::ssh($destination, $port_orig = '22', $port_dest = '',
},
proto => 'tcp',
destinationport => "$port_orig",
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => "2$port_orig",
}
@@ -293,7 +293,7 @@ define firewall::vserver::munin($destination, $port_orig, $port_dest = '', $orde
},
proto => 'tcp',
destinationport => "$port_orig",
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => $order,
}
@@ -326,7 +326,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') {
destination => "fw:$destination:53",
proto => 'tcp',
destinationport => '53',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 2002,
}
@@ -347,7 +347,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') {
destination => "fw:$destination:53",
proto => 'udp',
destinationport => '53',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 2004,
}
@@ -370,7 +370,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') {
destination => "$zone:$destination:9001",
proto => 'tcp',
destinationport => '9001',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 2101,
}
@@ -391,7 +391,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') {
destination => "$zone:$destination:9030",
proto => 'tcp',
destinationport => '9030',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 2103,
}
@@ -414,7 +414,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') {
destination => "$zone:$destination:5223",
proto => 'tcp',
destinationport => '5223',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 2201,
}
@@ -435,7 +435,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') {
destination => "$zone:$destination:4369",
proto => 'tcp',
destinationport => '4369',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 2203,
}
@@ -446,7 +446,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') {
destination => "$zone:$destination:4370",
proto => 'tcp',
destinationport => '4370:4375',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 2204,
}
@@ -469,7 +469,7 @@ class firewall::vserver::mumble($destination, $zone = 'fw') {
destination => "$zone:$destination:64738",
proto => 'udp',
destinationport => '64738',
- originaldest => "$ipaddress",
+ originaldest => hiera('firewall::external_ip', $::ipaddress),
ratelimit => '-',
order => 2301,
}