diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2014-09-26 16:30:45 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2014-09-26 16:30:45 -0300 |
| commit | 4f696829df9a134c7a8276b1363d9205192c946f (patch) | |
| tree | 9c46eb82873ea78141546784414776af799d9059 | |
| parent | fd5e806d46b4f2f3501e3310061c6b5b11515fd8 (diff) | |
| download | puppet-firewall-4f696829df9a134c7a8276b1363d9205192c946f.tar.gz puppet-firewall-4f696829df9a134c7a8276b1363d9205192c946f.tar.bz2 | |
Adding device and zone parameters to firewall class
| -rw-r--r-- | manifests/init.pp | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 2052a99..853456f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,5 +1,7 @@ # Firewall definitions for physical servers class firewall( + $device = hiera('firewall::device', 'eth0'), + $zone = hiera('firewall::zone', '-'), $local_net = hiera('firewall::local_net', false), $in_bandwidth = hiera('firewall::in_bandwidth', '2mbit'), $out_bandwidth = hiera('firewall::out_bandwidth', '2mbit'), @@ -16,8 +18,8 @@ class firewall( # # Interfaces # - shorewall::interface { 'eth0': - zone => '-', + shorewall::interface { "${device}": + zone => $zone, rfc1918 => $rfc1918, options => $device_options, } @@ -63,22 +65,22 @@ class firewall( # # Hosts # - shorewall::host { "eth0-subnet": - name => 'eth0:192.168.0.0/24', + shorewall::host { "${device}-subnet": + name => "${device}:192.168.0.0/24", zone => 'vm', options => '', order => '1', } - shorewall::host { "eth0": - name => 'eth0:0.0.0.0/0', + shorewall::host { "${device}": + name => "${device}:0.0.0.0/0", zone => 'net', options => '', order => '2', } - shorewall::masq { "eth0": - interface => 'eth0:!192.168.0.0/24', + shorewall::masq { "${device}": + interface => "${device}:!192.168.0.0/24", source => '192.168.0.0/24', order => '1', } |