diff options
-rw-r--r-- | manifests/init.pp | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 2052a99..853456f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,5 +1,7 @@ # Firewall definitions for physical servers class firewall( + $device = hiera('firewall::device', 'eth0'), + $zone = hiera('firewall::zone', '-'), $local_net = hiera('firewall::local_net', false), $in_bandwidth = hiera('firewall::in_bandwidth', '2mbit'), $out_bandwidth = hiera('firewall::out_bandwidth', '2mbit'), @@ -16,8 +18,8 @@ class firewall( # # Interfaces # - shorewall::interface { 'eth0': - zone => '-', + shorewall::interface { "${device}": + zone => $zone, rfc1918 => $rfc1918, options => $device_options, } @@ -63,22 +65,22 @@ class firewall( # # Hosts # - shorewall::host { "eth0-subnet": - name => 'eth0:192.168.0.0/24', + shorewall::host { "${device}-subnet": + name => "${device}:192.168.0.0/24", zone => 'vm', options => '', order => '1', } - shorewall::host { "eth0": - name => 'eth0:0.0.0.0/0', + shorewall::host { "${device}": + name => "${device}:0.0.0.0/0", zone => 'net', options => '', order => '2', } - shorewall::masq { "eth0": - interface => 'eth0:!192.168.0.0/24', + shorewall::masq { "${device}": + interface => "${device}:!192.168.0.0/24", source => '192.168.0.0/24', order => '1', } |