summaryrefslogtreecommitdiff
path: root/manifests/local.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/local.pp')
-rw-r--r--manifests/local.pp44
1 files changed, 6 insertions, 38 deletions
diff --git a/manifests/local.pp b/manifests/local.pp
index a44b9b8..7f0faf4 100644
--- a/manifests/local.pp
+++ b/manifests/local.pp
@@ -1,47 +1,15 @@
class firewall::local(
+ $implementation = lookup('firewall::implementation', undef, undef, 'shorewall'),
$network = lookup('firewall::local::network', undef, undef, '192.168.1.0/24'),
$interface = lookup('firewall::local::interface', undef, undef, 'eth0'),
$manage_host = lookup('firewall::local::manage_host', undef, undef, true),
$manage_interface = lookup('firewall::local::manage_iface', undef, undef, false)
) {
- if $manage_host {
- shorewall::host { "$interface-loc":
- name => "$interface:$network",
- zone => 'loc',
- options => '',
- order => 3,
- }
+ class { "firewall::implementations::${implementation}::local":
+ network => $network,
+ interface => $interface,
+ manage_host => $manage_host,
+ manage_interface => $manage_interface,
}
-
- if $manage_interface {
- shorewall::interface { "$interface":
- zone => 'loc',
- rfc1918 => true,
- dhcp => true,
- options => 'routeback',
- }
- }
-
- shorewall::policy { 'loc-all':
- sourcezone => 'loc',
- destinationzone => 'all',
- policy => 'ACCEPT',
- order => 5,
- }
-
- shorewall::policy { 'vm-loc':
- sourcezone => 'vm',
- destinationzone => 'loc',
- policy => 'ACCEPT',
- order => 6,
- }
-
- shorewall::policy { 'fw-loc':
- sourcezone => '$FW',
- destinationzone => 'loc',
- policy => 'ACCEPT',
- order => 7,
- }
-
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-26 02:17:32 +0000