diff options
Diffstat (limited to 'manifests/router/hairpinning.pp')
-rw-r--r-- | manifests/router/hairpinning.pp | 50 |
1 files changed, 24 insertions, 26 deletions
diff --git a/manifests/router/hairpinning.pp b/manifests/router/hairpinning.pp index 21a8d9d..96fac1e 100644 --- a/manifests/router/hairpinning.pp +++ b/manifests/router/hairpinning.pp @@ -1,29 +1,27 @@ # See http://www.shorewall.net/FAQ.htm#faq2 -define firewall::router::hairpinning($order = '5000', $proto = 'tcp', $port = 'www', - $external_ip = '$ETH0_IP', $interface = 'eth1', - $destination = '192.168.1.100', $source = 'eth1', - $source_zone = 'loc', $dest_zone = 'loc', - $port_dest = '') { - shorewall::masq { "routeback-$name": - interface => "$interface:$destination", - source => $source, - address => $external_ip, - proto => $proto, - port => $port, - order => $order, - } - - shorewall::rule { "routeback-$name": - action => 'DNAT', - source => $source_zone, - destination => $port_dest ? { - '' => "$dest_zone:$destination", - default => "$dest_zone:$destination:$port_dest", - }, - proto => $proto, - destinationport => $port, - ratelimit => '-', - order => $order, - originaldest => $external_ip, +define firewall::router::hairpinning( + $implementation = lookup('firewall::implementation', undef, undef, 'shorewall'), + $order = '5000', + $proto = 'tcp', + $port = 'www', + $external_ip = '$ETH0_IP', + $interface = 'eth1', + $destination = '192.168.1.100', + $source = 'eth1', + $source_zone = 'loc', + $dest_zone = 'loc', + $port_dest = '' +) { + class { "firewall::implementations::${implementation}::router::hairpinning": + order => $order, + proto => $proto, + port => $port, + external_ip => $external_ip, + interface => $interface, + destination => $destination, + source => $source, + source_zone => $source_zone, + dest_zone => $dest_zone, + port_dest => $port_dest, } } |