diff options
Diffstat (limited to 'manifests/virtual/dns.pp')
-rw-r--r-- | manifests/virtual/dns.pp | 58 |
1 files changed, 7 insertions, 51 deletions
diff --git a/manifests/virtual/dns.pp b/manifests/virtual/dns.pp index 1bf3872..8ae02ae 100644 --- a/manifests/virtual/dns.pp +++ b/manifests/virtual/dns.pp @@ -1,53 +1,9 @@ -class firewall::virtual::dns($destination, $zone = 'vm') { - shorewall::rule { 'dns-route-0': - action => 'DNS/ACCEPT', - source => 'net', - destination => '$FW', - proto => '-', - destinationport => '-', - ratelimit => '-', - order => 2000, - } - - shorewall::rule { 'dns-route-1': - action => 'DNAT', - source => 'net', - destination => "$zone:$destination:53", - proto => 'tcp', - destinationport => '53', - ratelimit => '-', - order => 2001, - } - - shorewall::rule { 'dns-route-2': - action => 'DNAT', - source => '$FW', - destination => "fw:$destination:53", - proto => 'tcp', - destinationport => '53', - originaldest => lookup('firewall::external_ip', undef, undef, $::ipaddress), - ratelimit => '-', - order => 2002, - } - - shorewall::rule { 'dns-route-3': - action => 'DNAT', - source => 'net', - destination => "$zone:$destination:53", - proto => 'udp', - destinationport => '53', - ratelimit => '-', - order => 2003, - } - - shorewall::rule { 'dns-route-4': - action => 'DNAT', - source => '$FW', - destination => "fw:$destination:53", - proto => 'udp', - destinationport => '53', - originaldest => lookup('firewall::external_ip', undef, undef, $::ipaddress), - ratelimit => '-', - order => 2004, +class firewall::virtual::dns( + $implementation = lookup('firewall::implementation', undef, undef, 'shorewall'), + $destination, $zone = 'vm' +) { + class { "firewall::implementations::${implementation}::virtual::dns": + destination => $destination, + zone => $zone, } } |