From 2f9efd957302ba3554bda594660ca7a4d87b5178 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Fri, 26 Sep 2014 16:45:09 -0300 Subject: New hiera parameter firewall::external_ip --- manifests/vserver.pp | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/manifests/vserver.pp b/manifests/vserver.pp index e06e6fe..30f2c52 100644 --- a/manifests/vserver.pp +++ b/manifests/vserver.pp @@ -15,7 +15,7 @@ class firewall::vserver::http($destination, $zone = 'vm') { destination => "fw:$destination:80", proto => 'tcp', destinationport => '80', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 601, } @@ -38,7 +38,7 @@ class firewall::vserver::https($destination, $zone = 'vm') { destination => "fw:$destination:443", proto => 'tcp', destinationport => '443', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => hiera("firewall::ssl_ratelimit", '-'), order => 602, } @@ -71,7 +71,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', destination => "$zone:$destination:$puppetmaster_port", proto => 'tcp', destinationport => "$puppetmaster_port", - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => hiera("firewall::ssl_ratelimit", '-'), order => 702, } @@ -82,7 +82,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', destination => "$zone:$destination:$puppetmaster_port", proto => 'udp', destinationport => "$puppetmaster_port", - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => hiera("firewall::ssl_ratelimit", '-'), order => 703, } @@ -113,7 +113,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', destination => "$zone:$destination:$puppetmaster_nonssl_port", proto => 'tcp', destinationport => "$puppetmaster_nonssl_port", - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 706, } @@ -124,7 +124,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', destination => "$zone:$destination:$puppetmaster_nonssl_port", proto => 'udp', destinationport => "$puppetmaster_nonssl_port", - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 707, } @@ -147,7 +147,7 @@ class firewall::vserver::gitd($destination, $zone = 'fw') { destination => "$zone:$destination:9418", proto => 'tcp', destinationport => '9418', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 801, } @@ -170,7 +170,7 @@ class firewall::vserver::icecast($destination, $zone = 'fw') { destination => "$zone:$destination:8000", proto => 'tcp', destinationport => '8000', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 901, } @@ -193,7 +193,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { destination => "$zone:$destination:25", proto => 'tcp', destinationport => '25', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 1001, } @@ -214,7 +214,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { destination => "$zone:$destination:993", proto => 'tcp', destinationport => '993', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => hiera("firewall::ssl_ratelimit", '-'), order => 1003, } @@ -235,7 +235,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { destination => "$zone:$destination:587", proto => 'tcp', destinationport => '587', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => hiera("firewall::ssl_ratelimit", '-'), order => 1005, } @@ -264,7 +264,7 @@ define firewall::vserver::ssh($destination, $port_orig = '22', $port_dest = '', }, proto => 'tcp', destinationport => "$port_orig", - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => "2$port_orig", } @@ -293,7 +293,7 @@ define firewall::vserver::munin($destination, $port_orig, $port_dest = '', $orde }, proto => 'tcp', destinationport => "$port_orig", - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => $order, } @@ -326,7 +326,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') { destination => "fw:$destination:53", proto => 'tcp', destinationport => '53', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 2002, } @@ -347,7 +347,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') { destination => "fw:$destination:53", proto => 'udp', destinationport => '53', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 2004, } @@ -370,7 +370,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') { destination => "$zone:$destination:9001", proto => 'tcp', destinationport => '9001', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 2101, } @@ -391,7 +391,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') { destination => "$zone:$destination:9030", proto => 'tcp', destinationport => '9030', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 2103, } @@ -414,7 +414,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') { destination => "$zone:$destination:5223", proto => 'tcp', destinationport => '5223', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 2201, } @@ -435,7 +435,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') { destination => "$zone:$destination:4369", proto => 'tcp', destinationport => '4369', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 2203, } @@ -446,7 +446,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') { destination => "$zone:$destination:4370", proto => 'tcp', destinationport => '4370:4375', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 2204, } @@ -469,7 +469,7 @@ class firewall::vserver::mumble($destination, $zone = 'fw') { destination => "$zone:$destination:64738", proto => 'udp', destinationport => '64738', - originaldest => "$ipaddress", + originaldest => hiera('firewall::external_ip', $::ipaddress), ratelimit => '-', order => 2301, } -- cgit v1.2.3