From 4f696829df9a134c7a8276b1363d9205192c946f Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Fri, 26 Sep 2014 16:30:45 -0300 Subject: Adding device and zone parameters to firewall class --- manifests/init.pp | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'manifests/init.pp') diff --git a/manifests/init.pp b/manifests/init.pp index 2052a99..853456f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,5 +1,7 @@ # Firewall definitions for physical servers class firewall( + $device = hiera('firewall::device', 'eth0'), + $zone = hiera('firewall::zone', '-'), $local_net = hiera('firewall::local_net', false), $in_bandwidth = hiera('firewall::in_bandwidth', '2mbit'), $out_bandwidth = hiera('firewall::out_bandwidth', '2mbit'), @@ -16,8 +18,8 @@ class firewall( # # Interfaces # - shorewall::interface { 'eth0': - zone => '-', + shorewall::interface { "${device}": + zone => $zone, rfc1918 => $rfc1918, options => $device_options, } @@ -63,22 +65,22 @@ class firewall( # # Hosts # - shorewall::host { "eth0-subnet": - name => 'eth0:192.168.0.0/24', + shorewall::host { "${device}-subnet": + name => "${device}:192.168.0.0/24", zone => 'vm', options => '', order => '1', } - shorewall::host { "eth0": - name => 'eth0:0.0.0.0/0', + shorewall::host { "${device}": + name => "${device}:0.0.0.0/0", zone => 'net', options => '', order => '2', } - shorewall::masq { "eth0": - interface => 'eth0:!192.168.0.0/24', + shorewall::masq { "${device}": + interface => "${device}:!192.168.0.0/24", source => '192.168.0.0/24', order => '1', } -- cgit v1.2.3