class firewall::torrent(
  $range = lookup('firewall::torrent::range', undef, undef, '6881:6999')
) {
  shorewall::rule { "torrent-tcp":
    action          => 'ACCEPT',
    source          => 'net',
    destination     => '$FW',
    proto           => 'tcp',
    destinationport => "$range",
    ratelimit       => '-',
    order           => 200,
  }

  shorewall::rule { "torrent-udp":
    action          => 'ACCEPT',
    source          => 'net',
    destination     => '$FW',
    proto           => 'udp',
    destinationport => "$range",
    ratelimit       => '-',
    order           => 201,
  }
}