1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
# See http://www.shorewall.net/FAQ.htm#faq2
define firewall::router::hairpinning($order = '5000', $proto = 'tcp', $port = 'www',
$external_ip = '$ETH0_IP', $interface = 'eth1',
$destination = '192.168.1.100', $source = 'eth1',
$source_zone = 'loc', $dest_zone = 'loc',
$port_dest = '') {
shorewall::masq { "routeback-$name":
interface => "$interface:$destination",
source => $source,
address => $external_ip,
proto => $proto,
port => $port,
order => $order,
}
shorewall::rule { "routeback-$name":
action => 'DNAT',
source => $source_zone,
destination => $port_dest ? {
'' => "$dest_zone:$destination",
default => "$dest_zone:$destination:$port_dest",
},
proto => $proto,
destinationport => $port,
ratelimit => '-',
order => $order,
originaldest => $external_ip,
}
}
|