diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2011-08-15 19:02:52 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2011-08-15 19:02:52 -0300 |
| commit | a25e4d7e3d4f4f33a8a48e13f0b2f5200a4f4c60 (patch) | |
| tree | fcfb2be712d2de137bf0dda64430f7a1e4add43c | |
| parent | bc443116a68704768be51129695daaaf8755fbb1 (diff) | |
| download | puppet-nodo-a25e4d7e3d4f4f33a8a48e13f0b2f5200a4f4c60.tar.gz puppet-nodo-a25e4d7e3d4f4f33a8a48e13f0b2f5200a4f4c60.tar.bz2 | |
Adding firewall::vserver::dns
| -rw-r--r-- | manifests/subsystems/firewall/vserver.pp | 44 | ||||
| -rw-r--r-- | manifests/vserver.pp | 8 |
2 files changed, 51 insertions, 1 deletions
diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp index 843d24f..9bf0a21 100644 --- a/manifests/subsystems/firewall/vserver.pp +++ b/manifests/subsystems/firewall/vserver.pp @@ -277,3 +277,47 @@ define firewall::vserver::munin($destination, $port_orig, $port_dest = '', $orde order => $order, } } + +class firewall::vserver::dns($destination, $zone = 'vm') { + shorewall::rule { 'dns-route-1': + action => 'DNAT', + source => 'net', + destination => "$zone:$destination:53", + proto => 'tcp', + destinationport => '53', + ratelimit => '-', + order => '2000', + } + + shorewall::rule { 'dns-route-2': + action => 'DNAT', + source => '$FW', + destination => "fw:$destination:53", + proto => 'tcp', + destinationport => '53', + originaldest => "$ipaddress", + ratelimit => '-', + order => '2001', + } + + shorewall::rule { 'dns-route-1': + action => 'DNAT', + source => 'net', + destination => "$zone:$destination:53", + proto => 'udp', + destinationport => '53', + ratelimit => '-', + order => '2002', + } + + shorewall::rule { 'dns-route-2': + action => 'DNAT', + source => '$FW', + destination => "fw:$destination:53", + proto => 'udp', + destinationport => '53', + originaldest => "$ipaddress", + ratelimit => '-', + order => '2003', + } +} diff --git a/manifests/vserver.pp b/manifests/vserver.pp index 79b39bd..c7c7216 100644 --- a/manifests/vserver.pp +++ b/manifests/vserver.pp @@ -37,7 +37,7 @@ class nodo::vserver inherits nodo { define instance($context, $ensure = 'running', $proxy = false, $puppetmaster = false, $gitd = false, $mail = false, $icecast = false, $sound = false, $ticket = false, - $memory_limit = false, $distro = 'lenny') { + $memory_limit = false, $distro = 'lenny', $dns = false) { # set instance id if $context <= 9 { @@ -155,6 +155,12 @@ class nodo::vserver inherits nodo { "firewall::vserver::mail": destination => "192.168.0.$context"; } } + + if $dns { + class { + "firewall::vserver::dns": destination => "192.168.0.$context"; + } + } } } } |