aboutsummaryrefslogtreecommitdiff
path: root/manifests/subsystems/firewall
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2011-08-16 11:44:23 -0300
committerSilvio Rhatto <rhatto@riseup.net>2011-08-16 11:44:23 -0300
commita70ee90696bf5e1fa0e3cd7e54657987322088f3 (patch)
treeb65f1f513500aa6ed937afadfb621a9d86590656 /manifests/subsystems/firewall
parentef568946ba793b93b0f60810b04227f3c7542947 (diff)
downloadpuppet-nodo-a70ee90696bf5e1fa0e3cd7e54657987322088f3.tar.gz
puppet-nodo-a70ee90696bf5e1fa0e3cd7e54657987322088f3.tar.bz2
Adding source and zone parameters at firewall::router::hairpinning
Diffstat (limited to 'manifests/subsystems/firewall')
-rw-r--r--manifests/subsystems/firewall/router.pp9
1 files changed, 5 insertions, 4 deletions
diff --git a/manifests/subsystems/firewall/router.pp b/manifests/subsystems/firewall/router.pp
index e5563a0..cd18c32 100644
--- a/manifests/subsystems/firewall/router.pp
+++ b/manifests/subsystems/firewall/router.pp
@@ -326,10 +326,11 @@ class firewall::router::torrent($destination, $zone = 'loc') {
# See http://www.shorewall.net/FAQ.htm#faq2
define firewall::router::hairpinning($order = '200', $proto = 'tcp', $port = 'www',
$external_ip = '$ETH0_IP', $interface = 'eth1',
- $destination = '192.168.1.100') {
+ $destination = 'loc:192.168.1.100', $source = 'eth1',
+ $zone = 'loc') {
shorewall::masq { "routeback-$name":
interface => "$interface:$destination",
- source => $interface,
+ source => $source,
address => $external_ip,
proto => $proto,
port => $port,
@@ -338,8 +339,8 @@ define firewall::router::hairpinning($order = '200', $proto = 'tcp', $port = 'ww
shorewall::rule { "routeback-$name":
action => 'DNAT',
- source => 'loc',
- destination => "loc:$destination",
+ source => $zone,
+ destination => $destination,
proto => $proto,
destinationport => $port,
ratelimit => '-',