aboutsummaryrefslogtreecommitdiff
path: root/manifests/subsystems/firewall
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2011-08-18 22:07:47 -0300
committerSilvio Rhatto <rhatto@riseup.net>2011-08-18 22:07:47 -0300
commit410a3477dae7e378f2985b08dc0d686710b4bdab (patch)
treec59278319caa295c34670020891dd9c6707baeb2 /manifests/subsystems/firewall
parenta03c2c61e738944d3e00a7349a6b9801bdf13397 (diff)
downloadpuppet-nodo-410a3477dae7e378f2985b08dc0d686710b4bdab.tar.gz
puppet-nodo-410a3477dae7e378f2985b08dc0d686710b4bdab.tar.bz2
Adding parameter port_dest to firewall::router::hairpinning
Diffstat (limited to 'manifests/subsystems/firewall')
-rw-r--r--manifests/subsystems/firewall/router.pp8
1 files changed, 6 insertions, 2 deletions
diff --git a/manifests/subsystems/firewall/router.pp b/manifests/subsystems/firewall/router.pp
index 242abbf..a8d18c5 100644
--- a/manifests/subsystems/firewall/router.pp
+++ b/manifests/subsystems/firewall/router.pp
@@ -327,7 +327,8 @@ class firewall::router::torrent($destination, $zone = 'loc') {
define firewall::router::hairpinning($order = '5000', $proto = 'tcp', $port = 'www',
$external_ip = '$ETH0_IP', $interface = 'eth1',
$destination = '192.168.1.100', $source = 'eth1',
- $source_zone = 'loc', $dest_zone = 'loc') {
+ $source_zone = 'loc', $dest_zone = 'loc',
+ $port_dest = '') {
shorewall::masq { "routeback-$name":
interface => "$interface:$destination",
source => $source,
@@ -340,7 +341,10 @@ define firewall::router::hairpinning($order = '5000', $proto = 'tcp', $port = 'w
shorewall::rule { "routeback-$name":
action => 'DNAT',
source => $source_zone,
- destination => "$dest_zone:$destination",
+ destination => $port_dest ? {
+ '' => "$dest_zone:$destination",
+ default => "$dest_zone:$destination:$port_dest",
+ },
proto => $proto,
destinationport => $port,
ratelimit => '-',