aboutsummaryrefslogtreecommitdiff
path: root/manifests/subsystems/firewall
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2011-08-11 17:45:29 -0300
committerSilvio Rhatto <rhatto@riseup.net>2011-08-11 17:45:29 -0300
commit675748b6984599298155c284fad4a8ec8a280a65 (patch)
treebe48dba4c5e89815ff2e4f61e8616cb6e78bc843 /manifests/subsystems/firewall
parent39b71f1b7e6ea7647eb855149c962d766af51fbf (diff)
downloadpuppet-nodo-675748b6984599298155c284fad4a8ec8a280a65.tar.gz
puppet-nodo-675748b6984599298155c284fad4a8ec8a280a65.tar.bz2
Adding back order at munin rules
Diffstat (limited to 'manifests/subsystems/firewall')
-rw-r--r--manifests/subsystems/firewall/router.pp3
-rw-r--r--manifests/subsystems/firewall/vserver.pp4
2 files changed, 5 insertions, 2 deletions
diff --git a/manifests/subsystems/firewall/router.pp b/manifests/subsystems/firewall/router.pp
index 19484c1..9092fbb 100644
--- a/manifests/subsystems/firewall/router.pp
+++ b/manifests/subsystems/firewall/router.pp
@@ -126,7 +126,7 @@ define firewall::router::ssh($destination, $port_orig = '22', $port_dest = '', $
}
}
-define firewall::router::munin($destination, $port_orig, $port_dest = '', $zone = 'loc') {
+define firewall::router::munin($destination, $port_orig, $port_dest = '', $zone = 'loc', $order = '400') {
shorewall::rule { "munin-$name":
action => 'DNAT',
source => 'all',
@@ -137,6 +137,7 @@ define firewall::router::munin($destination, $port_orig, $port_dest = '', $zone
proto => 'tcp',
destinationport => "$port_orig",
ratelimit => '-',
+ order => $order,
}
}
diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp
index 8b01d12..843d24f 100644
--- a/manifests/subsystems/firewall/vserver.pp
+++ b/manifests/subsystems/firewall/vserver.pp
@@ -249,7 +249,7 @@ define firewall::vserver::ssh($destination, $port_orig = '22', $port_dest = '',
}
}
-define firewall::vserver::munin($destination, $port_orig, $port_dest = '') {
+define firewall::vserver::munin($destination, $port_orig, $port_dest = '', $order = '400') {
shorewall::rule { "munin-$name-1":
action => 'DNAT',
source => 'net',
@@ -260,6 +260,7 @@ define firewall::vserver::munin($destination, $port_orig, $port_dest = '') {
proto => 'tcp',
destinationport => "$port_orig",
ratelimit => '-',
+ order => $order,
}
shorewall::rule { "munin-$name-2":
@@ -273,5 +274,6 @@ define firewall::vserver::munin($destination, $port_orig, $port_dest = '') {
destinationport => "$port_orig",
originaldest => "$ipaddress",
ratelimit => '-',
+ order => $order,
}
}