Changing firewall policies order

author: Silvio Rhatto <rhatto@riseup.net> 2010-07-15 16:03:36 -0300
committer: Silvio Rhatto <rhatto@riseup.net> 2010-07-15 16:03:36 -0300
commit: ca35aa47958d13c3fdeed2eda042c5ce1b8312e8 (patch)
tree: 31bf2aaa5f37f82276b8c07697341c1eebed3ae4 /manifests
parent: 2783597df63746981f09288519dde56d28d02843 (diff)
download: puppet-nodo-ca35aa47958d13c3fdeed2eda042c5ce1b8312e8.tar.gz
puppet-nodo-ca35aa47958d13c3fdeed2eda042c5ce1b8312e8.tar.bz2
1 files changed, 4 insertions, 4 deletions
diff --git a/manifests/subsystems/firewall.pp b/manifests/subsystems/firewall.pp
index 5985c13..75549ac 100644
--- a/manifests/subsystems/firewall.pp
+++ b/manifests/subsystems/firewall.pp
@@ -51,7 +51,7 @@ class firewall {
     sourcezone      => 'all',
     destinationzone => 'all',
     policy          => 'REJECT',
-    order           => '5',
+    order           => '90',
   }
 
   #
@@ -214,21 +214,21 @@ class firewall {
       sourcezone      => 'dmz',
       destinationzone => 'all',
       policy          => 'ACCEPT',
-      order           => '6',
+      order           => '5',
     }
   
     shorewall::policy { 'vm-dmz':
       sourcezone      => 'vm',
       destinationzone => 'dmz',
       policy          => 'ACCEPT',
-      order           => '7',
+      order           => '6',
     }
   
     shorewall::policy { 'fw-dmz':
       sourcezone      => '$FW',
       destinationzone => 'dmz',
       policy          => 'ACCEPT',
-      order           => '8',
+      order           => '7',
     }
   
     shorewall::zone { 'dmz':
author	Silvio Rhatto <rhatto@riseup.net>	2010-07-15 16:03:36 -0300
committer	Silvio Rhatto <rhatto@riseup.net>	2010-07-15 16:03:36 -0300
commit	ca35aa47958d13c3fdeed2eda042c5ce1b8312e8 (patch)
tree	31bf2aaa5f37f82276b8c07697341c1eebed3ae4 /manifests
parent	2783597df63746981f09288519dde56d28d02843 (diff)
download	puppet-nodo-ca35aa47958d13c3fdeed2eda042c5ce1b8312e8.tar.gz puppet-nodo-ca35aa47958d13c3fdeed2eda042c5ce1b8312e8.tar.bz2