diff options
| -rw-r--r-- | manifests/subsystems/firewall.pp | 46 |
1 files changed, 45 insertions, 1 deletions
diff --git a/manifests/subsystems/firewall.pp b/manifests/subsystems/firewall.pp index 765a59f..85849c2 100644 --- a/manifests/subsystems/firewall.pp +++ b/manifests/subsystems/firewall.pp @@ -58,7 +58,7 @@ class firewall { # Hosts # shorewall::host { "eth0-subnet": - name => 'eth0:192.168.0.0/24', + name => 'eth0:192.168.0.0/24', zone => 'vm', options => '', order => '1', @@ -237,3 +237,47 @@ class firewall { } } } + +class firewall::wifi { + $rfc1918 = $shorewall_dmz ? { + true => true, + false => false, + default => false, + } + + $wifi_dev = $wifi_device { + '' => 'ath0', + default => $wifi_device, + } + + # + # Interfaces + # + shorewall::interface { "$wifi_dev": + zone => '-', + rfc1918 => $rfc1918, + } + + # + # Hosts + # + shorewall::host { "$wifi_dev-subnet": + name => "$wifi_dev:192.168.0.0/24", + zone => 'vm', + options => '', + order => '1', + } + + shorewall::host { "$wifi_dev": + name => "$wifi_dev:0.0.0.0/0", + zone => 'net', + options => '', + order => '2', + } + + shorewall::masq { "$wifi_dev": + interface => "$wifi_dev:!192.168.0.0/24", + source => '192.168.0.0/24', + order => '1', + } +} |