diff options
-rw-r--r-- | manifests/subsystems/firewall.pp | 20 | ||||
-rw-r--r-- | manifests/subsystems/firewall/local.pp | 10 | ||||
-rw-r--r-- | manifests/subsystems/firewall/openvpn.pp | 8 | ||||
-rw-r--r-- | manifests/subsystems/firewall/ppp.pp | 8 | ||||
-rw-r--r-- | manifests/subsystems/firewall/printer.pp | 4 | ||||
-rw-r--r-- | manifests/subsystems/firewall/router.pp | 56 | ||||
-rw-r--r-- | manifests/subsystems/firewall/torrent.pp | 4 | ||||
-rw-r--r-- | manifests/subsystems/firewall/ups.pp | 2 | ||||
-rw-r--r-- | manifests/subsystems/firewall/vserver.pp | 82 | ||||
-rw-r--r-- | manifests/subsystems/firewall/wifi.pp | 6 |
10 files changed, 100 insertions, 100 deletions
diff --git a/manifests/subsystems/firewall.pp b/manifests/subsystems/firewall.pp index 7547ea9..949a81d 100644 --- a/manifests/subsystems/firewall.pp +++ b/manifests/subsystems/firewall.pp @@ -23,35 +23,35 @@ class firewall { sourcezone => 'vm', destinationzone => 'net', policy => 'ACCEPT', - order => '1', + order => 1, } shorewall::policy { 'fw-net': sourcezone => '$FW', destinationzone => 'net', policy => 'ACCEPT', - order => '2', + order => 2, } shorewall::policy { 'fw-vm': sourcezone => '$FW', destinationzone => 'vm', policy => 'ACCEPT', - order => '3', + order => 3, } shorewall::policy { 'net-all': sourcezone => 'net', destinationzone => 'all', policy => 'DROP', - order => '4', + order => 4, } shorewall::policy { 'all-all': sourcezone => 'all', destinationzone => 'all', policy => 'REJECT', - order => '90', + order => 90, } # @@ -87,7 +87,7 @@ class firewall { proto => '-', destinationport => '-', ratelimit => '-', - order => '100', + order => 100, } shorewall::rule { 'ping': @@ -97,7 +97,7 @@ class firewall { proto => '-', destinationport => '-', ratelimit => '-', - order => '101', + order => 101, } shorewall::rule { 'http': @@ -107,7 +107,7 @@ class firewall { proto => '-', destinationport => '-', ratelimit => '-', - order => '102', + order => 102, } shorewall::rule { 'https': @@ -117,7 +117,7 @@ class firewall { proto => '-', destinationport => '-', ratelimit => "$firewall_ssl_ratelimit", - order => '103', + order => 103, } $munin_port = $node_munin_port ? { @@ -132,7 +132,7 @@ class firewall { proto => 'tcp', destinationport => "$munin_port", ratelimit => '-', - order => "104", + order => 104, } # diff --git a/manifests/subsystems/firewall/local.pp b/manifests/subsystems/firewall/local.pp index a9b40a9..d998b8e 100644 --- a/manifests/subsystems/firewall/local.pp +++ b/manifests/subsystems/firewall/local.pp @@ -5,7 +5,7 @@ class firewall::local($network = '192.168.1.0/24', $interface = 'eth0', $manage_ name => "$interface:$network", zone => 'loc', options => '', - order => '3', + order => 3, } } @@ -22,25 +22,25 @@ class firewall::local($network = '192.168.1.0/24', $interface = 'eth0', $manage_ sourcezone => 'loc', destinationzone => 'all', policy => 'ACCEPT', - order => '5', + order => 5, } shorewall::policy { 'vm-loc': sourcezone => 'vm', destinationzone => 'loc', policy => 'ACCEPT', - order => '6', + order => 6, } shorewall::policy { 'fw-loc': sourcezone => '$FW', destinationzone => 'loc', policy => 'ACCEPT', - order => '7', + order => 7, } shorewall::zone { 'loc': type => 'ipv4', - order => '4', + order => 4, } } diff --git a/manifests/subsystems/firewall/openvpn.pp b/manifests/subsystems/firewall/openvpn.pp index f5e8c94..2d3e6d1 100644 --- a/manifests/subsystems/firewall/openvpn.pp +++ b/manifests/subsystems/firewall/openvpn.pp @@ -1,7 +1,7 @@ class firewall::openvpn { shorewall::zone { 'vpn': type => 'ipv4', - order => '4', + order => 4, } shorewall::interface { 'tun0': @@ -12,21 +12,21 @@ class firewall::openvpn { sourcezone => 'loc', destinationzone => 'vpn', policy => 'ACCEPT', - order => '20', + order => 20, } shorewall::policy { 'vpn-loc': sourcezone => 'vpn', destinationzone => 'loc', policy => 'ACCEPT', - order => '21', + order => 21, } shorewall::policy { 'fw-vpn': sourcezone => '$FW', destinationzone => 'vpn', policy => 'ACCEPT', - order => '22', + order => 22, } shorewall::tunnel { 'openvpn': diff --git a/manifests/subsystems/firewall/ppp.pp b/manifests/subsystems/firewall/ppp.pp index f646519..3082e92 100644 --- a/manifests/subsystems/firewall/ppp.pp +++ b/manifests/subsystems/firewall/ppp.pp @@ -1,7 +1,7 @@ class firewall::ppp { shorewall::zone { 'ppp': type => 'ipv4', - order => '4', + order => 4, } shorewall::interface { 'ppp0': @@ -12,20 +12,20 @@ class firewall::ppp { sourcezone => 'loc', destinationzone => 'ppp', policy => 'ACCEPT', - order => '30', + order => 30, } shorewall::policy { 'ppp-loc': sourcezone => 'ppp', destinationzone => 'loc', policy => 'ACCEPT', - order => '31', + order => 31, } shorewall::policy { 'fw-ppp': sourcezone => '$FW', destinationzone => 'ppp', policy => 'ACCEPT', - order => '32', + order => 32, } } diff --git a/manifests/subsystems/firewall/printer.pp b/manifests/subsystems/firewall/printer.pp index 194f281..b44f65a 100644 --- a/manifests/subsystems/firewall/printer.pp +++ b/manifests/subsystems/firewall/printer.pp @@ -6,7 +6,7 @@ class firewall::printer { proto => 'tcp', destinationport => "631", ratelimit => '-', - order => "200", + order => 200, } shorewall::rule { "cups-udp": @@ -16,6 +16,6 @@ class firewall::printer { proto => 'udp', destinationport => "631", ratelimit => '-', - order => "201", + order => 201, } } diff --git a/manifests/subsystems/firewall/router.pp b/manifests/subsystems/firewall/router.pp index 29d43a5..7fa2db3 100644 --- a/manifests/subsystems/firewall/router.pp +++ b/manifests/subsystems/firewall/router.pp @@ -6,7 +6,7 @@ class firewall::router::http($destination, $zone = 'loc', $originaldest = $ipadd proto => 'tcp', destinationport => '80', ratelimit => '-', - order => '600', + order => 600, } shorewall::rule { 'http-route-2': @@ -17,7 +17,7 @@ class firewall::router::http($destination, $zone = 'loc', $originaldest = $ipadd destinationport => '80', originaldest => "$originaldest", ratelimit => '-', - order => '601', + order => 601, } } @@ -29,7 +29,7 @@ class firewall::router::https($destination, $zone = 'loc', $originaldest = $ipad proto => 'tcp', destinationport => '443', ratelimit => '-', - order => '602', + order => 602, } shorewall::rule { 'https-route-2': @@ -40,7 +40,7 @@ class firewall::router::https($destination, $zone = 'loc', $originaldest = $ipad destinationport => '443', originaldest => "$originaldest", ratelimit => '-', - order => '602', + order => 602, } } @@ -54,7 +54,7 @@ class firewall::router::puppetmaster($destination, $puppetmaster_port = '8140', proto => 'tcp', destinationport => "$puppetmaster_port", ratelimit => '-', - order => '700', + order => 700, } shorewall::rule { 'puppetmaster-2': @@ -64,7 +64,7 @@ class firewall::router::puppetmaster($destination, $puppetmaster_port = '8140', proto => 'udp', destinationport => "$puppetmaster_port", ratelimit => '-', - order => '701', + order => 701, } shorewall::rule { 'puppetmaster-3': @@ -75,7 +75,7 @@ class firewall::router::puppetmaster($destination, $puppetmaster_port = '8140', destinationport => "$puppetmaster_port", originaldest => "$originaldest", ratelimit => '-', - order => '702', + order => 702, } shorewall::rule { 'puppetmaster-4': @@ -86,7 +86,7 @@ class firewall::router::puppetmaster($destination, $puppetmaster_port = '8140', destinationport => "$puppetmaster_port", originaldest => "$originaldest", ratelimit => '-', - order => '703', + order => 703, } shorewall::rule { 'puppetmaster-5': @@ -96,7 +96,7 @@ class firewall::router::puppetmaster($destination, $puppetmaster_port = '8140', proto => 'tcp', destinationport => "$puppetmaster_nonssl_port", ratelimit => '-', - order => '704', + order => 704, } shorewall::rule { 'puppetmaster-6': @@ -106,7 +106,7 @@ class firewall::router::puppetmaster($destination, $puppetmaster_port = '8140', proto => 'udp', destinationport => "$puppetmaster_nonssl_port", ratelimit => '-', - order => '705', + order => 705, } shorewall::rule { 'puppetmaster-7': @@ -117,7 +117,7 @@ class firewall::router::puppetmaster($destination, $puppetmaster_port = '8140', destinationport => "$puppetmaster_nonssl_port", originaldest => "$originaldest", ratelimit => '-', - order => '706', + order => 706, } shorewall::rule { 'puppetmaster-8': @@ -128,7 +128,7 @@ class firewall::router::puppetmaster($destination, $puppetmaster_port = '8140', destinationport => "$puppetmaster_nonssl_port", originaldest => "$originaldest", ratelimit => '-', - order => '707', + order => 707, } } @@ -140,7 +140,7 @@ class firewall::router::gitd($destination, $zone = 'loc', $originaldest = $ipadd proto => 'tcp', destinationport => '9418', ratelimit => '-', - order => '800', + order => 800, } shorewall::rule { 'git-daemon-2': @@ -151,7 +151,7 @@ class firewall::router::gitd($destination, $zone = 'loc', $originaldest = $ipadd destinationport => '9418', originaldest => "$originaldest", ratelimit => '-', - order => '801', + order => 801, } } @@ -163,7 +163,7 @@ class firewall::router::icecast($destination, $zone = 'loc', $originaldest = $ip proto => 'tcp', destinationport => '8000', ratelimit => '-', - order => '900', + order => 900, } shorewall::rule { 'icecast-2': @@ -174,7 +174,7 @@ class firewall::router::icecast($destination, $zone = 'loc', $originaldest = $ip destinationport => '8000', originaldest => "$originaldest", ratelimit => '-', - order => '901', + order => 901, } } @@ -186,7 +186,7 @@ class firewall::router::mail($destination, $zone = 'loc', $originaldest = $ipadd proto => 'tcp', destinationport => '25', ratelimit => '-', - order => '1000', + order => 1000, } shorewall::rule { 'mail-2': @@ -197,7 +197,7 @@ class firewall::router::mail($destination, $zone = 'loc', $originaldest = $ipadd destinationport => '25', originaldest => "$originaldest", ratelimit => '-', - order => '1001', + order => 1001, } shorewall::rule { 'mail-3': @@ -207,7 +207,7 @@ class firewall::router::mail($destination, $zone = 'loc', $originaldest = $ipadd proto => 'tcp', destinationport => '993', ratelimit => '-', - order => '1002', + order => 1002, } shorewall::rule { 'mail-4': @@ -218,7 +218,7 @@ class firewall::router::mail($destination, $zone = 'loc', $originaldest = $ipadd destinationport => '993', originaldest => "$originaldest", ratelimit => '-', - order => '1003', + order => 1003, } shorewall::rule { 'mail-5': @@ -228,7 +228,7 @@ class firewall::router::mail($destination, $zone = 'loc', $originaldest = $ipadd proto => 'tcp', destinationport => '587', ratelimit => '-', - order => '1004', + order => 1004, } shorewall::rule { 'mail-6': @@ -239,7 +239,7 @@ class firewall::router::mail($destination, $zone = 'loc', $originaldest = $ipadd destinationport => '587', originaldest => "$originaldest", ratelimit => '-', - order => '1005', + order => 1005, } } @@ -311,7 +311,7 @@ class firewall::router::torrent($destination, $zone = 'loc', $originaldest = $ip proto => 'tcp', destinationport => "6881:6999", ratelimit => '-', - order => "200", + order => 200, } shorewall::rule { "torrent-tcp-2": @@ -322,7 +322,7 @@ class firewall::router::torrent($destination, $zone = 'loc', $originaldest = $ip destinationport => "6881:6999", originaldest => "$originaldest", ratelimit => '-', - order => "200", + order => 200, } shorewall::rule { "torrent-udp-1": @@ -332,7 +332,7 @@ class firewall::router::torrent($destination, $zone = 'loc', $originaldest = $ip proto => 'udp', destinationport => "6881:6999", ratelimit => '-', - order => "201", + order => 201, } shorewall::rule { "torrent-udp-2": @@ -343,7 +343,7 @@ class firewall::router::torrent($destination, $zone = 'loc', $originaldest = $ip destinationport => "6881:6999", originaldest => "$originaldest", ratelimit => '-', - order => "201", + order => 201, } } @@ -355,7 +355,7 @@ class firewall::router::gobby($destination, $zone = 'loc', $originaldest = $ipad proto => 'tcp', destinationport => '6523', ratelimit => '-', - order => '600', + order => 600, } shorewall::rule { 'gobby-route-2': @@ -366,7 +366,7 @@ class firewall::router::gobby($destination, $zone = 'loc', $originaldest = $ipad destinationport => '6523', originaldest => "$originaldest", ratelimit => '-', - order => '601', + order => 601, } } diff --git a/manifests/subsystems/firewall/torrent.pp b/manifests/subsystems/firewall/torrent.pp index 954c71f..2dc8451 100644 --- a/manifests/subsystems/firewall/torrent.pp +++ b/manifests/subsystems/firewall/torrent.pp @@ -6,7 +6,7 @@ class firewall::torrent { proto => 'tcp', destinationport => "6881:6999", ratelimit => '-', - order => "200", + order => 200, } shorewall::rule { "torrent-udp": @@ -16,6 +16,6 @@ class firewall::torrent { proto => 'udp', destinationport => "6881:6999", ratelimit => '-', - order => "201", + order => 201, } } diff --git a/manifests/subsystems/firewall/ups.pp b/manifests/subsystems/firewall/ups.pp index c559739..042fcdc 100644 --- a/manifests/subsystems/firewall/ups.pp +++ b/manifests/subsystems/firewall/ups.pp @@ -6,6 +6,6 @@ class firewall::ups { proto => 'tcp', destinationport => "3551", ratelimit => '-', - order => "200", + order => 200, } } diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp index 4415952..a83b608 100644 --- a/manifests/subsystems/firewall/vserver.pp +++ b/manifests/subsystems/firewall/vserver.pp @@ -6,7 +6,7 @@ class firewall::vserver::http($destination, $zone = 'vm') { proto => 'tcp', destinationport => '80', ratelimit => '-', - order => '600', + order => 600, } shorewall::rule { 'http-route-2': @@ -17,7 +17,7 @@ class firewall::vserver::http($destination, $zone = 'vm') { destinationport => '80', originaldest => "$ipaddress", ratelimit => '-', - order => '601', + order => 601, } } @@ -29,7 +29,7 @@ class firewall::vserver::https($destination, $zone = 'vm') { proto => 'tcp', destinationport => '443', ratelimit => "$firewall_ssl_ratelimit", - order => '602', + order => 602, } shorewall::rule { 'https-route-2': @@ -40,7 +40,7 @@ class firewall::vserver::https($destination, $zone = 'vm') { destinationport => '443', originaldest => "$ipaddress", ratelimit => "$firewall_ssl_ratelimit", - order => '602', + order => 602, } } @@ -52,7 +52,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', proto => 'tcp', destinationport => "$puppetmaster_port", ratelimit => "$firewall_ssl_ratelimit", - order => '700', + order => 700, } shorewall::rule { 'puppetmaster-2': @@ -62,7 +62,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', proto => 'udp', destinationport => "$puppetmaster_port", ratelimit => "$firewall_ssl_ratelimit", - order => '701', + order => 701, } shorewall::rule { 'puppetmaster-3': @@ -73,7 +73,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', destinationport => "$puppetmaster_port", originaldest => "$ipaddress", ratelimit => "$firewall_ssl_ratelimit", - order => '702', + order => 702, } shorewall::rule { 'puppetmaster-4': @@ -84,7 +84,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', destinationport => "$puppetmaster_port", originaldest => "$ipaddress", ratelimit => "$firewall_ssl_ratelimit", - order => '703', + order => 703, } shorewall::rule { 'puppetmaster-5': @@ -94,7 +94,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', proto => 'tcp', destinationport => "$puppetmaster_nonssl_port", ratelimit => '-', - order => '704', + order => 704, } shorewall::rule { 'puppetmaster-6': @@ -104,7 +104,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', proto => 'udp', destinationport => "$puppetmaster_nonssl_port", ratelimit => '-', - order => '705', + order => 705, } shorewall::rule { 'puppetmaster-7': @@ -115,7 +115,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', destinationport => "$puppetmaster_nonssl_port", originaldest => "$ipaddress", ratelimit => '-', - order => '706', + order => 706, } shorewall::rule { 'puppetmaster-8': @@ -126,7 +126,7 @@ class firewall::vserver::puppetmaster($destination, $puppetmaster_port = '8140', destinationport => "$puppetmaster_nonssl_port", originaldest => "$ipaddress", ratelimit => '-', - order => '707', + order => 707, } } @@ -138,7 +138,7 @@ class firewall::vserver::gitd($destination, $zone = 'fw') { proto => 'tcp', destinationport => '9418', ratelimit => '-', - order => '800', + order => 800, } shorewall::rule { 'git-daemon-2': @@ -149,7 +149,7 @@ class firewall::vserver::gitd($destination, $zone = 'fw') { destinationport => '9418', originaldest => "$ipaddress", ratelimit => '-', - order => '801', + order => 801, } } @@ -161,7 +161,7 @@ class firewall::vserver::icecast($destination, $zone = 'fw') { proto => 'tcp', destinationport => '8000', ratelimit => '-', - order => '900', + order => 900, } shorewall::rule { 'icecast-2': @@ -172,7 +172,7 @@ class firewall::vserver::icecast($destination, $zone = 'fw') { destinationport => '8000', originaldest => "$ipaddress", ratelimit => '-', - order => '901', + order => 901, } } @@ -184,7 +184,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { proto => 'tcp', destinationport => '25', ratelimit => '-', - order => '1000', + order => 1000, } shorewall::rule { 'mail-2': @@ -195,7 +195,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { destinationport => '25', originaldest => "$ipaddress", ratelimit => '-', - order => '1001', + order => 1001, } shorewall::rule { 'mail-3': @@ -205,7 +205,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { proto => 'tcp', destinationport => '993', ratelimit => "$firewall_ssl_ratelimit", - order => '1002', + order => 1002, } shorewall::rule { 'mail-4': @@ -216,7 +216,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { destinationport => '993', originaldest => "$ipaddress", ratelimit => "$firewall_ssl_ratelimit", - order => '1003', + order => 1003, } shorewall::rule { 'mail-5': @@ -226,7 +226,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { proto => 'tcp', destinationport => '587', ratelimit => "$firewall_ssl_ratelimit", - order => '1004', + order => 1004, } shorewall::rule { 'mail-6': @@ -237,7 +237,7 @@ class firewall::vserver::mail($destination, $zone = 'fw') { destinationport => '587', originaldest => "$ipaddress", ratelimit => "$firewall_ssl_ratelimit", - order => '1005', + order => 1005, } } @@ -307,7 +307,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') { proto => '-', destinationport => '-', ratelimit => '-', - order => '2000', + order => 2000, } shorewall::rule { 'dns-route-1': @@ -317,7 +317,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') { proto => 'tcp', destinationport => '53', ratelimit => '-', - order => '2001', + order => 2001, } shorewall::rule { 'dns-route-2': @@ -328,7 +328,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') { destinationport => '53', originaldest => "$ipaddress", ratelimit => '-', - order => '2002', + order => 2002, } shorewall::rule { 'dns-route-3': @@ -338,7 +338,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') { proto => 'udp', destinationport => '53', ratelimit => '-', - order => '2003', + order => 2003, } shorewall::rule { 'dns-route-4': @@ -349,7 +349,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') { destinationport => '53', originaldest => "$ipaddress", ratelimit => '-', - order => '2004', + order => 2004, } } @@ -361,7 +361,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') { proto => 'tcp', destinationport => '9001', ratelimit => '-', - order => '2100', + order => 2100, } shorewall::rule { 'tor-1': @@ -372,7 +372,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') { destinationport => '9001', originaldest => "$ipaddress", ratelimit => '-', - order => '2101', + order => 2101, } shorewall::rule { 'tor-2': @@ -382,7 +382,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') { proto => 'tcp', destinationport => '9030', ratelimit => '-', - order => '2102', + order => 2102, } shorewall::rule { 'tor-3': @@ -393,7 +393,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') { destinationport => '9030', originaldest => "$ipaddress", ratelimit => '-', - order => '2103', + order => 2103, } } @@ -405,7 +405,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') { proto => 'tcp', destinationport => '5222', ratelimit => '-', - order => '2200', + order => 2200, } shorewall::rule { 'jabber-1': @@ -416,7 +416,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') { destinationport => '5223', originaldest => "$ipaddress", ratelimit => '-', - order => '2201', + order => 2201, } shorewall::rule { 'jabber-2': @@ -426,7 +426,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') { proto => 'tcp', destinationport => '5269', ratelimit => '-', - order => '2202', + order => 2202, } shorewall::rule { 'jabber-3': @@ -437,7 +437,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') { destinationport => '4369', originaldest => "$ipaddress", ratelimit => '-', - order => '2203', + order => 2203, } shorewall::rule { 'jabber-4': @@ -448,7 +448,7 @@ class firewall::vserver::jabber($destination, $zone = 'fw') { destinationport => '4370:4375', originaldest => "$ipaddress", ratelimit => '-', - order => '2204', + order => 2204, } } @@ -460,7 +460,7 @@ class firewall::vserver::mumble($destination, $zone = 'fw') { proto => 'tcp', destinationport => '64738', ratelimit => '-', - order => '2300', + order => 2300, } shorewall::rule { 'mumble-1': @@ -471,7 +471,7 @@ class firewall::vserver::mumble($destination, $zone = 'fw') { destinationport => '64738', originaldest => "$ipaddress", ratelimit => '-', - order => '2301', + order => 2301, } } @@ -483,7 +483,7 @@ class firewall::vserver::gobby($destination, $zone = 'fw') { proto => 'tcp', destinationport => '6523', ratelimit => '-', - order => '2400', + order => 2400, } } @@ -495,7 +495,7 @@ class firewall::vserver::yacy($destination, $zone = 'fw') { proto => 'tcp', destinationport => '8090', ratelimit => '-', - order => '2500', + order => 2500, } } @@ -507,6 +507,6 @@ class firewall::vserver::rsync($destination, $zone = 'fw') { proto => 'tcp', destinationport => '873', ratelimit => '-', - order => '2600', + order => 2600, } } diff --git a/manifests/subsystems/firewall/wifi.pp b/manifests/subsystems/firewall/wifi.pp index d59ce50..161d402 100644 --- a/manifests/subsystems/firewall/wifi.pp +++ b/manifests/subsystems/firewall/wifi.pp @@ -32,19 +32,19 @@ class firewall::wifi { name => "$wifi_dev:192.168.0.0/24", zone => 'vm', options => '', - order => '1', + order => 1, } shorewall::host { "$wifi_dev": name => "$wifi_dev:0.0.0.0/0", zone => 'net', options => '', - order => '2', + order => 2, } shorewall::masq { "$wifi_dev": interface => "$wifi_dev:!192.168.0.0/24", source => '192.168.0.0/24', - order => '1', + order => 1, } } |