diff options
-rw-r--r-- | manifests/subsystems/firewall/router.pp | 3 | ||||
-rw-r--r-- | manifests/subsystems/firewall/vserver.pp | 4 |
2 files changed, 5 insertions, 2 deletions
diff --git a/manifests/subsystems/firewall/router.pp b/manifests/subsystems/firewall/router.pp index 19484c1..9092fbb 100644 --- a/manifests/subsystems/firewall/router.pp +++ b/manifests/subsystems/firewall/router.pp @@ -126,7 +126,7 @@ define firewall::router::ssh($destination, $port_orig = '22', $port_dest = '', $ } } -define firewall::router::munin($destination, $port_orig, $port_dest = '', $zone = 'loc') { +define firewall::router::munin($destination, $port_orig, $port_dest = '', $zone = 'loc', $order = '400') { shorewall::rule { "munin-$name": action => 'DNAT', source => 'all', @@ -137,6 +137,7 @@ define firewall::router::munin($destination, $port_orig, $port_dest = '', $zone proto => 'tcp', destinationport => "$port_orig", ratelimit => '-', + order => $order, } } diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp index 8b01d12..843d24f 100644 --- a/manifests/subsystems/firewall/vserver.pp +++ b/manifests/subsystems/firewall/vserver.pp @@ -249,7 +249,7 @@ define firewall::vserver::ssh($destination, $port_orig = '22', $port_dest = '', } } -define firewall::vserver::munin($destination, $port_orig, $port_dest = '') { +define firewall::vserver::munin($destination, $port_orig, $port_dest = '', $order = '400') { shorewall::rule { "munin-$name-1": action => 'DNAT', source => 'net', @@ -260,6 +260,7 @@ define firewall::vserver::munin($destination, $port_orig, $port_dest = '') { proto => 'tcp', destinationport => "$port_orig", ratelimit => '-', + order => $order, } shorewall::rule { "munin-$name-2": @@ -273,5 +274,6 @@ define firewall::vserver::munin($destination, $port_orig, $port_dest = '') { destinationport => "$port_orig", originaldest => "$ipaddress", ratelimit => '-', + order => $order, } } |