aboutsummaryrefslogtreecommitdiff
path: root/manifests/subsystems/firewall.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/subsystems/firewall.pp')
-rw-r--r--manifests/subsystems/firewall.pp49
1 files changed, 5 insertions, 44 deletions
diff --git a/manifests/subsystems/firewall.pp b/manifests/subsystems/firewall.pp
index 0e25e05..841757a 100644
--- a/manifests/subsystems/firewall.pp
+++ b/manifests/subsystems/firewall.pp
@@ -199,51 +199,12 @@ class firewall {
options => "default",
}
- #
- # DMZ Configuration
- #
if $shorewall_local_net {
- $shorewall_local_net_iface = $shorewall_local_net_iface ? {
- '' => 'eth0',
- default => $shorewall_local_net_iface,
- }
-
- $shorewall_local_net_network = $shorewall_local_net_network ? {
- '' => '192.168.1.0/24',
- default => $shorewall_local_net_network,
- }
-
- shorewall::host { "$shorewall_local_net_iface-loc":
- name => "$shorewall_local_net_iface:$shorewall_local_net_network",
- zone => 'loc',
- options => '',
- order => '3',
- }
-
- shorewall::policy { 'loc-all':
- sourcezone => 'loc',
- destinationzone => 'all',
- policy => 'ACCEPT',
- order => '5',
- }
-
- shorewall::policy { 'vm-loc':
- sourcezone => 'vm',
- destinationzone => 'loc',
- policy => 'ACCEPT',
- order => '6',
- }
-
- shorewall::policy { 'fw-loc':
- sourcezone => '$FW',
- destinationzone => 'loc',
- policy => 'ACCEPT',
- order => '7',
- }
-
- shorewall::zone { 'loc':
- type => 'ipv4',
- order => '4',
+ class { 'firewall::local':
+ network => $shorewall_local_net_network,
+ interface => $shorewall_local_net_iface,
+ manage_host => $shorewall_local_net_manage_host,
+ manage_interface => $shorewall_local_net_manage_iface,
}
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-04 18:01:59 +0000