diff options
Diffstat (limited to 'manifests/subsystems/firewall/vserver.pp')
| -rw-r--r-- | manifests/subsystems/firewall/vserver.pp | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp index 843d24f..9bf0a21 100644 --- a/manifests/subsystems/firewall/vserver.pp +++ b/manifests/subsystems/firewall/vserver.pp @@ -277,3 +277,47 @@ define firewall::vserver::munin($destination, $port_orig, $port_dest = '', $orde order => $order, } } + +class firewall::vserver::dns($destination, $zone = 'vm') { + shorewall::rule { 'dns-route-1': + action => 'DNAT', + source => 'net', + destination => "$zone:$destination:53", + proto => 'tcp', + destinationport => '53', + ratelimit => '-', + order => '2000', + } + + shorewall::rule { 'dns-route-2': + action => 'DNAT', + source => '$FW', + destination => "fw:$destination:53", + proto => 'tcp', + destinationport => '53', + originaldest => "$ipaddress", + ratelimit => '-', + order => '2001', + } + + shorewall::rule { 'dns-route-1': + action => 'DNAT', + source => 'net', + destination => "$zone:$destination:53", + proto => 'udp', + destinationport => '53', + ratelimit => '-', + order => '2002', + } + + shorewall::rule { 'dns-route-2': + action => 'DNAT', + source => '$FW', + destination => "fw:$destination:53", + proto => 'udp', + destinationport => '53', + originaldest => "$ipaddress", + ratelimit => '-', + order => '2003', + } +} |