aboutsummaryrefslogtreecommitdiff
path: root/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'manifests')
-rw-r--r--manifests/subsystems/firewall.pp34
1 files changed, 17 insertions, 17 deletions
diff --git a/manifests/subsystems/firewall.pp b/manifests/subsystems/firewall.pp
index ae0241e..4151d06 100644
--- a/manifests/subsystems/firewall.pp
+++ b/manifests/subsystems/firewall.pp
@@ -2,7 +2,7 @@
class firewall {
include shorewall
- $rfc1918 = $shorewall_dmz ? {
+ $rfc1918 = $shorewall_local_net ? {
true => true,
false => false,
default => false,
@@ -202,46 +202,46 @@ class firewall {
#
# DMZ Configuration
#
- if $shorewall_dmz {
- $shorewall_dmz_iface = $shorewall_dmz_iface ? {
+ if $shorewall_local_net {
+ $shorewall_local_net_iface = $shorewall_local_net_iface ? {
'' => 'eth0',
- default => $shorewall_dmz_iface,
+ default => $shorewall_local_net_iface,
}
- $shorewall_dmz_network = $shorewall_dmz_network ? {
+ $shorewall_local_net_network = $shorewall_local_net_network ? {
'' => '192.168.1.0/24',
- default => $shorewall_dmz_network,
+ default => $shorewall_local_net_network,
}
- shorewall::host { "$shorewall_dmz_iface-dmz":
- name => "$shorewall_dmz_iface:$shorewall_dmz_network",
- zone => 'dmz',
+ shorewall::host { "$shorewall_local_net_iface-loc":
+ name => "$shorewall_local_net_iface:$shorewall_local_net_network",
+ zone => 'loc',
options => '',
order => '3',
}
- shorewall::policy { 'dmz-all':
- sourcezone => 'dmz',
+ shorewall::policy { 'loc-all':
+ sourcezone => 'loc',
destinationzone => 'all',
policy => 'ACCEPT',
order => '5',
}
- shorewall::policy { 'vm-dmz':
+ shorewall::policy { 'vm-loc':
sourcezone => 'vm',
- destinationzone => 'dmz',
+ destinationzone => 'loc',
policy => 'ACCEPT',
order => '6',
}
- shorewall::policy { 'fw-dmz':
+ shorewall::policy { 'fw-loc':
sourcezone => '$FW',
- destinationzone => 'dmz',
+ destinationzone => 'loc',
policy => 'ACCEPT',
order => '7',
}
- shorewall::zone { 'dmz':
+ shorewall::zone { 'loc':
type => 'ipv4',
order => '4',
}
@@ -249,7 +249,7 @@ class firewall {
}
class firewall::wifi {
- $rfc1918 = $shorewall_dmz ? {
+ $rfc1918 = $shorewall_local_net ? {
true => true,
false => false,
default => false,