From 9cc3e685f4cda15141738da03cf2601a2d00fe58 Mon Sep 17 00:00:00 2001
From: drebs <drebs@riseup.net>
Date: Wed, 11 Jan 2012 03:45:43 -0200
Subject: adding port 9030 for tor

---
 manifests/subsystems/firewall/vserver.pp | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp
index 623e6f1..e489a68 100644
--- a/manifests/subsystems/firewall/vserver.pp
+++ b/manifests/subsystems/firewall/vserver.pp
@@ -333,7 +333,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') {
 }
 
 class firewall::vserver::tor($destination, $zone = 'fw') {
-  shorewall::rule { 'tor-1':
+  shorewall::rule { 'tor-0':
     action          => 'DNAT',
     source          => 'net',
     destination     => "$zone:$destination:9001",
@@ -343,7 +343,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') {
     order           => '2100',
   }
 
-  shorewall::rule { 'tor-2':
+  shorewall::rule { 'tor-1':
     action          => 'DNAT',
     source          => '$FW',
     destination     => "$zone:$destination:9001",
@@ -352,5 +352,25 @@ class firewall::vserver::tor($destination, $zone = 'fw') {
     originaldest    => "$ipaddress",
     ratelimit       => '-',
     order           => '2101',
+
+  shorewall::rule { 'tor-2':
+    action          => 'DNAT',
+    source          => 'net',
+    destination     => "$zone:$destination:9030",
+    proto           => 'tcp',
+    destinationport => '9030',
+    ratelimit       => '-',
+    order           => '2102',
+  }
+
+  shorewall::rule { 'tor-3':
+    action          => 'DNAT',
+    source          => '$FW',
+    destination     => "$zone:$destination:9030",
+    proto           => 'tcp',
+    destinationport => '9030',
+    originaldest    => "$ipaddress",
+    ratelimit       => '-',
+    order           => '2103',
   }
 }
-- 
cgit v1.2.3