From 7f7d3cab9c4b4fc1bdc3827e8ea4c680c73da48d Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Thu, 11 Aug 2011 14:37:32 -0300
Subject: Spliting firewall classes along files and separating rules for
 vservers and routers

---
 manifests/subsystems/firewall/printer.pp | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 manifests/subsystems/firewall/printer.pp

(limited to 'manifests/subsystems/firewall/printer.pp')

diff --git a/manifests/subsystems/firewall/printer.pp b/manifests/subsystems/firewall/printer.pp
new file mode 100644
index 0000000..194f281
--- /dev/null
+++ b/manifests/subsystems/firewall/printer.pp
@@ -0,0 +1,21 @@
+class firewall::printer {
+  shorewall::rule { "cups-tcp":
+    action          => 'ACCEPT',
+    source          => 'net',
+    destination     => '$FW',
+    proto           => 'tcp',
+    destinationport => "631",
+    ratelimit       => '-',
+    order           => "200",
+  }
+
+  shorewall::rule { "cups-udp":
+    action          => 'ACCEPT',
+    source          => 'net',
+    destination     => '$FW',
+    proto           => 'udp',
+    destinationport => "631",
+    ratelimit       => '-',
+    order           => "201",
+  }
+}
-- 
cgit v1.2.3