From f55afc23e67860eed23895f1731c38bf43a32702 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Tue, 13 Apr 2010 23:24:38 -0300
Subject: Adding firewall::wifi

---
 manifests/subsystems/firewall.pp | 46 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 45 insertions(+), 1 deletion(-)

(limited to 'manifests')

diff --git a/manifests/subsystems/firewall.pp b/manifests/subsystems/firewall.pp
index 765a59f..85849c2 100644
--- a/manifests/subsystems/firewall.pp
+++ b/manifests/subsystems/firewall.pp
@@ -58,7 +58,7 @@ class firewall {
   # Hosts
   #
   shorewall::host { "eth0-subnet":
-    name    =>  'eth0:192.168.0.0/24',
+    name    => 'eth0:192.168.0.0/24',
     zone    => 'vm',
     options => '',
     order   => '1',
@@ -237,3 +237,47 @@ class firewall {
     }
   }
 }
+
+class firewall::wifi {
+  $rfc1918 = $shorewall_dmz ? {
+    true    => true,
+    false   => false,
+    default => false,
+  }
+
+  $wifi_dev = $wifi_device {
+    ''      => 'ath0',
+    default => $wifi_device,
+  }
+
+  #
+  # Interfaces
+  #
+  shorewall::interface { "$wifi_dev":
+   zone    => '-',
+   rfc1918 => $rfc1918,
+  }
+
+  #
+  # Hosts
+  #
+  shorewall::host { "$wifi_dev-subnet":
+    name    => "$wifi_dev:192.168.0.0/24",
+    zone    => 'vm',
+    options => '',
+    order   => '1',
+  }
+
+  shorewall::host { "$wifi_dev":
+    name    => "$wifi_dev:0.0.0.0/0",
+    zone    => 'net',
+    options => '',
+    order   => '2',
+  }
+
+  shorewall::masq { "$wifi_dev":
+    interface => "$wifi_dev:!192.168.0.0/24",
+    source    => '192.168.0.0/24',
+    order     => '1',
+  }
+}
-- 
cgit v1.2.3