class firewall::local($network = '192.168.1.0/24', $interface = 'eth0', $manage_host = true, $manage_interface = false) { if $manage_host { shorewall::host { "$interface-loc": name => "$interface:$network", zone => 'loc', options => '', order => 3, } } if $manage_interface { shorewall::interface { "$interface": zone => 'loc', rfc1918 => true, dhcp => true, options => 'routeback', } } shorewall::policy { 'loc-all': sourcezone => 'loc', destinationzone => 'all', policy => 'ACCEPT', order => 5, } shorewall::policy { 'vm-loc': sourcezone => 'vm', destinationzone => 'loc', policy => 'ACCEPT', order => 6, } shorewall::policy { 'fw-loc': sourcezone => '$FW', destinationzone => 'loc', policy => 'ACCEPT', order => 7, } shorewall::zone { 'loc': type => 'ipv4', order => 4, } }