manifests/role/router.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

class nodo::role::router inherits nodo::base::appliance {
  # We use monitor class on the router as the DNS server might by
  # inside a vserver and thus cannot access the network devices directly
  include nodo::utils::dns

  # Network auditing
  include nodo::utils::network::analyzer

  # Enable IP forwarding
  include firewall::forwarding

  # Make sure shorewall is reloaded after dhcp renew
  file { '/etc/dhcp/dhclient-exit-hooks.d/shorewall':
    ensure => present,
    owner  => root,
    group  => root,
    mode   => '0644',
    source => 'puppet:///modules/site_nodo/dhclient-exit-hooks.d/shorewall'
  }
}