diff options
| -rw-r--r-- | manifests/init.pp | 4 | ||||
| -rw-r--r-- | manifests/shorewall.pp | 22 |
2 files changed, 26 insertions, 0 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index ef83b3e..ef73956 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -26,4 +26,8 @@ class resolvconf { mode => 444, content => template("resolvconf/resolvconf.erb") } + + if $use_shorewall { + include resolvconf::shorewall + } } diff --git a/manifests/shorewall.pp b/manifests/shorewall.pp new file mode 100644 index 0000000..114bda7 --- /dev/null +++ b/manifests/shorewall.pp @@ -0,0 +1,22 @@ +# manifests/shorewall.pp + +class resolvconf::shorewall { + include shorewall + + shorewall::rule { + 'me-net-tcp_dns': + source => '$FW', + destination => 'net', + proto => 'tcp', + destinationport => '53', + order => 250, + action => 'ACCEPT'; + 'me-net-udp_dns': + source => '$FW', + destination => 'net', + proto => 'udp', + destinationport => '53', + order => 251, + action => 'ACCEPT'; + } +} |