diff options
author | mh <mh@immerda.ch> | 2014-06-13 09:39:38 +0200 |
---|---|---|
committer | mh <mh@immerda.ch> | 2015-12-05 11:35:24 +0100 |
commit | d3784c34e285c7bb8c16ef0f957ec4bc4b908207 (patch) | |
tree | 12b4bc7372d3dd07b5acd43d47423454d393525d | |
parent | 6c8ff8ead1c8f1c2d37956886738e3d4f7fabd93 (diff) | |
download | puppet-shorewall-d3784c34e285c7bb8c16ef0f957ec4bc4b908207.tar.gz puppet-shorewall-d3784c34e285c7bb8c16ef0f957ec4bc4b908207.tar.bz2 |
there might be people who don't have a stun server
-rw-r--r-- | manifests/rules/jabberserver.pp | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/manifests/rules/jabberserver.pp b/manifests/rules/jabberserver.pp index 14666a0..0b10420 100644 --- a/manifests/rules/jabberserver.pp +++ b/manifests/rules/jabberserver.pp @@ -1,6 +1,8 @@ # open ports used by a jabberserver # in and outbound. -class shorewall::rules::jabberserver { +class shorewall::rules::jabberserver( + $open_stun = true, +) { shorewall::rule { 'net-me-tcp_jabber': source => 'net', @@ -9,13 +11,6 @@ class shorewall::rules::jabberserver { destinationport => '5222,5223,5269', order => 240, action => 'ACCEPT'; - 'net-me-udp_jabber_stun_server': - source => 'net', - destination => '$FW', - proto => 'udp', - destinationport => '3478', - order => 240, - action => 'ACCEPT'; 'me-net-tcp_jabber_s2s': source => '$FW', destination => 'net', @@ -25,4 +20,15 @@ class shorewall::rules::jabberserver { action => 'ACCEPT'; } + if $open_stun { + shorewall::rule { + 'net-me-udp_jabber_stun_server': + source => 'net', + destination => '$FW', + proto => 'udp', + destinationport => '3478', + order => 240, + action => 'ACCEPT'; + } + } } |