diff options
| author | am <am@d66ca3ae-40d7-4aa7-90d4-87d79ca94279> | 2007-11-27 08:00:42 +0000 |
|---|---|---|
| committer | am <am@d66ca3ae-40d7-4aa7-90d4-87d79ca94279> | 2007-11-27 08:00:42 +0000 |
| commit | 1531b29d3452eb119c3a8ca26a48d4d0bcae9e76 (patch) | |
| tree | c3607745d4b9d628e2175f07a444e18c6eea52c7 | |
| parent | e11235214ba768a14c2a04293e352c7678e5f206 (diff) | |
| download | puppet-shorewall-1531b29d3452eb119c3a8ca26a48d4d0bcae9e76.tar.gz puppet-shorewall-1531b29d3452eb119c3a8ca26a48d4d0bcae9e76.tar.bz2 | |
*masq-source address wurde von "name" genomme: absolut verwirrend... korrektur: neue variable source + order
*richtige anwendung von SECTION am anfang von rule
git-svn-id: https://svn/ipuppet/trunk/modules/shorewall@118 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
| -rw-r--r-- | files/boilerplate/rules.header | 2 | ||||
| -rw-r--r-- | manifests/init.pp | 8 |
2 files changed, 6 insertions, 4 deletions
diff --git a/files/boilerplate/rules.header b/files/boilerplate/rules.header index e6b1973..7079719 100644 --- a/files/boilerplate/rules.header +++ b/files/boilerplate/rules.header @@ -8,4 +8,4 @@ ############################################################################################################# #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK # PORT PORT(S) DEST LIMIT GROUP -SECTION NEW +#SECTION NEW diff --git a/manifests/init.pp b/manifests/init.pp index 5cb3c5e..128e330 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -140,9 +140,11 @@ class shorewall { # See http://www.shorewall.net/3.0/Documentation.htm#Masq managed_file{ masq: } # mark is new in 3.4.4 - define masq($interface, $address, $proto = '-', $port = '-', $ipsec = '-', $mark = '') { - entry { "masq.d/${name}": - line => "${interface} ${name} ${address} ${proto} ${port} ${ipsec} ${mark}" + # source (= subnet) = Set of hosts that you wish to masquerade. + # address = If you specify an address here, SNAT will be used and this will be the source address. + define masq($interface, $source, $address = '-', $proto = '-', $port = '-', $ipsec = '-', $mark = '', $order='100' ) { + entry { "masq.d/${order}-${name}": + line => "${interface} ${source} ${address} ${proto} ${port} ${ipsec} ${mark}" } } |