moved some for better overview

git-svn-id: https://svn/ipuppet/trunk/modules/shorewall@817 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
author: mh <mh@d66ca3ae-40d7-4aa7-90d4-87d79ca94279> 2008-02-17 17:34:18 +0000
committer: mh <mh@d66ca3ae-40d7-4aa7-90d4-87d79ca94279> 2008-02-17 17:34:18 +0000
commit: 8c16d3cf95e74977287dbb2b5f28b308aa320451 (patch)
tree: 78231e7a4761cb13fdbf9f9d1ae42878246235f1
parent: d5e8304276808d5c89b337b66765133079eba952 (diff)
download: puppet-shorewall-8c16d3cf95e74977287dbb2b5f28b308aa320451.tar.gz
puppet-shorewall-8c16d3cf95e74977287dbb2b5f28b308aa320451.tar.bz2
2 files changed, 27 insertions, 9 deletions
diff --git a/files/shorewall.conf.Gentoo. b/files/shorewall.conf.Default
index 411d7dd..411d7dd 100644
--- a/files/shorewall.conf.Gentoo.
+++ b/files/shorewall.conf.Default
diff --git a/manifests/init.pp b/manifests/init.pp
index a766b23..0ec363b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -29,13 +29,29 @@ class shorewall {
         }
 
 
-	service { shorewall: ensure  => running, enable  => true, }
+	service { shorewall: 
+        ensure  => running, 
+        enable  => true, 
+        subscribe => [ 
+            Exec[concat_zones], 
+            Exec[concat_interfaces], 
+            Exec[concat_hosts], 
+            Exec[concat_policy], 
+            Exec[concat_rules], 
+            Exec[concat_masq], 
+            Exec[concat_proxyarp], 
+            Exec[concat_nat], 
+            Exec[concat_blacklist], 
+            Exec[concat_rfc1918], 
+            Exec[concat_routestopped], 
+        ],
+    }
 
 	file {
         	"/var/lib/puppet/modules/shorewall":
         		ensure => directory,
         		force => true,
-        		mode => 0755, owner => root, group => root;
+        		mode => 0755, owner => root, group => 0;
         }
 	
 	# private
@@ -46,7 +62,7 @@ class shorewall {
 			"${dir}":
 				ensure => directory,
 	                        force => true,
-       				mode => 0755, owner => root, group => root;
+       				mode => 0755, owner => root, group => 0;
 		}
 				
 		
@@ -57,11 +73,11 @@ class shorewall {
 		file {
 			"${dir}/000-header":
 				source => "puppet://$servername/shorewall/boilerplate/${name}.header",
-				mode => 0600, owner => root, group => root,
+				mode => 0600, owner => root, group => 0,
 				notify => Exec["concat_${dir}"];
 			"${dir}/999-footer":
 				source => "puppet://$servername/shorewall/boilerplate/${name}.footer",
-				mode => 0600, owner => root, group => root,
+				mode => 0600, owner => root, group => 0,
 				notify => Exec["concat_${dir}"];
 		}
 	}
@@ -72,19 +88,21 @@ class shorewall {
 		$dir = dirname($target)
 		file { $target:
 			content => "${line}\n",
-			mode => 0600, owner => root, group => root,
+			mode => 0600, owner => root, group => 0,
 			notify => Exec["concat_${dir}"],
 		}
 	}
 
 	# This file has to be managed in place, so shorewall can find it
 	file { "/etc/shorewall/shorewall.conf":
-		# use OS specific defaults, but use gentoo if no other is found
+		# use OS specific defaults, but use Default if no other is found
 		source => [
 			"puppet://$servername/shorewall/shorewall.conf.$operatingsystem.$lsbdistcodename",
 			"puppet://$servername/shorewall/shorewall.conf.$operatingsystem",
-			"puppet://$servername/shorewall/shorewall.conf.Gentoo." ],
-		mode => 0644, owner => root, group => root,
+			"puppet://$servername/shorewall/shorewall.conf.Default",
+            ],
+		mode => 0644, owner => root, group => 0,
+        notify => Service[shorewall],
 	}
 
 	# See http://www.shorewall.net/3.0/Documentation.htm#Zones
author	mh <mh@d66ca3ae-40d7-4aa7-90d4-87d79ca94279>	2008-02-17 17:34:18 +0000
committer	mh <mh@d66ca3ae-40d7-4aa7-90d4-87d79ca94279>	2008-02-17 17:34:18 +0000
commit	8c16d3cf95e74977287dbb2b5f28b308aa320451 (patch)
tree	78231e7a4761cb13fdbf9f9d1ae42878246235f1
parent	d5e8304276808d5c89b337b66765133079eba952 (diff)
download	puppet-shorewall-8c16d3cf95e74977287dbb2b5f28b308aa320451.tar.gz puppet-shorewall-8c16d3cf95e74977287dbb2b5f28b308aa320451.tar.bz2