diff options
| author | Micah <micah@riseup.net> | 2015-10-09 19:00:24 +0000 |
|---|---|---|
| committer | Micah <micah@riseup.net> | 2015-10-09 19:00:24 +0000 |
| commit | 40d8f49f21a2580db1c0f87dd93c76ede2c4a272 (patch) | |
| tree | dc90c263297f9539ced3f3e7c7ca7145c0fcf37f | |
| parent | d3b5fedd3191da12cea503074583f9a38e306580 (diff) | |
| parent | 99a1b07bc1d35ebc90971357d4b6bee0e847dc84 (diff) | |
| download | puppet-shorewall-40d8f49f21a2580db1c0f87dd93c76ede2c4a272.tar.gz puppet-shorewall-40d8f49f21a2580db1c0f87dd93c76ede2c4a272.tar.bz2 | |
Merge branch 'feature/mangle-support-multiple-rules-with-same-action' into 'master'
Feature/mangle support multiple rules with same action
This allows one to support multiple networks in libvirt.
See merge request !4
| -rw-r--r-- | manifests/mangle.pp | 3 | ||||
| -rw-r--r-- | manifests/rules/libvirt/host.pp | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/manifests/mangle.pp b/manifests/mangle.pp index e3fd1b3..cd404e7 100644 --- a/manifests/mangle.pp +++ b/manifests/mangle.pp @@ -1,6 +1,7 @@ define shorewall::mangle( $source, $destination, + $action = $name, $proto = '-', $destinationport = '-', $sourceport = '-', @@ -14,6 +15,6 @@ define shorewall::mangle( $order = '100' ){ shorewall::entry{"mangle-${order}-${name}": - line => "${name} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${user} ${test} ${length} ${tos} ${connbytes} ${helper} ${headers}" + line => "${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${user} ${test} ${length} ${tos} ${connbytes} ${helper} ${headers}" } } diff --git a/manifests/rules/libvirt/host.pp b/manifests/rules/libvirt/host.pp index c226865..dc3970d 100644 --- a/manifests/rules/libvirt/host.pp +++ b/manifests/rules/libvirt/host.pp @@ -52,7 +52,8 @@ class shorewall::rules::libvirt::host ( } if $accept_dhcp { - shorewall::mangle { 'CHECKSUM:T': + shorewall::mangle { "CHECKSUM:T_${vmz_iface}": + action => 'CHECKSUM:T', source => '-', destination => $vmz_iface, proto => 'udp', |