diff options
| author | intrigeri <intrigeri@boum.org> | 2013-01-02 17:59:32 +0100 |
|---|---|---|
| committer | intrigeri <intrigeri@boum.org> | 2013-01-02 17:59:32 +0100 |
| commit | c725e8bfb1026f7d59ea1d825c8dfcee02952ee8 (patch) | |
| tree | 2273b3599781b0c1b56f0910a8aa8d9e2e9b6bec | |
| parent | 1a7d66e160077f625fd86d21b3566dcb489a0d54 (diff) | |
| parent | bcded0b6e2ed96e1f44058ba7e70a404a83c2c71 (diff) | |
| download | puppet-shorewall-c725e8bfb1026f7d59ea1d825c8dfcee02952ee8.tar.gz puppet-shorewall-c725e8bfb1026f7d59ea1d825c8dfcee02952ee8.tar.bz2 | |
Merge remote-tracking branch 'immerda/master'
| -rw-r--r-- | manifests/rules/ipsec.pp | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/manifests/rules/ipsec.pp b/manifests/rules/ipsec.pp index 3e9db55..82adff0 100644 --- a/manifests/rules/ipsec.pp +++ b/manifests/rules/ipsec.pp @@ -1,7 +1,9 @@ -class shorewall::rules::ipsec { +class shorewall::rules::ipsec( + $source = 'net' +) { shorewall::rule { 'net-me-ipsec-udp': - source => 'net', + source => $shorewall::rules::ipsec::source, destination => '$FW', proto => 'udp', destinationport => '500', @@ -9,20 +11,20 @@ class shorewall::rules::ipsec { action => 'ACCEPT'; 'me-net-ipsec-udp': source => '$FW', - destination => 'net', + destination => $shorewall::rules::ipsec::source, proto => 'udp', destinationport => '500', order => 240, action => 'ACCEPT'; 'net-me-ipsec': - source => 'net', + source => $shorewall::rules::ipsec::source, destination => '$FW', proto => 'esp', order => 240, action => 'ACCEPT'; 'me-net-ipsec': source => '$FW', - destination => 'net', + destination => $shorewall::rules::ipsec::source, proto => 'esp', order => 240, action => 'ACCEPT'; |