Support exempting some users from torification measures.

author: intrigeri <intrigeri@boum.org> 2012-01-07 06:09:54 +0100
committer: intrigeri <intrigeri@boum.org> 2012-11-11 23:11:49 +0100
commit: 6bc54f031b9ae12fe428c83e70733c8b2ff4c67a (patch)
tree: 6fa93a250d68067c079b2fb9c2feb29f81f61e37 /README
parent: 911cc18e594bb5a3ab642ebb24615a0447050c32 (diff)
download: puppet-shorewall-6bc54f031b9ae12fe428c83e70733c8b2ff4c67a.tar.gz
puppet-shorewall-6bc54f031b9ae12fe428c83e70733c8b2ff4c67a.tar.bz2
1 files changed, 4 insertions, 1 deletions
diff --git a/README b/README
index 648eaf7..c20227e 100644
--- a/README
+++ b/README
@@ -88,8 +88,11 @@ When no destination is provided traffic directed to RFC1918 addresses
 is by default allowed and (obviously) not torified. This behaviour can
 be changed by setting the allow_rfc1918 parameter to false.
 
-Torify any outgoing TCP traffic but connections to RFC1918 addresses:
+Torify any outgoing TCP traffic but
+  - connections to RFC1918 addresses
+  - connections from users bob and alice:
 
+  $non_torified_users = [ 'bob', 'alice' ]
   shorewall::rules::torify {
     'torify-everything-but-lan':
   }
author	intrigeri <intrigeri@boum.org>	2012-01-07 06:09:54 +0100
committer	intrigeri <intrigeri@boum.org>	2012-11-11 23:11:49 +0100
commit	6bc54f031b9ae12fe428c83e70733c8b2ff4c67a (patch)
tree	6fa93a250d68067c079b2fb9c2feb29f81f61e37 /README
parent	911cc18e594bb5a3ab642ebb24615a0447050c32 (diff)
download	puppet-shorewall-6bc54f031b9ae12fe428c83e70733c8b2ff4c67a.tar.gz puppet-shorewall-6bc54f031b9ae12fe428c83e70733c8b2ff4c67a.tar.bz2