aboutsummaryrefslogtreecommitdiff
path: root/manifests/rules/out/ssh
diff options
context:
space:
mode:
authormh <mh@immerda.ch>2009-09-29 20:11:52 +0200
committerMicah Anderson <micah@riseup.net>2009-12-07 11:34:11 -0500
commitfb82fa42e3c61c6adce3da457d1a4e15208b0683 (patch)
treee4b142efacf41d039866f09d814020458d6bfe16 /manifests/rules/out/ssh
parent05dca56e4a139f273094a49dd2078b65ae474457 (diff)
downloadpuppet-shorewall-fb82fa42e3c61c6adce3da457d1a4e15208b0683.tar.gz
puppet-shorewall-fb82fa42e3c61c6adce3da457d1a4e15208b0683.tar.bz2
improve rule handling possiblities
they can now be set to absent as well introduce 2 outgoing ssh rules to either disable or remove the entry at all
Diffstat (limited to 'manifests/rules/out/ssh')
-rw-r--r--manifests/rules/out/ssh/disable.pp5
-rw-r--r--manifests/rules/out/ssh/remove.pp5
2 files changed, 10 insertions, 0 deletions
diff --git a/manifests/rules/out/ssh/disable.pp b/manifests/rules/out/ssh/disable.pp
new file mode 100644
index 0000000..223bf73
--- /dev/null
+++ b/manifests/rules/out/ssh/disable.pp
@@ -0,0 +1,5 @@
+class shorewall::rules::out::ssh::disable inherits shorewall::rules::out::ssh {
+ Shorewall::Rule['me-net-tcp_ssh']{
+ action => 'DROP',
+ }
+}
diff --git a/manifests/rules/out/ssh/remove.pp b/manifests/rules/out/ssh/remove.pp
new file mode 100644
index 0000000..bc0acf3
--- /dev/null
+++ b/manifests/rules/out/ssh/remove.pp
@@ -0,0 +1,5 @@
+class shorewall::rules::out::ssh::remove inherits shorewall::rules::out::ssh {
+ Shorewall::Rule['me-net-tcp_ssh']{
+ ensure => absent,
+ }
+}