aboutsummaryrefslogtreecommitdiff
path: root/manifests/rules/out
diff options
context:
space:
mode:
authorMicah <micah@riseup.net>2015-12-09 14:41:31 +0000
committerMicah <micah@riseup.net>2015-12-09 14:41:31 +0000
commitedd5db0159d5075609c545fb3ee10727a1cf5271 (patch)
treed6a923dd8aaeed28210272c1895d9f23d8b250d3 /manifests/rules/out
parent1cfb479d642bc106ea71596a49b3c152dcb2f64f (diff)
parent6bca4007a104cc7f1736613679b171f19a706685 (diff)
downloadpuppet-shorewall-edd5db0159d5075609c545fb3ee10727a1cf5271.tar.gz
puppet-shorewall-edd5db0159d5075609c545fb3ee10727a1cf5271.tar.bz2
Merge branch 'immerda_changes' into 'master' shared
Immerda changes See merge request !5
Diffstat (limited to 'manifests/rules/out')
-rw-r--r--manifests/rules/out/managesieve.pp30
-rw-r--r--manifests/rules/out/pyzor.pp12
-rw-r--r--manifests/rules/out/razor.pp12
3 files changed, 46 insertions, 8 deletions
diff --git a/manifests/rules/out/managesieve.pp b/manifests/rules/out/managesieve.pp
index b0e1c3d..c4147d4 100644
--- a/manifests/rules/out/managesieve.pp
+++ b/manifests/rules/out/managesieve.pp
@@ -1,11 +1,25 @@
-class shorewall::rules::out::managesieve {
+# manage outgoing traffic to managesieve
+class shorewall::rules::out::managesieve(
+ $legacy_port = false
+) {
+ shorewall::rule {
+ 'me-net-tcp_managesieve':
+ source => '$FW',
+ destination => 'net',
+ proto => 'tcp',
+ destinationport => '4190',
+ order => 260,
+ action => 'ACCEPT';
+ }
+ if $legacy_port {
shorewall::rule {
- 'me-net-tcp_managesieve':
- source => '$FW',
- destination => 'net',
- proto => 'tcp',
- destinationport => '2000',
- order => 260,
- action => 'ACCEPT';
+ 'me-net-tcp_managesieve_legacy':
+ source => '$FW',
+ destination => 'net',
+ proto => 'tcp',
+ destinationport => '2000',
+ order => 260,
+ action => 'ACCEPT';
}
+ }
}
diff --git a/manifests/rules/out/pyzor.pp b/manifests/rules/out/pyzor.pp
new file mode 100644
index 0000000..f4f5151
--- /dev/null
+++ b/manifests/rules/out/pyzor.pp
@@ -0,0 +1,12 @@
+# pyzor calls out on 24441
+# https://wiki.apache.org/spamassassin/NetTestFirewallIssues
+class shorewall::rules::out::pyzor {
+ shorewall::rule { 'me-net-udp_pyzor':
+ source => '$FW',
+ destination => 'net',
+ proto => 'udp',
+ destinationport => '24441',
+ order => 240,
+ action => 'ACCEPT';
+ }
+}
diff --git a/manifests/rules/out/razor.pp b/manifests/rules/out/razor.pp
new file mode 100644
index 0000000..1f8397c
--- /dev/null
+++ b/manifests/rules/out/razor.pp
@@ -0,0 +1,12 @@
+# razor calls out on 2703
+# https://wiki.apache.org/spamassassin/NetTestFirewallIssues
+class shorewall::rules::out::razor {
+ shorewall::rule { 'me-net-tcp_razor':
+ source => '$FW',
+ destination => 'net',
+ proto => 'tcp',
+ destinationport => '2703',
+ order => 240,
+ action => 'ACCEPT';
+ }
+}