diff options
| -rw-r--r-- | README | 1 | ||||
| -rw-r--r-- | manifests/debian.pp | 3 | ||||
| -rw-r--r-- | templates/debian_default.erb (renamed from files/debian/default) | 6 |
3 files changed, 9 insertions, 1 deletions
@@ -21,6 +21,7 @@ Example Example from node.pp: node xy { + $shorewall_startup="0" # create shorewall ruleset but don't startup include config::site-shorewall shorewall::rule { 'incoming-ssh': source => 'all', destination => '$FW', action => 'SSH/ACCEPT', order => 200; diff --git a/manifests/debian.pp b/manifests/debian.pp index 2583d85..d2ba35d 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -1,6 +1,7 @@ class shorewall::debian inherits shorewall::base { file{'/etc/default/shorewall': - source => "puppet://$server/modules/shorewall/debian/default", + #source => "puppet://$server/modules/shorewall/debian/default", + content => template("shorewall/debian_default.erb"), require => Package['shorewall'], notify => Service['shorewall'], owner => root, group => 0, mode => 0644; diff --git a/files/debian/default b/templates/debian_default.erb index ba89cdc..1a76fd6 100644 --- a/files/debian/default +++ b/templates/debian_default.erb @@ -1,7 +1,13 @@ # prevent startup with default configuration # set the following varible to 1 in order to allow Shorewall to start +# This file is brought to you by puppet + +<% if (shorewall_startup == "0" ) -%> +startup=0 +<% else -%> startup=1 +<% end -%> # if your Shorewall configuration requires detection of the ip address of a ppp # interface, you must list such interfaces in "wait_interface" to get Shorewall to |