From 9d51aff4288516347a793d4ba802d7a669d2db5b Mon Sep 17 00:00:00 2001 From: intrigeri Date: Thu, 16 Jul 2015 12:34:54 +0000 Subject: shorewall::mangle: allow specifying the ACTION explicitly. Previously, it was using $name, which prevented adding multiple mangle rules that share a common ACTION, with different parameters. --- manifests/mangle.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/mangle.pp b/manifests/mangle.pp index e3fd1b3..cd404e7 100644 --- a/manifests/mangle.pp +++ b/manifests/mangle.pp @@ -1,6 +1,7 @@ define shorewall::mangle( $source, $destination, + $action = $name, $proto = '-', $destinationport = '-', $sourceport = '-', @@ -14,6 +15,6 @@ define shorewall::mangle( $order = '100' ){ shorewall::entry{"mangle-${order}-${name}": - line => "${name} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${user} ${test} ${length} ${tos} ${connbytes} ${helper} ${headers}" + line => "${action} ${source} ${destination} ${proto} ${destinationport} ${sourceport} ${user} ${test} ${length} ${tos} ${connbytes} ${helper} ${headers}" } } -- cgit v1.2.3 From 99a1b07bc1d35ebc90971357d4b6bee0e847dc84 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Thu, 16 Jul 2015 12:36:11 +0000 Subject: shorewall::rules::libvirt::host: adjust to changes in shorewall::mangle. That is, make the resource's title more unique by including the destination interface in it, and accordingly pass the desired action via the new, dedicated parameter. --- manifests/rules/libvirt/host.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/rules/libvirt/host.pp b/manifests/rules/libvirt/host.pp index c226865..dc3970d 100644 --- a/manifests/rules/libvirt/host.pp +++ b/manifests/rules/libvirt/host.pp @@ -52,7 +52,8 @@ class shorewall::rules::libvirt::host ( } if $accept_dhcp { - shorewall::mangle { 'CHECKSUM:T': + shorewall::mangle { "CHECKSUM:T_${vmz_iface}": + action => 'CHECKSUM:T', source => '-', destination => $vmz_iface, proto => 'udp', -- cgit v1.2.3