From b28f0465ddf70fe5f35725a5b8ae3b38737eb5c5 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Mon, 28 Sep 2009 23:15:40 +0200
Subject: use the more generall http term for rules for apache

---
 manifests/rules/apache.pp       | 10 ----------
 manifests/rules/apache/ssl.pp   | 10 ----------
 manifests/rules/http.pp         | 10 ++++++++++
 manifests/rules/http/disable.pp |  5 +++++
 manifests/rules/https.pp        | 10 ++++++++++
 5 files changed, 25 insertions(+), 20 deletions(-)
 delete mode 100644 manifests/rules/apache.pp
 delete mode 100644 manifests/rules/apache/ssl.pp
 create mode 100644 manifests/rules/http.pp
 create mode 100644 manifests/rules/http/disable.pp
 create mode 100644 manifests/rules/https.pp

diff --git a/manifests/rules/apache.pp b/manifests/rules/apache.pp
deleted file mode 100644
index ca3f7d1..0000000
--- a/manifests/rules/apache.pp
+++ /dev/null
@@ -1,10 +0,0 @@
-class shorewall::rules::apache {
-    shorewall::rule { 'net-me-http-tcp':
-        source          => 'net',
-        destination     => '$FW',
-        proto           => 'tcp',
-        destinationport => '80',
-        order           => 240,
-        action          => 'ACCEPT';
-    }
-}
diff --git a/manifests/rules/apache/ssl.pp b/manifests/rules/apache/ssl.pp
deleted file mode 100644
index d27c980..0000000
--- a/manifests/rules/apache/ssl.pp
+++ /dev/null
@@ -1,10 +0,0 @@
-class shorewall::rules::apache::ssl {
-    shorewall::rule { 'net-me-https-tcp':
-        source          => 'net',
-        destination     => '$FW',
-        proto           => 'tcp',
-        destinationport => '443',
-        order           => 240,
-        action          => 'ACCEPT';
-    }
-}
diff --git a/manifests/rules/http.pp b/manifests/rules/http.pp
new file mode 100644
index 0000000..e6a9bde
--- /dev/null
+++ b/manifests/rules/http.pp
@@ -0,0 +1,10 @@
+class shorewall::rules::http {
+    shorewall::rule { 'net-me-http-tcp':
+        source          => 'net',
+        destination     => '$FW',
+        proto           => 'tcp',
+        destinationport => '80',
+        order           => 240,
+        action          => 'ACCEPT';
+    }
+}
diff --git a/manifests/rules/http/disable.pp b/manifests/rules/http/disable.pp
new file mode 100644
index 0000000..5b54740
--- /dev/null
+++ b/manifests/rules/http/disable.pp
@@ -0,0 +1,5 @@
+class shorewall::rules::http::disable inherits shorewall::http {
+  Shorewall::Rule['net-me-http-tcp']{
+        action  => 'DROP',
+    }
+}
diff --git a/manifests/rules/https.pp b/manifests/rules/https.pp
new file mode 100644
index 0000000..cc49d10
--- /dev/null
+++ b/manifests/rules/https.pp
@@ -0,0 +1,10 @@
+class shorewall::rules::https {
+    shorewall::rule { 'net-me-https-tcp':
+        source          => 'net',
+        destination     => '$FW',
+        proto           => 'tcp',
+        destinationport => '443',
+        order           => 240,
+        action          => 'ACCEPT';
+    }
+}
-- 
cgit v1.2.3