Commit 1951c8a7 authored by Varac's avatar Varac

added $shorewall_startup variable to disable startup, enabled by default

parent e7a5ffbb
......@@ -21,6 +21,7 @@ Example
Example from node.pp:
node xy {
$shorewall_startup="0" # create shorewall ruleset but don't startup
include config::site-shorewall
shorewall::rule {
'incoming-ssh': source => 'all', destination => '$FW', action => 'SSH/ACCEPT', order => 200;
......
class shorewall::debian inherits shorewall::base {
file{'/etc/default/shorewall':
source => "puppet://$server/modules/shorewall/debian/default",
#source => "puppet://$server/modules/shorewall/debian/default",
content => template("shorewall/debian_default.erb"),
require => Package['shorewall'],
notify => Service['shorewall'],
owner => root, group => 0, mode => 0644;
......
# prevent startup with default configuration
# set the following varible to 1 in order to allow Shorewall to start
# This file is brought to you by puppet
<% if (shorewall_startup == "0" ) -%>
startup=0
<% else -%>
startup=1
<% end -%>
# if your Shorewall configuration requires detection of the ip address of a ppp
# interface, you must list such interfaces in "wait_interface" to get Shorewall to
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment