Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
7
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
chris
puppet-shorewall
Commits
1951c8a7
Commit
1951c8a7
authored
Dec 10, 2009
by
Varac
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
added $shorewall_startup variable to disable startup, enabled by default
parent
e7a5ffbb
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
9 additions
and
1 deletion
+9
-1
README
README
+1
-0
manifests/debian.pp
manifests/debian.pp
+2
-1
templates/debian_default.erb
templates/debian_default.erb
+6
-0
No files found.
README
View file @
1951c8a7
...
...
@@ -21,6 +21,7 @@ Example
Example from node.pp:
node xy {
$shorewall_startup="0" # create shorewall ruleset but don't startup
include config::site-shorewall
shorewall::rule {
'incoming-ssh': source => 'all', destination => '$FW', action => 'SSH/ACCEPT', order => 200;
...
...
manifests/debian.pp
View file @
1951c8a7
class
shorewall::debian
inherits
shorewall::base
{
file
{
'/etc/default/shorewall'
:
source
=>
"puppet://
$server
/modules/shorewall/debian/default"
,
#source => "puppet://$server/modules/shorewall/debian/default",
content
=>
template
(
"shorewall/debian_default.erb"
),
require
=>
Package
[
'shorewall'
],
notify
=>
Service
[
'shorewall'
],
owner
=>
root
,
group
=>
0
,
mode
=>
0644
;
...
...
fil
es/debian
/
default
→
templat
es/debian
_
default
.erb
View file @
1951c8a7
# prevent startup with default configuration
# set the following varible to 1 in order to allow Shorewall to start
# This file is brought to you by puppet
<%
if
(
shorewall_startup
==
"0"
)
-%>
startup=0
<%
else
-%>
startup=1
<%
end
-%>
# if your Shorewall configuration requires detection of the ip address of a ppp
# interface, you must list such interfaces in "wait_interface" to get Shorewall to
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment