Commit 77ef3216 authored by mh's avatar mh

check shorewall daily on problems to alert if a rule won't compile

parent bbd82b23
......@@ -50,4 +50,28 @@ class shorewall::base {
hasrestart => true,
require => Package['shorewall'],
}
file{'/etc/cron.daily/shorewall_check':}
if $shorewall::daily_check {
File['/etc/cron.daily/shorewall_check']{
content => '#!/bin/bash
output=$(shorewall check 2>&1)
if [ $? -gt 0 ]; then
echo "Error while checking firewall!"
echo $output
exit 1
fi
exit 0
',
owner => root,
group => 0,
mode => '0700',
require => Service['shorewall'],
}
} else {
File['/etc/cron.daily/shorewall_check']{
ensure => absent,
}
}
}
......@@ -45,6 +45,7 @@ class shorewall(
$tunnels_defaults = {},
$rtrules = {},
$rtrules_defaults = {},
$daily_check = true,
) {
case $::operatingsystem {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment