diff options
| author | drebs <drebs@riseup.net> | 2012-01-11 03:45:43 -0200 |
|---|---|---|
| committer | drebs <drebs@riseup.net> | 2012-01-11 03:45:43 -0200 |
| commit | 9cc3e685f4cda15141738da03cf2601a2d00fe58 (patch) | |
| tree | e13a1a21b098a0257d8db76b010189ee57f236d9 /manifests/subsystems/firewall/vserver.pp | |
| parent | 9605a0654c20210afddd936a1be4500139aaeb4a (diff) | |
| download | puppet-nodo-9cc3e685f4cda15141738da03cf2601a2d00fe58.tar.gz puppet-nodo-9cc3e685f4cda15141738da03cf2601a2d00fe58.tar.bz2 | |
adding port 9030 for tor
Diffstat (limited to 'manifests/subsystems/firewall/vserver.pp')
| -rw-r--r-- | manifests/subsystems/firewall/vserver.pp | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp index 623e6f1..e489a68 100644 --- a/manifests/subsystems/firewall/vserver.pp +++ b/manifests/subsystems/firewall/vserver.pp @@ -333,7 +333,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') { } class firewall::vserver::tor($destination, $zone = 'fw') { - shorewall::rule { 'tor-1': + shorewall::rule { 'tor-0': action => 'DNAT', source => 'net', destination => "$zone:$destination:9001", @@ -343,7 +343,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') { order => '2100', } - shorewall::rule { 'tor-2': + shorewall::rule { 'tor-1': action => 'DNAT', source => '$FW', destination => "$zone:$destination:9001", @@ -352,5 +352,25 @@ class firewall::vserver::tor($destination, $zone = 'fw') { originaldest => "$ipaddress", ratelimit => '-', order => '2101', + + shorewall::rule { 'tor-2': + action => 'DNAT', + source => 'net', + destination => "$zone:$destination:9030", + proto => 'tcp', + destinationport => '9030', + ratelimit => '-', + order => '2102', + } + + shorewall::rule { 'tor-3': + action => 'DNAT', + source => '$FW', + destination => "$zone:$destination:9030", + proto => 'tcp', + destinationport => '9030', + originaldest => "$ipaddress", + ratelimit => '-', + order => '2103', } } |