diff options
| -rw-r--r-- | manifests/subsystems/firewall/vserver.pp | 24 | 
1 files changed, 22 insertions, 2 deletions
| diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp index 623e6f1..e489a68 100644 --- a/manifests/subsystems/firewall/vserver.pp +++ b/manifests/subsystems/firewall/vserver.pp @@ -333,7 +333,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') {  }  class firewall::vserver::tor($destination, $zone = 'fw') { -  shorewall::rule { 'tor-1': +  shorewall::rule { 'tor-0':      action          => 'DNAT',      source          => 'net',      destination     => "$zone:$destination:9001", @@ -343,7 +343,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') {      order           => '2100',    } -  shorewall::rule { 'tor-2': +  shorewall::rule { 'tor-1':      action          => 'DNAT',      source          => '$FW',      destination     => "$zone:$destination:9001", @@ -352,5 +352,25 @@ class firewall::vserver::tor($destination, $zone = 'fw') {      originaldest    => "$ipaddress",      ratelimit       => '-',      order           => '2101', + +  shorewall::rule { 'tor-2': +    action          => 'DNAT', +    source          => 'net', +    destination     => "$zone:$destination:9030", +    proto           => 'tcp', +    destinationport => '9030', +    ratelimit       => '-', +    order           => '2102', +  } + +  shorewall::rule { 'tor-3': +    action          => 'DNAT', +    source          => '$FW', +    destination     => "$zone:$destination:9030", +    proto           => 'tcp', +    destinationport => '9030', +    originaldest    => "$ipaddress", +    ratelimit       => '-', +    order           => '2103',    }  } | 
