add http://shorewall.net/shorewall_extension_scripts.htm extension_script define

diff --git a/manifests/init.pp b/manifests/init.pp
index 7c3089b1cd2c3e4d1d556a89782e2c3361f48e48..b022cd67f5649ca1694bbc16a66bd405777cc4c8 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -7,6 +7,7 @@
 # at https://reductivelabs.com/trac/puppet/wiki/AqueosShorewall
 #
 # Changes:
+#  * added extension_script define: http://shorewall.net/shorewall_extension_scripts.htm
 #  * FHS Layout: put configuration in /var/lib/puppet/modules/shorewall and
 #    adjust CONFIG_PATH
 #  * remove shorewall- prefix from defines in the shorewall namespace
@@ -17,7 +18,7 @@
 #  * add managing for masq, proxyarp, blacklist, nat, rfc1918
 # adapted by immerda project group - admin+puppet(at)immerda.ch
 # adapted by Puzzle ITC - haerry+puppet(at)puzzle.ch
-#
+# adapted by Riseup Networks - micah(shift+2)riseup.net
 
 modules_dir { "shorewall": }
 
@@ -201,6 +202,20 @@ class shorewall {
         }
     }
 
+    # See http://shorewall.net/shorewall_extension_scripts.htm
+    define extension_script($script = '') {
+      case $name {
+        'init', 'initdone', 'start', 'started', 'stop', 'stopped', 'clear', 'refresh', 'continue', 'maclog': {
+          managed_file { "${name}": }
+          entry { "${name}.d/500-${hostname}":
+            line => "${script}\n";
+          }
+        }
+        '', default: {
+          err("${name}: unknown shorewall extension script")
+        }
+      }
+    }
 }
 
 class shorewall::base {