Adds firewall::ssh param

diff --git a/manifests/init.pp b/manifests/init.pp
index c3ebe3479b04d32d1b9b60f950fb24abc7878953..c812955ce88ea222f99d34c09366bb991868132a 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -5,7 +5,8 @@ class firewall(
   $local_net       = hiera('firewall::local_net',      false),
   $device_options  = hiera('firewall::device_options', 'tcpflags,blacklist,routefilter,nosmurfs,logmartians'),
   $vm_address      = hiera('firewall::vm_address',     '192.168.0.0/24'),
-  $vm_device       = hiera('firewall::vm_device',      false)
+  $vm_device       = hiera('firewall::vm_device',      false),
+  $ssh             = hiera('firewall::ssh',            'ACCEPT'),
 ) {
   class { 'shorewall': }
 
@@ -137,7 +138,7 @@ class firewall(
   # Rules
   #
   shorewall::rule { 'ssh':
-    action          => 'SSH/ACCEPT',
+    action          => "SSH/${ssh}",
     source          => 'net',
     destination     => '$FW',
     proto           => '-',