Check zone parameter on firewall class

author Silvio Rhatto <rhatto@riseup.net>

Fri, 26 Sep 2014 20:20:00 +0000 (17:20 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Fri, 26 Sep 2014 20:20:00 +0000 (17:20 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Fri, 26 Sep 2014 20:20:00 +0000 (17:20 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Fri, 26 Sep 2014 20:20:00 +0000 (17:20 -0300)
diff --git a/manifests/init.pp b/manifests/init.pp

index 7543d1ab9d05b0a63c008de59311b5e0ad1f9e68..52dd6e1a9ee409cf53528a40f196fecc984348d5 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -72,11 +72,13 @@ class firewall(
      order   => '1',
    }
  
-  shorewall::host { "${device}":
-    name    => "${device}:0.0.0.0/0",
-    zone    => 'net',
-    options => '',
-    order   => '2',
+  if $zone == '-' {
+    shorewall::host { "${device}":
+      name    => "${device}:0.0.0.0/0",
+      zone    => 'net',
+      options => '',
+      order   => '2',
+    }
    }
  
    shorewall::masq { "${device}":
author	Silvio Rhatto <rhatto@riseup.net>
	Fri, 26 Sep 2014 20:20:00 +0000 (17:20 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Fri, 26 Sep 2014 20:20:00 +0000 (17:20 -0300)