adding port 9030 for tor

author drebs <drebs@riseup.net>

Wed, 11 Jan 2012 05:45:43 +0000 (03:45 -0200)

committer drebs <drebs@riseup.net>

Wed, 11 Jan 2012 05:45:43 +0000 (03:45 -0200)
author drebs <drebs@riseup.net>
Wed, 11 Jan 2012 05:45:43 +0000 (03:45 -0200)
committer drebs <drebs@riseup.net>
Wed, 11 Jan 2012 05:45:43 +0000 (03:45 -0200)
diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp

index 623e6f1ffccb3abc4326ceeb4dfaf7d6b03cb769..e489a6848a8c65277f7d708d82701292bdf75872 100644 (file)
--- a/manifests/subsystems/firewall/vserver.pp
+++ b/manifests/subsystems/firewall/vserver.pp
@@ -333,7 +333,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') {
  }
  
  class firewall::vserver::tor($destination, $zone = 'fw') {
-  shorewall::rule { 'tor-1':
+  shorewall::rule { 'tor-0':
      action          => 'DNAT',
      source          => 'net',
      destination     => "$zone:$destination:9001",
@@ -343,7 +343,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') {
      order           => '2100',
    }
  
-  shorewall::rule { 'tor-2':
+  shorewall::rule { 'tor-1':
      action          => 'DNAT',
      source          => '$FW',
      destination     => "$zone:$destination:9001",
@@ -352,5 +352,25 @@ class firewall::vserver::tor($destination, $zone = 'fw') {
      originaldest    => "$ipaddress",
      ratelimit       => '-',
      order           => '2101',
+
+  shorewall::rule { 'tor-2':
+    action          => 'DNAT',
+    source          => 'net',
+    destination     => "$zone:$destination:9030",
+    proto           => 'tcp',
+    destinationport => '9030',
+    ratelimit       => '-',
+    order           => '2102',
+  }
+
+  shorewall::rule { 'tor-3':
+    action          => 'DNAT',
+    source          => '$FW',
+    destination     => "$zone:$destination:9030",
+    proto           => 'tcp',
+    destinationport => '9030',
+    originaldest    => "$ipaddress",
+    ratelimit       => '-',
+    order           => '2103',
    }
  }
author	drebs <drebs@riseup.net>
	Wed, 11 Jan 2012 05:45:43 +0000 (03:45 -0200)
committer	drebs <drebs@riseup.net>
	Wed, 11 Jan 2012 05:45:43 +0000 (03:45 -0200)