there might be people who don't have a stun server

author mh <mh@immerda.ch>

Fri, 13 Jun 2014 07:39:38 +0000 (09:39 +0200)

committer mh <mh@immerda.ch>

Sat, 5 Dec 2015 10:35:24 +0000 (11:35 +0100)
author mh <mh@immerda.ch>
Fri, 13 Jun 2014 07:39:38 +0000 (09:39 +0200)
committer mh <mh@immerda.ch>
Sat, 5 Dec 2015 10:35:24 +0000 (11:35 +0100)
diff --git a/manifests/rules/jabberserver.pp b/manifests/rules/jabberserver.pp

index 14666a0dd1b43e0fa06588766c71c18f07d90b07..0b10420dd2f17cdd0cd39020d32d6e1597fef9ed 100644 (file)
--- a/manifests/rules/jabberserver.pp
+++ b/manifests/rules/jabberserver.pp
@@ -1,6 +1,8 @@
  # open ports used by a jabberserver
  # in and outbound.
-class shorewall::rules::jabberserver {
+class shorewall::rules::jabberserver(
+  $open_stun = true,
+) {
    shorewall::rule {
      'net-me-tcp_jabber':
              source          => 'net',
@@ -9,13 +11,6 @@ class shorewall::rules::jabberserver {
              destinationport => '5222,5223,5269',
              order           => 240,
              action          => 'ACCEPT';
-    'net-me-udp_jabber_stun_server':
-            source          => 'net',
-            destination     => '$FW',
-            proto           => 'udp',
-            destinationport => '3478',
-            order           => 240,
-            action          => 'ACCEPT';
      'me-net-tcp_jabber_s2s':
              source          => '$FW',
              destination     => 'net',
@@ -25,4 +20,15 @@ class shorewall::rules::jabberserver {
              action          => 'ACCEPT';
    }
  
+  if $open_stun {
+    shorewall::rule {
+      'net-me-udp_jabber_stun_server':
+            source          => 'net',
+            destination     => '$FW',
+            proto           => 'udp',
+            destinationport => '3478',
+            order           => 240,
+            action          => 'ACCEPT';
+    }
+  }
  }
author	mh <mh@immerda.ch>
	Fri, 13 Jun 2014 07:39:38 +0000 (09:39 +0200)
committer	mh <mh@immerda.ch>
	Sat, 5 Dec 2015 10:35:24 +0000 (11:35 +0100)