Adding back previous rules but with 'originaldest'

author Silvio Rhatto <rhatto@riseup.net>

Thu, 11 Feb 2010 01:00:43 +0000 (23:00 -0200)

committer Silvio Rhatto <rhatto@riseup.net>

Thu, 11 Feb 2010 01:00:43 +0000 (23:00 -0200)
author Silvio Rhatto <rhatto@riseup.net>
Thu, 11 Feb 2010 01:00:43 +0000 (23:00 -0200)
committer Silvio Rhatto <rhatto@riseup.net>
Thu, 11 Feb 2010 01:00:43 +0000 (23:00 -0200)
diff --git a/manifests/init.pp b/manifests/init.pp

index 1e041cd236bc7230c190af487eb38b67bc5580a1..a747f0e50feb01164b14d9da86f84b96258b8360 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -283,6 +283,28 @@ class nodo::vserver inherits nodo {
              ratelimit       => '-',
              order           => '303',
            }
+
+          shorewall::rule { 'puppetmaster-3':
+            action          => 'DNAT',
+            source          => '$FW',
+            destination     => "fw:192.168.0.$context:8140",
+            proto           => 'tcp',
+            destinationport => '8140',
+            originaldest    => "$ipaddress",
+            ratelimit       => '-',
+            order           => '304',
+          }
+
+          shorewall::rule { 'puppetmaster-4':
+            action          => 'DNAT',
+            source          => '$FW',
+            destination     => "fw:192.168.0.$context:8140",
+            proto           => 'udp',
+            destinationport => '8140',
+            originaldest    => "$ipaddress",
+            ratelimit       => '-',
+            order           => '305',
+          }
          }
  
          if $gitd {
@@ -293,7 +315,7 @@ class nodo::vserver inherits nodo {
              proto           => 'tcp',
              destinationport => '9418',
              ratelimit       => '-',
-            order           => '304',
+            order           => '306',
            }
  
            shorewall::rule { 'git-daemon-2':
@@ -303,7 +325,7 @@ class nodo::vserver inherits nodo {
              proto           => 'tcp',
              destinationport => '9418',
              ratelimit       => '-',
-            order           => '305',
+            order           => '307',
            }
          }
  
@@ -315,7 +337,7 @@ class nodo::vserver inherits nodo {
              proto           => 'tcp',
              destinationport => '8000',
              ratelimit       => '-',
-            order           => '306',
+            order           => '308',
            }
  
            shorewall::rule { 'icecast-2':
@@ -325,7 +347,7 @@ class nodo::vserver inherits nodo {
              proto           => 'tcp',
              destinationport => '8000',
              ratelimit       => '-',
-            order           => '307',
+            order           => '309',
            }
          }
        }
author	Silvio Rhatto <rhatto@riseup.net>
	Thu, 11 Feb 2010 01:00:43 +0000 (23:00 -0200)
committer	Silvio Rhatto <rhatto@riseup.net>
	Thu, 11 Feb 2010 01:00:43 +0000 (23:00 -0200)