From: Varac <varacanero@zeromail.org>
Date: Thu, 10 Dec 2009 11:51:22 +0000 (+0100)
Subject: added $shorewall_startup variable to disable startup, enabled by default
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=1951c8a7d72f677fff9fbdf955bf883f4d9a4f61;p=puppet-shorewall.git

added $shorewall_startup variable to disable startup, enabled by default
---

diff --git a/README b/README
index 8f58191..a0e54ec 100644
--- a/README
+++ b/README
@@ -21,6 +21,7 @@ Example
 Example from node.pp:
 
 node xy {
+	$shorewall_startup="0"  # create shorewall ruleset but don't startup
 	include config::site-shorewall
 	shorewall::rule {
 		'incoming-ssh': source => 'all', destination => '$FW',  action  => 'SSH/ACCEPT', order => 200;
diff --git a/manifests/debian.pp b/manifests/debian.pp
index 2583d85..d2ba35d 100644
--- a/manifests/debian.pp
+++ b/manifests/debian.pp
@@ -1,6 +1,7 @@
 class shorewall::debian inherits shorewall::base {
     file{'/etc/default/shorewall':
-        source => "puppet://$server/modules/shorewall/debian/default",
+        #source => "puppet://$server/modules/shorewall/debian/default",
+	content => template("shorewall/debian_default.erb"),
         require => Package['shorewall'],
         notify => Service['shorewall'],
         owner => root, group => 0, mode => 0644;
diff --git a/files/debian/default b/templates/debian_default.erb
similarity index 84%
rename from files/debian/default
rename to templates/debian_default.erb
index ba89cdc..1a76fd6 100644
--- a/files/debian/default
+++ b/templates/debian_default.erb
@@ -1,7 +1,13 @@
 # prevent startup with default configuration
 # set the following varible to 1 in order to allow Shorewall to start
 
+# This file is brought to you by puppet
+
+<% if (shorewall_startup == "0" ) -%>
+startup=0
+<% else -%>
 startup=1
+<% end -%>
 
 # if your Shorewall configuration requires detection of the ip address of a ppp
 # interface, you must list such interfaces in "wait_interface" to get Shorewall to